Skip to content

Github Code scanning

Integration with Github code scanning

Scan action can be integrated with GitHub code scanning tool.

Navigate to security settings on your repository and then to Code scanning alerts.

Reports

Register for beta access if required. Then look for scan on the marketplace integration.

Reports

A workflow integration file with the name shiftleft-analysis.yml will be presented. Save this file or configure based on the inline help provided in the workflow file.

Reports

Any subsequent build would be automatically scanned using scan. The findings will be viewable on the Code scanning alerts tab.

Tip

Scan would automatically appear as a check for Pull Requests. No additional configuration is required!

Refer to this example for a complete workflow integrated with scan.

Last update: January 25, 2023