42Crunch API Security Audit #32

	name: "42Crunch API Security Audit"

	on:
	workflow_dispatch:
	push:
	branches: [ "main" ]
	paths:
	- api-specifications/*
	pull_request:
	# The branches below must be a subset of the branches above
	branches: [ "main" ]


	jobs:
	run_42c_audit:
	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for results upload to Github Code Scanning
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Audit API definition for security issues
	uses: 42Crunch/[email protected]
	with:
	# Upload results to Github Code Scanning
	# Set to false if you don't have Github Advanced Security enabled.
	upload-to-code-scanning: true
	log-level: info
	sarif-report: 42Crunch_AuditReport_${{ github.run_id }}.SARIF
	export-as-pdf: 42Crunch_AuditReport_${{ github.run_id }}.pdf
	audit-reports-dir: ${{ github.workspace }}/reports
	- name: save-sarif-report
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: 42Crunch_AuditReport_${{ github.run_id }}
	path: 42Crunch_AuditReport_${{ github.run_id }}.SARIF
	if-no-files-found: error
	- name: save-pdf-report
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: 42Crunch_AuditReport_${{ github.run_id }}
	path: 42Crunch_AuditReport_${{ github.run_id }}.pdf
	if-no-files-found: error
	- name: save-raw-reports
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: 42Crunch_AuditReport_${{ github.run_id }}
	path: ${{ github.workspace }}/reports
	if-no-files-found: error

Provide feedback