Files
starter-workflows/code-scanning/appknox.yml
T
ginilpg 666350e29b Added appknox.yml for code scanning (#2498)
Create appknox.json

Create appknox.svg

Update appknox.json

Update appknox.svg

Rename appknox.json to appknox.properties.json

Update appknox.yml

Update appknox.yml

Update appknox.properties.json

Formatting yml

Removed preview mode from appknox scanner

Removed preview mode from appknox scanner

Add Appknox starter workflow (#2447)

* Added appknox.yml for code scanning

* Create appknox.json

* Create appknox.svg

* Update appknox.json

* Update appknox.svg

* Rename appknox.json to appknox.properties.json

* Update appknox.yml

* Update appknox.yml

* Update appknox.properties.json

* Formatting yml

removed preview mode

removed preview mode

precommit lint
2024-09-17 13:50:21 -05:00

55 lines
2.2 KiB
YAML

# This workflow uses actions that are not certified by GitHub. They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support documentation.
#
# Appknox: Leader in Mobile Application Security Testing Solutions <https://www.appknox.com/>
#
# To use this workflow, you must be an existing Appknox customer with GitHub Advanced Security (GHAS) enabled for your
# repository.
#
# If you *are not* an existing customer, click here to contact us for licensing and pricing details:
# <https://www.appknox.com/free-trial>.
#
# Instructions:
#
# 1. In your repository settings, navigate to 'Secrets' and click on 'New repository secret.' Name the
# secret APPKNOX_ACCESS_TOKEN and paste your appknox user token into the value field. If you don't have a appknox token
# or need to generate a new one for GitHub, visit the Appknox Platform, go to Account Settings->Developer Settings
# and create a token labeled GitHub
#
# 2. Refer to the detailed workflow below, make any required adjustments, and then save it to your repository. After the
# action executes, check the 'Security' tab for results
name: Appknox
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
jobs:
appknox:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build the app
run: ./gradlew build # Update this to build your Android or iOS application
- name: Appknox GitHub action
uses: appknox/appknox-github-action@b7d2bfb2321d5544e97bffcba48557234ab953a4
with:
appknox_access_token: ${{ secrets.APPKNOX_ACCESS_TOKEN }}
file_path: app/build/outputs/apk/debug/app-debug.apk # Specify the path to your .ipa or .apk here
risk_threshold: MEDIUM # Update this to desired risk threshold [LOW, MEDIUM, HIGH, CRITICAL]
sarif: Enable
- name: Upload SARIF to GHAS
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: report.sarif