Skip to content

pritchyspritch/workflow-templates

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
templates
templates
 
 
README.md
README.md
 
 

Repository files navigation

workflow-templates

This repository contains template GitHub Actions workflow files that consume the Reusable Workflows.

Templates

You can find the template workflows in the templates folder. The templates supplied here include the:

Template descriptions

Static Analysis Code Scanning Templates

These templates implement the CodeQL static analysis scanning reusable workflows. The language used in your repo must be added to the template files, the default in the files are C#.

For the default rules, you can reference reusable-codeql-workflow.yml@main:

[...]
    uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-codeql-workflow.yml@main
    with:
      language: 'csharp'

For extended security rules, you can reference reusable-extended-sec-codeql.yml:

[...]
    uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-extended-sec-codeql.yml@main
    with:
      language: 'csharp'

For security and code quality rules, you can reference reusable-sec-and-quality-codeql.yml:

[...]
    uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-sec-and-quality-codeql.yml@main
    with:
      language: 'csharp'

Container Scanning Template

This template implements the container scanning reusable workflow. The Dockerfile path must be added to the template file:

[...]
    uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-container-workflow.yml@main
    with:
      docker-path: './Docker-test'

Terraform Scanning Template

This template implements the terraform scanning reusable workflow. The terraform directory path must be added to the template file:

[...]
    uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-tfsec-workflow.yml@main
    with:
      terraform-path: 'terraform/aws'

Vulnerability Scanning Template

This template implements the vulnerability scanning reusable workflow. The template has example workflow calls based on a build workflow running successfully due to the assumption that a vulnerability scan will run once the changes are deployed:

on:
  workflow_run:
    workflows: [Build] # A workflow has run to build a web application / component and has completed
    types: [completed]
[...]

The web application URL must be added to the template file:

[...]
      uses: pritchyspritch/reusable-workflows/.github/workflows/reusable-vulnerabilityscan-workflow.yml@main
      with:
        website-url: 'https://pritchyspritch.github.io' # Set website URL

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published