Skip to main content

GitHub Actions - Using GitHub Actions

The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow. It provides a wrapper around the Checkmarx One CLI Tool, which creates a zip archive from your source code repository and uploads it to Checkmarx One for scanning. The GitHub Action provides easy integration with GitHub while enabling scan customization using the full functionality and flexibility of the Checkmarx One CLI tool.

A GitHub Action can be customized to trigger scans for particular actions. For example, when a push or pull request occurs on specific branches of your repo. You can also add pre and post-scan steps to your workflow. For example, you can add a step to screen commits to verify if the changes warrant running a new scan.

In this video, we will guide you through the initial setup of a Checkmarx One with GitHub Actions.

Please see the articles below for more details and instructions to configure GitHub Actions with the Checkmarx One platform.

Checkmarx One GitHub Actions

Checkmarx One GitHub Actions Initial Setup

Configuring a GitHub Action with a Checkmarx One Workflow

Viewing GitHub Action Checkmarx One Scan Results

Quick Start Guide - Checkmarx One GitHub Action

GitHub Actions - Changelog

Notice

This article explains how to generate the Client Id and Client Secret credentials in Checkmarx One.

Creating an OAuth Client for Checkmarx One Integrations