Microsoft Security DevOps for GitHub Actions.
MIT License
Bot releases are visible (Hide)
Published by sethRait 3 months ago
In this release, we're enabling the container-mapping tool by default for customers who have onboarded to Microsoft Defender for Cloud and have enabled their GitHub organization.
Those who do not have Microsoft Defender for Cloud enabled on their GitHub organizations will not be able to run the container-mapping workload and it will be automatically skipped.
With this change, we are deprecating the includeTools
option. If you would like to manually specify which tools to run, this can still be done via the tools
option as before. See the wiki for further instructions.
Published by davidknise 11 months ago
This release brings introduces our first pre
and post
job feature, container-mapping
, as an opt-in feature. It runs docker commands to see which containers have been created during the pipeline for integration with Microsoft Defender for DevOps.
To configure Container Mapping to send conatiner data to Microsoft Defender for DevOps, include container-mapping
as a tool:
- uses: microsoft/security-devops-action@v1
id: msdo
with:
includeTools: container-mapping
This will run all the analyzers defined by the configured or defaulted policy in addition to container-mapping
. To only run this feature, define container-mapping
as the only tool
to run:
- uses: microsoft/security-devops-action@v1
id: msdo
with:
tools: container-mapping
In future releases, we will use this to auto-configure container scanning as well as introduce additional scanning optimizations and capabilities.
Published by davidknise 12 months ago
Adds a backwards compatibility check for the --export-breaking-results-to-file
which going forward still exists, with corrected behavior, and will use --export-file
instead.
Published by davidknise over 1 year ago
Published by davidknise over 1 year ago
msdo-nuget-client.ts
javascript nuget clientPublished by davidknise almost 2 years ago
node16
Upgrade @actions/core dependency
Upgrade @actions/exec dependency
Published by davidknise over 2 years ago
Add tools as an input option to explicitly define which tools to run with default values.
Published by davidknise over 2 years ago
Upgrade the microsoft-security-devops-actions-toolkit to v1.4.2 for shared agent packages.
This change saves considerable space on reusable agents as well as prevent unwanted detections in samples installed with analyzers.
Published by davidknise over 2 years ago
Fix multi categories and languages
Published by davidknise over 2 years ago
Published by davidknise over 2 years ago
GitHub SARIF result format.
Published by davidknise over 2 years ago