Set up GitHub Actions
Integrating oak9 with Github Actions makes it possible for oak9 to scan Infrastructure-as-code files (Terraform), review scan results in a number of formats, display incidents on the Console, and optionally, fail a pull request if it does not meet a severity threshold.

Setting up a GitHub Action Integration from oak9

In the oak9 console, navigate to the “Integrations” page and click on the “Add Integration” button under Githhub Action in the CI/CD Integrations section.
Select the “Open Github marketplace” button in the console or visit the oak9 GitHub Action directly.
Select a project and oak9 will provide the API Token Name and API Token. Copy paste those to
the repository secrets on GitHub.
Based on your project needs, select the Severity.
Lastly, copy paste the code snippet to your yml file.
`name: Example workflow using oak9
on: push
jobs:
oak9-iac-scan:
runs-on: ubuntu-latest
name: oak9-action
steps:
- name: Checkout repo
uses: actions/[email protected]
- name: oak9 Github Action
id: oak9
uses: oak9io/[email protected]
env:
OAK9_API_TOKEN: ${{ secrets.OAK9_API_TOKEN }}
GITHUB_REPOSITORY: $GITHUB_REPOSITORY
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
organizationId: '[your-oak9-organization-id]'
projectId: '[your-oak9-project-id]'
maximumSeverity: 'High'
logDesignGaps: true`
Copy link