Skip to content
.github/workflows/check-packs.yml

EKS Anonymous API Access Detection Rule #932

Sign in to view logs

EKS Anonymous API Access Detection Rule

EKS Anonymous API Access Detection Rule #932

Workflow file for this run

.github/workflows/check-packs.yml at 9ccea93
on:
workflow_dispatch:
pull_request:
branches:
- develop
permissions:
contents: read
pull-requests: write
jobs:
check_packs:
name: check packs
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
files.pythonhosted.org:443
github.com:443
pypi.org:443
- name: Checkout panther-analysis
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1
- name: Set python version
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 #v5.2.0
with:
python-version: "3.11"
- name: Install panther_analysis_tool
run: pip install panther_analysis_tool
- name: Check packs
continue-on-error: true
id: check-packs
run: |
panther_analysis_tool check-packs 2> errors.txt || true
# run again to get exit code
panther_analysis_tool check-packs || echo "errors=`cat errors.txt`" >> $GITHUB_OUTPUT
- name: Comment PR
uses: thollander/actions-comment-pull-request@e2c37e53a7d2227b61585343765f73a9ca57eda9
if: ${{ steps.check-packs.outputs.errors }}
with:
mode: upsert
message: |
:scream:
looks like some things could be wrong with the packs
```diff
${{ steps.check-packs.outputs.errors }}
```
comment-tag: check-packs
- name: Delete comment
uses: thollander/actions-comment-pull-request@e2c37e53a7d2227b61585343765f73a9ca57eda9
if: ${{ !steps.check-packs.outputs.errors }}
with:
mode: delete
message: |
:scream:
looks like some things could be wrong with the packs
```diff
${{ steps.check-packs.outputs.errors }}
```
comment-tag: check-packs