GitHub Actions lets you automate tasks within your software development life cycle. As GitHub Actions are event-driven, you can run a series of commands after a specified event has occurred.
You can integrate Netsparker Enterprise with GitHub using scripts, generated by our Integration Script Generator.
This topic explains how to generate and use the script to integrate Netsparker Enterprise with GitHub Actions.
For further information, see What Systems Does Netsparker Integrate With?.
Generating and Using Netsparker Enterprise’s GitHub Actions Script
Netsparker Enterprise uses the GitHub Actions script tools to integrate with GitHub.
How to Generate Netsparker Enterprise's GitHub Actions Scripts
- Log in to Netsparker Enterprise.
- From the main menu, select Integrations > New Integration.
- From the Continuous Integration Systems section, select GitHub Actions.
- From the Integration Script Generator section, select the relevant Scan Settings:
- From the Scan Type field, select an option.
- From the Website dropdown, select a website.
- From the Scan Profile dropdown, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type).
- Enable the Stop the scan if the Build fails, if required.
- Enable the Fail the Build if one of the selected scan severity is detected, if required.
- In the GitHub Actions Script, select Copy to copy the script. (You will then paste this into the file described in the next How to.)
Using Netsparker Enterprise's GitHub Actions Script
You can use the GitHub Actions script to automate the scan.
- A GitHub Account
- A GitHub Actions Script generated by Netsparker Enterprise
Make sure you created .github/workflows directory. For further information, see Quickstart for GitHub Actions.
How to Use Netsparker Enterprise's GitHub Actions Script
- Log in to your GitHub account.
- Navigate to your GitHub Actions window.
- Paste the copied script (from the previous How to) into the jobs section of [your-project].yml, and then commit and push it to the Git repository.
Committing the workflow file in your repository triggers the event when necessary and runs your workflow.
For further information about configuring the workflow, see Workflow syntax for GitHub Actions.
For an example scan workflow script, see Netsparker GitHub Actions.