Update Code Scanning Security Tool to ShiftLeft (#8)

themotleyfool · Apr 19, 2021 · 31496bf · 31496bf
1 parent 3492264
commit 31496bf
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/.github/workflows/shiftleft.yml b/.github/workflows/shiftleft.yml
@@ -0,0 +1,25 @@
+# This workflow integrates ShiftLeft NG SAST with GitHub
+# Visit https://docs.shiftleft.io for help
+name: Analyze with ShiftLeft NG SAST
+
+on:
+  push:
+    branches:
+      - master
+  pull_request: # include to analyze when you create a pull request
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  NGSAST:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v2
+    - name: Download ShiftLeft cli
+      run: |
+        curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
+    - name: Python
+      run: ${GITHUB_WORKSPACE}/sl analyze --verbose --app django-saml2-auth --tag branch=${GITHUB_REF} --python $(pwd)
+      env:
+        SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}