This action stops a Bright discovery.
Bright is a powerful dynamic application & API security testing (DAST) platform that security teams trust and developers love.
Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports
Bright works with your existing CI/CD pipelines – trigger scans on every commit, pull request or build with unit testing.
One file. One command. One scan. No UI needed.
Interacts with applications and APIs, instead of just crawling them and guessing. Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks.
Stop chasing ghosts and wasting time. Bright doesn’t return false positives, so you can focus on releasing code.
Bright tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE -- as well as uncommon vulnerabilities, such as business logic vulnerabilities.
More information is available on Bright’s:
Required. Your Bright API authorization token (key). You can generate it in the Organization section in the Bright app. Find more information here.
Example: api_token: ${{ secrets.BRIGHTSEC_TOKEN }}
Required. Discovery ID to stop.
Example: discovery: ${{ steps.start.outputs.id }}
Required. Project ID for the Discovery.
Example: project_id: ${{ vars.PROJECT_ID }}
start_and_stop_discovery:
runs-on: ubuntu-latest
name: A job to run a Bright discovery
steps:
- name: 🏁 Start Bright Discovery
id: start
uses: NeuraLegion/run-discovery@master
with:
api_token: ${{ secrets.BRIGHTSEC_TOKEN }}
name: GitHub scan ${{ github.sha }}
project_id: ${{ vars.PROJECT_ID }}
discovery_types: |
[ "crawler", "archive" ]
crawler_urls: |
[ "https://juice-shop.herokuapp.com" ]
file_id: LiYknMYSdbSZbqgMaC9Sj
hosts_filter: |
[ ]
- name: Get the output discovery url
run: echo "The discovery was started on ${{ steps.start.outputs.url }}"
- name: ⏳ Wait for discovery to finish
id: wait
uses: NeuraLegion/wait-for-discovery@master
with:
api_token: ${{ secrets.BRIGHTSEC_TOKEN }}
discovery: ${{ steps.start.outputs.id }}
timeout: 100
- name: 🛑 Stop the discovery
if: ${{ always() }}
id: stop
uses: NeuraLegion/stop-discovery@master
with:
api_token: ${{ secrets.BRIGHTSEC_TOKEN }}
discovery_id: ${{ steps.start.outputs.id }}
project_id: ${{ vars.PROJECT_ID }}