GitHub Actions lets you automate tasks within your software development life cycle. As GitHub Actions are event-driven, you can run a series of commands after a specified event has occurred.
You can integrate Invicti Enterprise with GitHub using scripts, generated by our Integration Script Generator.
This topic explains how to generate and use the script to integrate Invicti Enterprise with GitHub Actions.
For further information, see What Systems Does Invicti Integrate With?.
Generating and Using Invicti Enterprise’s GitHub Actions Script
Invicti Enterprise uses the GitHub Actions script tools to integrate with GitHub.
How to Generate Invicti Enterprise's GitHub Actions Scripts
- Log in to Invicti Enterprise.
- From the main menu, select Integrations > New Integration.
- From the Continuous Integration Systems section, select GitHub Actions.
- From the Integration Script Generator section, select the relevant Scan Settings:
- From the Scan Type field, select an option.
- From the Website dropdown, select a website.
- From the Scan Profile dropdown, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type).
- In the GitHub Actions Script, select Copy to copy the script. (You will then paste this into the file described in the next How to.)
Using Invicti Enterprise's GitHub Actions Script
You can use the GitHub Actions script to automate the scan.
- A GitHub Account
- A GitHub Actions Script generated by Invicti Enterprise
Make sure you created .github/workflows directory. For further information, see Quickstart for GitHub Actions.
How to Use Invicti Enterprise's GitHub Actions Script
- Log in to your GitHub account.
- Navigate to your GitHub Actions window.
- Paste the copied script (from the previous How to) into the jobs section of [your-project].yml, and then commit and push it to the Git repository.
Committing the workflow file in your repository triggers the event when necessary and runs your workflow.
For further information about configuring the workflow, see Workflow syntax for GitHub Actions.
For an example scan workflow script, see Invicti GitHub Actions.