add Fluid attacks workflow

prrvchr · Oct 24, 2023 · 7ccefb0 · 7ccefb0
1 parent d25999f
commit 7ccefb0
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 0 deletions.
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
@@ -0,0 +1,12 @@
+# .github/workflows/dev.yml
+name: Fluid Attacks Scan
+on: [push, pull_request]
+jobs:
+  machineStandalone:
+    name: machineStandalone job
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@master
+      - uses: docker://ghcr.io/fluidattacks/makes/amd64
+        with:
+          args: m gitlab:fluidattacks/universe@trunk /skims scan ./_fascan.yml
diff --git a/Fluid-Attacks-Results.csv b/Fluid-Attacks-Results.csv
@@ -0,0 +1,2 @@
+title,cwe,description,cvss,finding,stream,kind,where,snippet,method
+Summary: No vulnerabilities were found in your targets.
diff --git a/_fascan.yml b/_fascan.yml
@@ -0,0 +1,13 @@
+namespace: mContactOOo
+output:
+  file_path: ./Fluid-Attacks-Results.csv
+  format: CSV
+working_dir: .
+sast:
+  include:
+    - source/mContactOOo/service/pythonpath/mcontact/
+    - glob(source/mContactOOo/service/*.py)
+sca:
+  include:
+    - .
+language: EN