appsweep-action icon indicating copy to clipboard operation
appsweep-action copied to clipboard

Published 20 hours ago verified publisher icon Guardsquare

Metadata

GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process



AppSweep

GitHub action for AppSweep Mobile Application Security Testing

Usage

This action can be used to automate scanning your Android application using a GitHub action

Example workflow

# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
  appsweep-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
        with:
          repository: ''

      - uses: guardsquare/appsweep-action@main
        with:
          appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
          input_file: InsecureBankv2.apk
          commit_hash: ${{ github.sha }}

Inputs

Input Description
APPSWEEP_API_KEY Project API key for your AppSweep project, should be stored using Github SECRETS
INPUT_FILE The APK that will be uploaded to AppSweep
MAPPING_FILE (optional) An optional obfuscation mapping file for the build
LIBRARY_FILE (optional) An optional library mapping file for the build
COMMIT_HASH (recommended) A recommended parameter to track the commit hash of the build
TAGS (optional) An optional set of tags to append to your build

Examples

Using all the optional inputs

This is how to use the optional input:

# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
  appsweep-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
        with:
          repository: ''

      - uses: guardsquare/appsweep-action@main
        with:
          appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
          input_file: InsecureBankv2.apk
          mapping_file: mapping.txt
          library_file:
          commit_hash: ${{ github.sha }}
          tags: release

Using AppSweep Gradle Plugin in GitHub actions

In case you use the AppSweep Gradle plugin there is no need to provide TAGS, LIBRARY_FILE, MAPPING_FILE, and COMMIT_HASH as they will be computed automatically. This is how to use the AppSweep Gradle plugin in GitHub actions:

# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
  appsweep-scan:
    runs-on: ubuntu-latest
    steps:
      - name: check out repository code
        uses: actions/checkout@master

      - name: setup java
        uses: actions/setup-java@v3
        with:
          distribution: 'oracle'
          java-version: '17'

      - name: upload with gradle
        env:
          appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
        run: ./gradlew uploadToAppSweepDebug  # You can change the task name in here.

Metadata

17
Stars
3
Forks
Watchers

Owner

verified publisher icon Guardsquare

Metadata

GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process

Back