Amplify Runner Action
ActionsTags
(2)Github Action to run Amplify Security's CI Runner.
This action launches a container within your workflow that will authenticate with Amplify’s public API, execute code scanners against your changes, and submit scan results to Amplify for generating remediations.
For most users, you’ll setup this action via the onboarding process when signing up at Amplify. You can however introduce this to existing workflows. A minimal (incomplete) config with the necessary YAML is provided below.
---
on:
pull_request:
push:
branches: ["main"]
permissions:
id-token: write
jobs:
amplify-security-scan:
# name is currently used to properly identify the workflow in Amplify
name: Amplify Security Scan
runs-on: ubuntu-latest
# external PRs do not have permission to request ID tokens
if: !github.event.pull_request.head.repo.fork
steps:
- name: Run Amplify Security Scan
uses: amplify-security/[email protected]
Amplify Runner Action is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.
About
Tags
(2)Amplify Runner Action is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.