Skip to content
spectralops

GitHub Action

Spectral Scan

v5 Latest version

Spectral Scan

spectralops

Spectral Scan

Automated Secrets, Misconfiguration, and IaC Misconfiguration detection by SpectralOps

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Spectral Scan

uses: SpectralOps/spectral-github-action@v5

Learn more about this action in SpectralOps/spectral-github-action

Choose a version



SpectralOps logo

Spectral Scan

Install Spectral Scan action

Spectral Scan is a single self-contained binary, that's easy to get and use. This action installs the latest Spectral version into your PATH.

Example usage

Include this Action as a step in your workflow:

uses: spectralops/spectral-github-action@v4
with:
  spectral-dsn: $SPECTRAL_DSN
  spectral-args: scan --ok

You can see an example of this Action here

Configuration

You'll need to provide Spectral DSN as an input variable. You should always store your DSN in a secure way, like below in GitHub secrets.

name: Spectral

on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Install and run Spectral CI
        uses: spectralops/spectral-github-action@v4
        with:
          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
          spectral-args: scan --ok

Spectral provides another scan option to audit your Github/Gitlab organization, user or repo.

name: Spectral

on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Install and run Spectral Audit
        uses: spectralops/spectral-github-action@v4
        with:
          spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
          spectral-args: github -k repo -t ${{ secrets.MY_GITHUB_TOKEN }} https://github.com/SpectralOps/spectral-github-action --include-tags base,audit --ok

How to Contribute

We welcome issues to and pull requests against this repository!

License

This project is licensed under the MIT License. See LICENSE for further details.