Skip to content

Scanning all frameworks by default #114

Scanning all frameworks by default

Scanning all frameworks by default #114

Workflow file for this run

name: Kubescape scanning for misconfigurations
on: [push, pull_request]
jobs:
kubescape-scan:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- uses: kubescape/github-action@main
continue-on-error: true
with:
format: sarif
outputFile: results.sarif
# Kubescape Portal credentials
account: ${{secrets.KUBESCAPE_ACCOUNT}}
accessKey: ${{secrets.KUBESCAPE_ACCESS_TOKEN}}
server: ${{ vars.KUBESCAPE_SERVER }}
# # Optional - Scan a specific path. Default will scan all
# files: "examples/*.yaml"
- name: Upload Kubescape scan results to Github Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif