Skip to main content

Example: Scan integration with GitHub

Review the Scan integration steps before you integrate Contrast Scan with GitHub.

This example shows how to set up a GitHub workflow.

- name: Set up contrast-cli
  run: |
    npm install --location=global @contrast/contrast@latest
- name: Scan file
  env:
    CT_API_KEY: ${{ secrets.CONTRAST__API__API_KEY }}
    CT_AUTH_TOKEN: ${{ secrets.CONTRAST__API__AUTH_TOKEN }}
    ORG_ID: ${{ secrets.CONTRAST__API__ORGANIZATION_ID }}
    URL: ${{ secrets.CONTRAST__API__URL }}
  run: |
    contrast-cli --scan ./target/${{ inputs.SERVICE_NAME }}-${{ steps.build-service.outputs.version }}.jar \
      --api_key $CT_API_KEY \
      --authorization $CT_AUTH_TOKEN \
      --organization_id $ORG_ID \
      --host $URL \
      --project_name MY-Project \
      --language JAVA --wait_for_scan
In this section: