walkero
/
flawfinder
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Merge branch 'master' of https://github.com/david-a-wheeler/flawfinder

This commit is contained in:
David A. Wheeler 2021-06-27 16:28:54 -04:00
parent 51c988dc47 45c084d82d
commit 8951154ac9
5 changed files with 83 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
.github/workflows/main.yml vendored Normal file
View File

@ -0,0 +1,27 @@
on: [push]
jobs:
flawfinder:
name: Flawfinder
runs-on: ubuntu-latest
steps:
# To use this repository's private action,
# you must check out the repository
- name: Checkout
uses: actions/checkout@v2
- name: Flawfinder action step
uses: ./ # Uses an action in the root directory
with:
arguments: '--sarif ./setup.py'
output: 'flawfinder_results.sarif'
- name: Upload a Build Artifact
uses: actions/upload-artifact@v2.2.4
with:
path: flawfinder_results.sarif
- name: Upload analysis results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: ${{github.workspace}}/flawfinder_results.sarif

10
Dockerfile Normal file
View File

@ -0,0 +1,10 @@
# Container image that runs your code
FROM python:3
# Copies your code file from your action repository to the filesystem path `/` of the container
COPY entrypoint.sh /entrypoint.sh
RUN pip install flawfinder
# Code file to execute when the docker container starts up (`entrypoint.sh`)
ENTRYPOINT ["/entrypoint.sh"]

22
README.md
View File

@ -94,6 +94,28 @@ vulnerabilities in programs that cannot be built or cannot be linked.
Flawfinder also doesn't get as confused by macro definitions Flawfinder also doesn't get as confused by macro definitions
and other oddities that more sophisticated tools have trouble with. and other oddities that more sophisticated tools have trouble with.
# Flawfinder Github Action
## Usage
See [action.yml](https://github.com/david-a-wheeler/flawfinder/blob/main/action.yml)
Create a .yml file under .github/workflows with the following contents:
### Basic:
```yml
- name: Flawfinder
uses: david-a-wheeler/flawfinder@v1.0
with:
arguments: '--sarif ./'
output: 'flawfinder_results.sarif'
```
### Input options:
- arguments: Flawfinder command arguments.
Visit https://github.com/david-a-wheeler/flawfinder/blob/master/README.md#usage to check all parameters.
- output: Flawfinder output file name. Can be uploaded to Github.
# Contributions # Contributions
We love contributions! For more information on contributing, see We love contributions! For more information on contributing, see

17
action.yml Normal file
View File

@ -0,0 +1,17 @@
name: 'Flawfinder'
description: 'Execute Flawfinder'
inputs:
arguments:
description: 'Command arguments to be sent to Flawfinder'
required: true
default: ''
output:
description: 'Output file name'
required: true
default: ''
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.arguments }}
- ${{ inputs.output }}

7
entrypoint.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/sh -l
# $1 arguments
# $2 output filename
flawfinder $1 > $2
echo "Executed with success."