Timo Behrendt
ac5d3b08ca
Some checks failed
CD / Release (push) Failing after 13s
Reviewed-on: #1 Co-authored-by: Timo Behrendt <t.behrendt@t00n.de> Co-committed-by: Timo Behrendt <t.behrendt@t00n.de>
30 lines
901 B
Markdown
30 lines
901 B
Markdown
# tas-actions
|
|
|
|
Reusable GitHub Actions for [TAS (Tea Advanced Security)](https://github.com/go-gitea/gitea): upload SARIF reports and gate CI on the API response.
|
|
|
|
## Actions
|
|
|
|
### [tas-upload-sarif](tas-upload-sarif/)
|
|
|
|
Uploads a SARIF report from a file to TAS and **fails the job** if the API returns `allowed: false`.
|
|
|
|
**Example workflow** (e.g. after a security scan that produces SARIF):
|
|
|
|
```yaml
|
|
jobs:
|
|
scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
# Run your scanner and produce SARIF (e.g. to results.sarif)
|
|
# - run: ./run-scanner --output results.sarif
|
|
|
|
- name: Upload SARIF to TAS and gate
|
|
uses: your-org/tas-actions/tas-upload-sarif@v1
|
|
with:
|
|
tas-base-url: 'https://tas.example.com'
|
|
sarif-file: 'results.sarif'
|
|
```
|
|
|
|
See [tas-upload-sarif/README.md](tas-upload-sarif/README.md) for all inputs and options. |