Skip to content
shield

GitHub Action

Yor GitHub Action

0.3.0 Latest version

Yor GitHub Action

shield

Yor GitHub Action

Run Yor against IaC templates as a pre-packaged GitHub Action

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Yor GitHub Action

uses: bridgecrewio/[email protected]

Learn more about this action in bridgecrewio/yor-action

Choose a version

Maintained by Bridgecrew.io slack-community

Yor GitHub action

This GitHub Action runs Yor against an Infrastructure-as-Code repository. Yor applies tags to your infrastructure allowing easier governance, ownership and visibility.

Example usage

Simple Example

jobs:
  yor-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Run yor action
        uses: bridgecrewio/yor-action@main

Note that this example uses the latest version (main). and that fetch-depth: 0 on checkout is required for yor

        with:
          fetch-depth: 0

Complex Examples

Using tag + tag_groups Parameters

jobs:
  yor-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Run yor action
        uses: bridgecrewio/yor-action@main
        env:
          LOG_LEVEL: DEBUG
        with:
          version: 0.1.129
          directory: path/to/iac
          skip_directory: test
          tag: git_modifiers,git_commit,git_repository,yor_trace
          tag_groups: git,code2cloud
          custom_tags: path/to/plugin.so
          output_format: json

Using skip_tags + tag_groups Parameters

jobs:
  yor-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Run yor action
        uses: bridgecrewio/yor-action@main
        env:
          LOG_LEVEL: DEBUG
        with:
          directory: path/to/iac
          skip_directory: test
          skip_tags: git_modifiers,git_commit,git_repository
          tag_groups: git
          custom_tags: path/to/plugin.so
          output_format: json
      - name: Commit tag changes
        uses: stefanzweifel/git-auto-commit-action@v4

Committing at your own timing instead of right after the tags were updated:

jobs:
  yor-job:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Run yor action
        uses: bridgecrewio/yor-action@main
        with:
          commit_changes: false