How to add a custom CodeSecurity scan for the side branch via Github Action?

How to add a custom CodeSecurity scan for the side branch via Github Action?

7924
Created On 05/20/22 00:57 AM - Last Modified 01/19/23 04:26 AM


Objective


How to add a custom CodeSecurity scan for the side branch via Github Action?

Environment


  • Prisma Cloud

Procedure


If you want additional custom scanning, will need to configure a CI/CD job.

There are the steps for the configuration of GitHub Action.

  1. Access the Add Repository Page on Prisma Cloud Console, then click the GitHub Actions on the CI/CD Systems section.
  2. Copy the "BC_API_KEY"(Name) and your Access Key&Secret Key(Value), then create a new repository secret on your Github repository.GithubSecrets.png
  3. Copy the sample code on Configure Job Page, then replace the "step" of your new workflow as follows.AddGithubAction.pngAddGithubAction_2.png
    • Note - Please specify your target side branch name in the workflow file(sample is “dev”).
  4. Try to push some codes to your target branch, then the scan will be triggered like below.Result.png
 

Additional Information


Code Security will scan:

  • The main branch of all integrated repos periodically, twice per day, but not in real time.
  • The main branch that triggered by the “Scan Now"  button or API.
  • The changes in PRs of integrated repos, for any branch.


Reference:
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sYcRCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language