Socket Tier 1 Reachability Analysis #44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Socket Tier 1 Reachability Analysis | |
| on: | |
| schedule: | |
| # every day at 12 AM | |
| - cron: "0 0 * * *" | |
| workflow_dispatch: | |
| inputs: | |
| tags: | |
| description: "Manually run vulnerability analysis" | |
| distinct_id: | |
| description: "Required by the return-dispatch action" | |
| required: true | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| socket-vulnerability-analysis: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - name: Check distinct_id | |
| run: | | |
| echo "distinct_id: ${{ github.event.inputs.distinct_id }}" | |
| - name: Checkout code | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| - name: Install Socket CLI | |
| run: npm install -g socket | |
| - name: Run Tier 1 reachability scan | |
| env: | |
| SOCKET_SECURITY_API_TOKEN: ${{ secrets.SOCKET_API_KEY }} | |
| run: | | |
| # Full application reachability (Tier 1) | |
| socket scan create . \ | |
| --reach \ | |
| --org "workos" \ | |
| --no-interactive |