Skip to content

GitHub Actions

The simplest way to integrate with GitHub Actions is the official Drape Action:

name: CI
on: [push, pull_request]

permissions:
  contents: read
  pull-requests: write

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Run tests
        run: pytest --junitxml=results.xml --cov --cov-report=xml:coverage.xml
        continue-on-error: true

      - name: Upload test results
        uses: drape-io/drape-action@v2
        if: always()
        continue-on-error: true
        with:
          command: tests
          file: results.xml
          api-key: ${{ secrets.DRAPE_API_KEY }}

      - name: Upload coverage
        uses: drape-io/drape-action@v2
        if: always()
        continue-on-error: true
        with:
          command: coverage
          file: coverage.xml
          format: cobertura
          api-key: ${{ secrets.DRAPE_API_KEY }}

Using the CLI Directly

If you prefer to use the CLI without the action:

- name: Install Drape CLI
  run: |
    curl -sL https://github.com/drape-io/drape-cli/releases/latest/download/drape_linux_amd64.tar.gz | tar xz
    sudo mv drape /usr/local/bin/

- name: Upload test results
  run: drape upload tests results.xml --wait
  env:
    DRAPE_API_KEY: ${{ secrets.DRAPE_API_KEY }}
    DRAPE_ORG: my-org

Security Scans

Run a vulnerability scanner and upload the SARIF output:

- name: Run Grype scan
  uses: anchore/scan-action@v6
  with:
    image: my-app:latest
    output-format: sarif
    output-file: scan.sarif

- name: Upload scan results
  uses: drape-io/drape-action@v2
  if: always()
  continue-on-error: true
  with:
    command: scan
    file: scan.sarif
    format: sarif
    scan-name: my-app
    scan-type: image
    fail-on-vulnerabilities: 'true'
    fail-on-severity: high
    api-key: ${{ secrets.DRAPE_API_KEY }}