Skip to content
This repository has been archived by the owner on Jun 3, 2024. It is now read-only.
/ scan-action Public archive

A GitHub action to kick off a Tidelift scan

License

Notifications You must be signed in to change notification settings

tidelift/scan-action

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

⚠️ Deprecated ⚠️

This repository is deprecated. Please use https://github.com/tidelift/alignment-action instead.

Tidelift Align GitHub Action

The Tidelift Align GitHub action allows you to integrate a Tidelift catalog scan into your GitHub repositories.

This lets you fail PRs that add unapproved packages as a part of your CI/CD process.

For more information see https://docs.tidelift.com

Example usage

To use this Action, you need to create a workflow like the following

name: Tidelift Align
on: [push]

jobs:
  build:
    name: Run Tidelift to ensure approved open source packages are in use
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Scan
        uses: tidelift/scan-action@main
        env:
          TIDELIFT_API_KEY: ${{ secrets.TIDELIFT_API_KEY }}
          TIDELIFT_ORGANIZATION: ${{ secrets.TIDELIFT_ORGANIZATION }}
          TIDELIFT_PROJECT: ${{ secrets.TIDELIFT_PROJECT }}

Tidelift secrets

The example above refers to a number of secrets. These secrets can be retrieved from your Tidelift web UI in the API key section. More information on Tidelift API keys can be found in the documentation

About

A GitHub action to kick off a Tidelift scan

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •