Skip to content
/ scan-action Public

A GitHub action to kick off a Tidelift scan

License

MIT license
4 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tidelift/scan-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yml

action.yml

 
 

entrypoint.sh

entrypoint.sh

 
 

Repository files navigation

⚠️ Deprecated ⚠️

This repository is deprecated. Please use https://github.com/tidelift/alignment-action instead.

Tidelift Align GitHub Action

The Tidelift Align GitHub action allows you to integrate a Tidelift catalog scan into your GitHub repositories.

This lets you fail PRs that add unapproved packages as a part of your CI/CD process.

For more information see https://docs.tidelift.com

Example usage

To use this Action, you need to create a workflow like the following

name: Tidelift Align
on: [push]

jobs:
  build:
    name: Run Tidelift to ensure approved open source packages are in use
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Scan
        uses: tidelift/scan-action@main
        env:
          TIDELIFT_API_KEY: ${{ secrets.TIDELIFT_API_KEY }}
          TIDELIFT_ORGANIZATION: ${{ secrets.TIDELIFT_ORGANIZATION }}
          TIDELIFT_PROJECT: ${{ secrets.TIDELIFT_PROJECT }}

Tidelift secrets

The example above refers to a number of secrets. These secrets can be retrieved from your Tidelift web UI in the API key section. More information on Tidelift API keys can be found in the documentation

About

A GitHub action to kick off a Tidelift scan

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

18 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages