# This is a basic workflow to help you get started with Actions

 

name: Dotnet CI Scan

 

# Controls when the action will run. Triggers the workflow on push or pull request

# events but only for the master branch

on:

  push:

  branches: [master]

  repository_dispatch:

 

# A workflow run is made up of one or more jobs that can run sequentially or in parallel

jobs:

  # This workflow contains a single job called "build" 

  build:

    # The type of runner that the job will run on

    runs-on: ubuntu-latest

    # Steps represent a sequence of tasks that will be executed as part of the job

    steps:

    # Checks-out your repository under $GITHUB_WORKSPACE,      so your job can access it

    - uses: actions/checkout@v2

 

    - name: Cloud Defense Scan

    run: |

       curl https://raw.githubusercontent.com/CloudDefenseAI/cd/master/latest/cd-latest-linux-x64.tar.gz > /tmp/cd-latest-linux-x64.tar.gz && tar -C /usr/local/bin -xzf /tmp/cd-latest-linux-x64.tar.gz && chmod +x /tmp/cdefense

       /tmp/vsp_defense scan -- verbose --lang=dotnet --go --project-name=vulnerable-dotnet-github-action --api-key= <YOUR_API_KEY>