This GitHub Action enables you to automatically upload your app versions to Oversecured for security scanning. An action user must have an active Integration.
access_token: Required. Your Oversecured API keyintegration_id: Required. The integration ID from Oversecuredbranch_name: Optional. The branch name,mainis defaultapp_path: Required. The path to the app file you wish to uploaddelete_running: Optional. Delete running scan if it exists,falseis default
- Store your Oversecured API key as a secret in your GitHub repository. Navigate to your GitHub repository, go to the
Settingstab, selectSecretsfrom the left sidebar, and click theNew repository secretbutton. Name the secretOVERSECURED_API_KEYand paste your key. - Add the Oversecured job to your GitHub Actions workflow.
Android example:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Change wrapper permissions
run: chmod +x ./gradlew
- name: Build gradle project
run: ./gradlew build
- name: Build debug apk
run: ./gradlew assembleDebug
- name: Oversecured Scanner
uses: oversecured/oversecured-github@v1
with:
access_token: ${{ secrets.OVERSECURED_API_KEY }}
integration_id: ${{ vars.OVERSECURED_INTEGRATION_ID }}
branch_name: ${{ vars.OVERSECURED_BRANCH_NAME }}
app_path: ./app/build/outputs/apk/debug/app-debug.apkiOS example:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Pods Install
run: |
pod install
- name: Zip Sources
run: |
zip -q -r OversecuredZipped.zip .
- name: Oversecured Scanner
uses: oversecured/oversecured-github@v1
with:
access_token: ${{ secrets.OVERSECURED_API_KEY }}
integration_id: ${{ vars.OVERSECURED_INTEGRATION_ID }}
branch_name: ${{ vars.OVERSECURED_BRANCH_NAME }}
app_path: OversecuredZipped.zipSubmit a request using the contact form.
The scripts and documentation in this project are released under the MIT License.