Hello,
If you want to integrate the OX scanner into your GitHub Action pipelines, you can use this Python program.
Modify the following parameters:
- ACCESS_TOKEN - insert your GitHub token to allow the pipeline scanner to insert the GitHub Actions YAML file. repo/workflow/user permissions required
- ox_host_url - insert your self-hosted OX server URL to allow the scanner to connect to your OX instance.
- [optionally] - if running self-hosted GitHub, supply a
--github-apiargument so that the action connects properly to your GH instance.
For additional options, please refer to this link: https://github.com/oxsecurity/ox-security-scan, if you decide to make changes to the YAML file contents.
GitHub SaaS:
python main.py
Self-hosted GitHub:
python main.py --github-api "gh-server.mycompany.com"