So you want to add secure coding checks in your CI pipeline? You've come to the right place! We've made it so that you can call Pangea API's from GitHub Actions . This means you can now:
Check for malicious URLs sneaking around in your code
Store, manage, and rotate your secrets in Pangea's Vault
Have a tamper proof log of commits with Pangea's Secure Audit Log
Anything else you can imagine doing with the Pangea API's
We took the opportunity tho to help you get started though. Below are two examples of how we used Pangea in some Github Action.
Pangea's Vault + GitHub Actions
Store, rotate, and manage your secrets in Pangea Vault. The video above shows it in action and if you want to add this to your project, check out the Pangea Vault Secrets Action here.
Pangea's URL Reputation + PR
Here is an example of how we can identify URLs, run a Pangea Reputation check on them, and block the PR from getting merged. This action also logs the results into the Secure Audit log. Watch it run in the video above and check out the sample here.
Basic Pangea Call
So what if I don't want to do what those out of the box actions are doing? What if I wanted to create something of my own? Well here is some sample code for you to copy into a .yml file and create your own.
name: "Name of Your Workflow"
on:
pull_request:
types: [opened]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: pangeacyber/pangea-github-action-api@1.0.0
with:
endpoint: "<service name>.<call name>" # example: audit.log
payload: "<JSON payload>"
token: ${{secrets.PANGEA_TOKEN}}
domain: ${{secrets.PANGEA_DOMAIN}}
Adjust the endpoint name to your desired API call. If you wanted to log a message, it would look like audit.log.
Create a payload that is expected by that call. Check out our reference documentation for that information
Make sure to add your Pangea Token and Pangea Domain to your repository's secrets.
Questions?
We’re here to help! Got questions? Join our Slack community
Mention us @pangeacyber on X / Twitter to tell us what you’re working on! We’re looking forward to seeing what you build!