Skip to content
.github/workflows/tf_inspect_task.yml

Update trigger.yml #3

Sign in to view logs

Update trigger.yml

Update trigger.yml #3

Workflow file for this run

.github/workflows/tf_inspect_task.yml at 22f1673
# .github/workflows/security_inspection.yml
name: Security Inspection with Microsoft Defender
on:
workflow_call:
inputs:
gh_environment:
required: true
type: string
jobs:
inspect:
name: Inspect Code with Microsoft Defender for DevOps
runs-on: ubuntu-latest
environment: ${{ inputs.gh_environment }}
steps:

Check failure on line 17 in .github/workflows/tf_inspect_task.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/tf_inspect_task.yml

Invalid workflow file 

You have an error in your yaml syntax on line 17
- name: Checkout Code
uses: actions/checkout@v3
- name: Install Microsoft Defender for DevOps CLI
run: |
curl -sSL https://aka.ms/defender-install | bash
- name: Run Microsoft Defender for DevOps
run: |
defender-scan --subscription-id ${{ secrets.AZURE_SUBSCRIPTION_ID }} \
--resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--client-id ${{ secrets.AZURE_CLIENT_ID }} \
--tenant-id ${{ secrets.AZURE_TENANT_ID }} \
--client-secret ${{ secrets.AZURE_CLIENT_SECRET }} \
--repository $GITHUB_REPOSITORY \
--branch $GITHUB_REF_NAME
- name: Upload Scan Results
if: always()
uses: actions/upload-artifact@v3
with:
name: defender-scan-results
path: ./defender-scan-results/
# steps:
# - name: Checkout Code
# uses: actions/checkout@v3
# - name: Set up Microsoft Defender for DevOps
# run: |
# echo "Setting up Microsoft Defender for DevOps..."
# - name: Run Microsoft Defender for DevOps
# run: |
# # Replace with the actual command or script to run Microsoft Defender for DevOps
# # Example: defender-scan or a script provided by Microsoft
# defender-scan --subscription-id ${{ secrets.AZURE_SUBSCRIPTION_ID }} \
# --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
# --client-id ${{ secrets.AZURE_CLIENT_ID }} \
# --tenant-id ${{ secrets.AZURE_TENANT_ID }} \
# --client-secret ${{ secrets.AZURE_CLIENT_SECRET }} \
# --repository $GITHUB_REPOSITORY \
# --branch $GITHUB_REF_NAME
# - name: Upload Scan Results
# if: always()
# uses: actions/upload-artifact@v3
# with:
# name: defender-scan-results
# path: ./defender-scan-results/