GitHub Actions
Use the official Rorix GitHub Action to scan your .NET dependencies as part of your CI/CD pipeline.
Basic Usage
name: Security Scan
on: [push, pull_request]
jobs:
rorix:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rorix Scan
uses: rorix-security/rorix-action@v1
with:
api-key: ${{ secrets.RORIX_API_KEY }}With Policy Enforcement
name: Security Scan
on: [push, pull_request]
jobs:
rorix:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Rorix Policy Check
uses: rorix-security/rorix-action@v1
with:
api-key: ${{ secrets.RORIX_API_KEY }}
command: scan
policy-file: .rorix.ymlSARIF Upload to GitHub Security Tab
name: Security Scan
on: [push, pull_request]
jobs:
rorix:
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- uses: actions/checkout@v4
- name: Rorix Scan
uses: rorix-security/rorix-action@v1
id: rorix
with:
api-key: ${{ secrets.RORIX_API_KEY }}
format: sarif
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.rorix.outputs.sarif-file }}Inputs
| Input | Required | Default | Description |
| --- | --- | --- | --- |
| api-key | Yes | — | Your Rorix API key (use a repository secret) |
| command | No | scan | Command to run: scan or sbom |
| format | No | table | Output format: table, json, or sarif |
| policy-file | No | — | Path to a .rorix.yml policy file |
| path | No | . | Path to the project or solution file |
Outputs
| Output | Description |
| --- | --- |
| sarif-file | Path to the generated SARIF file (when format is sarif) |
| exit-code | Exit code from the scan (0 = clean, 1 = issues found) |
Setting Up the API Key
- Go to your Rorix dashboard and create an API key
- In your GitHub repository, go to Settings then Secrets and variables then Actions
- Click New repository secret
- Name it
RORIX_API_KEYand paste your key