GitHub Action
AWS Sustainability Scanner GitHub Action
AWS Sustainability Scanner GitHub Action
AWS Sustainability Scanner GitHub Action
Run AWS Sustainability Scanner against infrastructure as code as a pre-packaged GitHub Action
Installation
Copy and paste the following snippet into your .yml file.
- name: AWS Sustainability Scanner GitHub Action
uses: aws-actions/sustainability-scanner@v1.2.0
AWS Sustainability Scanner GitHub action
This GitHub Action runs AWS Sustainability Scanner against infrastructure-as-code to identify sustainability best practices, generates a report with a score and suggested improvements to apply to your template.
Usage
In your Github worflows, under steps, add the following:
name: AWS Sustainability Scanner
uses: aws-actions/sustainability-scanner@v1
with:
<INPUTS>Inputs
file
Path to the specific file you want to scan.
directory
Path to the directory you want to scan. Every .json, .yml and .yaml files that this directory contain will be scan.
rules_file
Path to your .json file to extend the Susscan rules set.
Outputs
results
The results from the scanner. See how to use it in this example.
Example usage
Simple usage with one specific file
name: susscan
# Controls when the workflow will run
on:
# Triggers the workflow on push events but only for the "main" branch
push:
branches: "main"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "scan"
scan:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so follow-up steps can access it
- uses: actions/checkout@v3
# Run AWS Sustainability Scanner against template.yaml
- name: AWS Sustainability Scanner
uses: aws-actions/sustainability-scanner@v1
with:
file: 'template.yaml'Usage with a directory and custom rules set
name: susscan
on:
push:
branches: "main"
workflow_dispatch:
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Run AWS Sustainability Scanner against "my-cf-stacks" folder with an additional rules set
- name: AWS Sustainability Scanner
uses: aws-actions/sustainability-scanner@v1
with:
directory: 'my-cf-stacks'
rules-file: 'tests/additional-rules.json'Use output for commenting pull requests
name: susscan
on:
pull_request:
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: AWS Sustainability Scanner
uses: aws-actions/sustainability-scanner@v1
id: scanner
with:
file: 'template.yaml'
# Use scanner output to create a comment on pull request
- name: Comment on pull request
uses: actions/github-script@v7
with:
script: |
result=${{ (steps.scanner.outputs.results) }}
const score = result.sustainability_score
const number_failed_rules = result.failed_rules.length
if (score === 0) {
body = `✅ Your current sustainability score is **${score}**. Sustainability scanner did not find any improvements to apply to your template.`
} else {
body = `❌ Your current sustainability score is **${score}**. Sustainability scanner suggests **${number_failed_rules}** improvements to apply to your template.\nCheck out the details of the sustainability scanner here: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}`
}
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
})Security
See CONTRIBUTING for more information.
License
This library is licensed under the MIT-0 License. See the LICENSE file.