Integrate GitHub Action

Runtime security monitoring for your CI workflows in GitHub actions.

Add the listen.dev step to your workflow file

Open your project's repository in GitHub. In your repository, go to the "Actions" tab.
Click "New Workflow" and create a new workflow file in .github/workflows
Add the listen.dev GitHub Action and include the API key as a secret.

        uses: listendev/action@v0.13.1
        with: 
          jwt: ${{ secrets.LSTN_API_KEY }}
          runtime: only

To instrument an existing workflow, we recommend adding the step on top of your workflow file after the checkout step.

For example:

Do the first run

Commit and push the changes to activate the integration.

Scans are only invoked on events of type pull_request. Make sure this is configured on your desired branches on top of the workflow file.

Last updated 15 days ago