Skip to content
Suggest autofixes with Kubescape for direct commits by PR

Merge pull request #64 from kubescape/release-3.0.4 #13

Sign in to view logs

Merge pull request #64 from kubescape/release-3.0.4

Merge pull request #64 from kubescape/release-3.0.4 #13

Workflow file for this run

.github/workflows/example-fix-commit.yaml at 1c87cda
name: Suggest autofixes with Kubescape for direct commits by PR
on:
push:
branches: [ main ]
jobs:
kubescape-fix-commit:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v35
- uses: kubescape/github-action@main
with:
account: ${{ secrets.KUBESCAPE_ACCOUNT }}
accessKey: ${{ secrets.KUBESCAPE_ACCESS_KEY }}
server: ${{ vars.KUBESCAPE_SERVER }}
files: ${{ steps.changed-files.outputs.all_changed_files }}
fixFiles: true
format: "sarif"
- uses: peter-evans/create-pull-request@v4
# Remember to allow GitHub Actions to create and approve pull requests
# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests
if: github.event_name != 'pull_request_target'
with:
add-paths: |
*.yaml
commit-message: "chore: fix K8s misconfigurations"
title: "[Kubescape] chore: fix K8s misconfigurations"
body: |
# What this PR changes
[Kubescape](https://github.com/kubescape/kubescape) has found misconfigurations in the targeted branch. This PR fixes the misconfigurations that have automatic fixes available.
You may still need to fix misconfigurations that do not have automatic fixes.
base: ${{ github.head_ref }}
branch: kubescape-auto-fix-${{ github.head_ref || github.ref_name }}
delete-branch: true