OpenContext is pleased to announce the release of two GitHub Actions. We know it’s critical that we meet our customers where they are at. What better way to do this than with the GitHub Actions platform? We’re using it to integrate real-time context for code and artifacts so you know the experts working on those key parts of your technical stack. We also know that SBOM requirements add another layer of information to track. Our GitHub Action allows you to automate and record each SBOM artifact as well.
These GitHub Actions integrate seamlessly into your existing workflow. Let us reduce your toil and keep AppSec teams happy. The GitHub Actions can be used alone or in tandem, depending on your needs. They are:
The first GitHub Action will generate an artifact record in the OpenContext YAML format. Using this, you can:
Our second GitHub Action will create an SBOM as an artifact tied to your release. This lets you:
OpenContext is here to help you collect and organize the myriad pieces of data needed to solve problems, be ready for the next Log4j vulnerability, and follow security and supply chain standards. We believe the key to more effective AppSec and DevOps is guardrails that show how things work. Our GitHub Actions integrate with an automated data platform that will capture your technical stack and data lineage, while also connecting it to the people who are doing the work. These features reduce your toil so you can focus on scalability, migrations, reliability, best practices, and security.
Give it a try! You can sign up for our beta here.