Amplify Runner Action

Github Action to run Amplify Security's CI Runner.

This action launches a container within your workflow that will authenticate with Amplify’s public API, execute code scanners against your changes, and submit scan results to Amplify for generating remediations.

Usage

For most users, you’ll setup this action via the onboarding process when signing up at Amplify. You can however introduce this to existing workflows. A minimal (incomplete) config with the necessary YAML is provided below.

---
on:
  pull_request:
  push:
    branches: ["main"]

permissions:
  id-token: write

jobs:
  amplify-security-scan:
    # name is currently used to properly identify the workflow in Amplify
    name: Amplify Security Scan
    runs-on: ubuntu-latest
    # external PRs do not have permission to request ID tokens
    if: !github.event.pull_request.head.repo.fork
    steps:
     - name: Run Amplify Security Scan
       uses: amplify-security/[email protected]

What is Amplify Security?

Amplify Security is a cloud-native security platform that integrates industry leading security tools into your development workflow and provides automtically generated code fixes for security vulnerabilities.