From d0e44f0faa51521db26f707980f9ebe5c2399659 Mon Sep 17 00:00:00 2001 From: vibhuti goyal Date: Mon, 8 May 2023 17:48:01 +0530 Subject: [PATCH] bug:updated changelog.yml name feat: updated tfsec.yml file --- .../{changelog.yaml => changelog.yml} | 0 .github/workflows/tfsec.yml | 46 ++++--------------- 2 files changed, 9 insertions(+), 37 deletions(-) rename .github/workflows/{changelog.yaml => changelog.yml} (100%) diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yml similarity index 100% rename from .github/workflows/changelog.yaml rename to .github/workflows/changelog.yml diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 018a45d..103f88a 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -1,42 +1,14 @@ name: tfsec +permissions: write-all + on: pull_request: + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: jobs: - tfsec: - name: tfsec sarif report - runs-on: ubuntu-latest - - steps: - - name: Clone repo - uses: actions/checkout@master - - - name: tfsec - uses: aquasecurity/tfsec-sarif-action@v0.1.0 - with: - sarif_file: tfsec.sarif - working_directory: ./_example/ - full_repo_scan: true - - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v1 - with: - # Path to SARIF file relative to the root of the repository - sarif_file: tfsec.sarif - - - name: tfsec commenter for PR - uses: tfsec/tfsec-pr-commenter-action@main - with: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - working_directory: ./_example/ - - - - name: 'Terraform security scan Advanced' - uses: triat/terraform-security-scan@v3.0.3 - if: github.event_name == 'pull_request' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - tfsec_actions_working_dir: ./_example/ - tfsec_actions_comment: true - tfsec_output_format: sarif - continue-on-error: true + call-workflow-tfsec: + uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master + secrets: inherit + with: + working_directory: './_example'