Skip to content

Commit

Permalink
Add permissions to Brakeman job
Browse files Browse the repository at this point in the history 
Adds permissions for Brakeman workflow to upload findings to GitHub Code Scanning within this repository. This will enhance visibility within GitHub UI, with findings displayed similarly to CodeQL. An example can be viewed [here](alphagov/support-api#932). 

This PR will be reviewed and merged by the Platform Security and Reliability team. Any questions or concerns, please reach out in our channel: #govuk-platform-security-reliability-team.

GOV.UK Infrastructure PR dependent on this: [Link](alphagov/govuk-infrastructure#1238).

[Trello card](https://trello.com/c/AFw2LOkY/3457-integrate-brakeman-findings-with-github-code-scanning-5)
  • Loading branch information
@MuriloDalRi
MuriloDalRi committed Apr 11, 2024
1 parent 507538d commit f9a7a47
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,3 +57,8 @@ jobs:
security-analysis:
name: Security Analysis
uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
secrets: inherit
permissions:
contents: read
security-events: write
actions: read

0 comments on commit f9a7a47

Please sign in to comment.