From 904f33810f625a54354493da4299c94196f81dfb Mon Sep 17 00:00:00 2001 From: Igor Date: Wed, 27 May 2026 11:13:04 +0200 Subject: [PATCH] Add InfraScan audit workflow for security scanning Signed-off-by: Igor --- .github/workflows/infrascan.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/infrascan.yml diff --git a/.github/workflows/infrascan.yml b/.github/workflows/infrascan.yml new file mode 100644 index 00000000..232c0904 --- /dev/null +++ b/.github/workflows/infrascan.yml @@ -0,0 +1,32 @@ +name: InfraScan Audit + +on: + push: + pull_request: + +jobs: + infrascan: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Create Reports Directory + run: | + mkdir -p infrascan-reports + chmod 777 infrascan-reports + + - name: Run InfraScan + uses: soldevelo/infrascan@v1.0.6 + with: + scanner: comprehensive + format: html + out: infrascan-reports/report.html + + - name: Upload InfraScan Report + uses: actions/upload-artifact@v4 + if: always() # Upload report even if the scan step fails + with: + name: infrascan-report + path: infrascan-reports/report.html + retention-days: 14