appsweep-action
appsweep-action copied to clipboard
GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process
GitHub action for AppSweep Mobile Application Security Testing
Usage
This action can be used to automate scanning your Android application using a GitHub action
Example workflow
# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
appsweep-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
with:
repository: ''
- uses: guardsquare/appsweep-action@main
with:
appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
input_file: InsecureBankv2.apk
commit_hash: ${{ github.sha }}
Inputs
Input | Description |
---|---|
APPSWEEP_API_KEY |
Project API key for your AppSweep project, should be stored using Github SECRETS |
INPUT_FILE |
The APK that will be uploaded to AppSweep |
MAPPING_FILE (optional) |
An optional obfuscation mapping file for the build |
LIBRARY_FILE (optional) |
An optional library mapping file for the build |
COMMIT_HASH (recommended) |
A recommended parameter to track the commit hash of the build |
TAGS (optional) |
An optional set of tags to append to your build |
Examples
Using all the optional inputs
This is how to use the optional input:
# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
appsweep-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
with:
repository: ''
- uses: guardsquare/appsweep-action@main
with:
appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
input_file: InsecureBankv2.apk
mapping_file: mapping.txt
library_file:
commit_hash: ${{ github.sha }}
tags: release
Using AppSweep Gradle Plugin in GitHub actions
In case you use the AppSweep Gradle plugin there is no need to provide TAGS
, LIBRARY_FILE
,
MAPPING_FILE
, and COMMIT_HASH
as they will be computed automatically. This is how to use the
AppSweep Gradle plugin in GitHub actions:
# This workflow will initiate a Guardsquare AppSweep scan of your APK
name: AppSweep mobile application security testing
on: [push]
jobs:
appsweep-scan:
runs-on: ubuntu-latest
steps:
- name: check out repository code
uses: actions/checkout@master
- name: setup java
uses: actions/setup-java@v3
with:
distribution: 'oracle'
java-version: '17'
- name: upload with gradle
env:
appsweep_api_key: ${{ secrets.APPSWEEP_API_KEY }}
run: ./gradlew uploadToAppSweepDebug # You can change the task name in here.