Skip to content

rl-security-scanner

rl-security-scanner #5

Workflow file for this run

name: RL-Security-Scanner
run-name: rl-security-scanner
on:
push:
branches:
- 'reversing_labs'
pull_request:
types:
- closed
workflow_dispatch:
permissions:
id-token: write
contents: write
jobs:
rl-scanner:
name: Run Reversing Labs Scanner
# if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && github.event.pull_request.base.ref == 'master' && startsWith(github.event.pull_request.head.ref, 'release/'))
runs-on: ubuntu-latest
outputs:
scan-status: ${{ steps.rl-scan-conclusion.outcome }}
strategy:
matrix:
xcode:
- '15.0.1'
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up
uses: ./.github/actions/setup
with:
xcode: ${{ matrix.xcode }}
- name: Build package
shell: bash
run: |
zip -r auth0-swift.zip ./*
- name: Get Artifact Version
id: get_version
run: |
version=$(awk -F'"' '/let version/ {print $2}' Auth0/Version.swift)
echo "version=$version" >> $GITHUB_OUTPUT
- name: Run Reversing Labs Scanner
id: rl-scan-conclusion
uses: ./.github/actions/rl-scanner
with:
artifact-path: "$(pwd)/auth0-swift.zip"
version: "${{ steps.get_version.outputs.version }}"
env:
RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
- name: Output scan result
run: echo "scan-status=${{ steps.rl-scan-conclusion.outcome }}" >> $GITHUB_ENV