RIPS is a static code analysis solution to automatically find security issues in your code. This action performs a security scan of your project's code located at $GITHUB_WORKSPACE.

You can use the following configuration to start a new code analysis with RIPS and to add a security gate that fails vulnerable builds when, for example, more than 10 critical issues are detected.

steps:
- uses: actions/checkout@v1
  with:
    fetch-depth: 1
- uses: rips/github-action-scan@v1
  env:
    RIPS_BASE_URI: "https://api-3.ripstech.com"
    RIPS_EMAIL: ${{ secrets.RIPS_EMAIL }}
    RIPS_PASSWORD: ${{ secrets.RIPS_PASSWORD }}
  with:
    application-id: 923
    additional-parameters: -t critical:10 

• The application-id can be found in the RIPS user interface.
• The secrets have to be configured in the repository settings (GitHub documentation).
• The documentation for the additional-parameters is located at: https://kb.ripstech.com/display/DOC/RIPS+CLI