GitHub Actions
Bearer offers a GitHub Action for using Bearer to scan your codebase periodically.

Step 1: Create a Bearer API token

  1. 1.
  2. 2.
    Go to Settings > Git Broker.
  3. 3.
    Copy and save the Git Broker token somewhere safe👇.
We recommend that you pass the BEARER_TOKEN as an environment variable and that you store this variable as a secret on GitHub (either at the repository level or at the organization level)

Step 2: Use the GitHub Action

Add a new job to your GitHub workflow using the Action as follows in the .github/workflows/example-workflow.yaml file:
1
name: Bearer Scanner
2
3
on:
4
schedule:
5
- cron: "0 9 * * *" # Runs every day at 9:00 am
6
7
permissions:
8
contents: read # Minimal permissions
9
10
jobs:
11
security:
12
runs-on: ubuntu-latest
13
steps:
14
- name: Run Bearer
15
uses: bearer/[email protected]
16
env:
17
BEARER_TOKEN: ${{ secrets.BEARER_TOKEN }}
Copied!