Skip to content

docs(terraform): add best practice recommendation to README for AKS cluster configuration and networking feat(terraform): implement separate VNets for each AKS cluster as a best practice #305

docs(terraform): add best practice recommendation to README for AKS cluster configuration and networking feat(terraform): implement separate VNets for each AKS cluster as a best practice

docs(terraform): add best practice recommendation to README for AKS cluster configuration and networking feat(terraform): implement separate VNets for each AKS cluster as a best practice #305

Workflow file for this run

---
name: fortidevsec
on: # yamllint disable-line rule:truthy
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
init:
name: init
runs-on: ubuntu-latest
outputs:
action: ${{ steps.init.outputs.action }}
steps:
- id: init
name: "init"
shell: bash
run: |
if [[ -n "${{ secrets.FORTIDEVSECORGID }}" && -n "${{ secrets.FORTIDEVSECAPPID }}" ]]
then
echo 'action=true' >> "${GITHUB_OUTPUT}"
else
echo 'action=false' >> "${GITHUB_OUTPUT}"
fi
fortidevsec-sast:
needs: [init]
if: needs.init.outputs.action == 'true'
name: https://fortidevsec.forticloud.com/
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: Scan
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
#docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --risk_rating 1
#docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --url https://robinmordasiewicz.github.io/devops-toolkit/