Infrastructure as Code (IaC) GitHub Workflow
The Infrastructure as Code (iac) component focuses on analyzing your infrastructure code for security vulnerabilities. This component helps in identifying misconfigurations and security risks in your infrastructure setup, ensuring that your cloud resources are configured securely before deployment.
The iac workflow accepts the following inputs:
| Name | Description | Required | Default Value |
|---|---|---|---|
api-url | URL of the DevGuard API | No | https://api.devguard.org |
asset-name | Name of the asset to be scanned | Yes | |
path | Path to the source code to be scanned | No | . |
Usage Example:
Here's an example of how to call this reusable workflow from another workflow file:
name: DevGuard Workflow
on:
push
jobs:
devguard-iac:
uses: l3montree-dev/devguard-action/.github/workflows/iac.yml@main
with:
api-url: https://api.devguard.org
asset-name: 'myOrganization/projects/myProject/assets/myAsset'
secrets:
devguard-token: ${{ secrets.DEVGUARD_TOKEN }}