Automate Tests with GitHub Actions Tutorial

Our clever and thoughtful developers have created a freely-available sample Java Spring application with some common vulnerabilities (for example, SQL injection and proxy disclosure ) that you can use to see StackHawk in action. So you don’t have to test your own application. You don’t even need to run anything on your own computer. No downloads or environment configurations needed. You can run this sample application and test it in GitHub using a provided workflow in GitHub Actions, and still have time to get that Mochaccino Frappé you love so much from Starbucks.

<(°.°)> So try not! Do.

Before you Begin

You will need to have the following to successfully complete this tutorial:

• StackHawk account - it’s free to set up, so no regerts!

  

• GitHub account - also free to set up - can’t buy me hotdog man!
• Modern browser - one of the following will work: Chrome, Firefox, or Safari

Test our sample app using GitHub Actions

To test our sample app with GitHub Actions, the following steps you must complete:

In StackHawk:

1. Get an API Key

In GitHub:

2. Fork Javaspringvulny
3. Add the API Key as a repository secret

In StackHawk:

4. Get an Application ID
5. Enable GitHub integration

In GitHub:

6. Enable GitHub Actions workflows
7. Add a GitHub Actions workflow file
8. Open a PR and run a HawkScan test

In StackHawk:

9. View results in StackHawk