GitHub Documentation

CodeSonar can be used within a GitHub Action workflow to automatically scan and analyze the source code in your GitHub repository. This CodeSonar GitHub Integration package provides templates and examples to help you configure CodeSonar to analyze your code and report results to your GitHub repository web location.

This document provides a step-by-step walkthrough of a GitHub workflow which invokes a CodeSonar analysis from within a Docker container. After the walkthrough section, there is a section containing remarks on how to adapt the walkthrough to a Microsoft Windows platform.

NOTICE: A private GitHub repository with a GitHub Enterprise license is required for this CodeSonar integration.

To download the latest integration kit please use this link which will require you to login into the support portal.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Posts by topic including static analysis, software assurance, and binary analysis