Configuration Guide
Customize RSOLV GitHub Action to meet your security needs.
Configuration Options
Input Parameters
- • rsolvApiKey (required)
- • mode (scan/validate/mitigate)
- • max_issues (limit processing)
- • github-token (auto-provided)
Workflow Settings
- • Triggers (push, PR, schedule)
- • Permissions (contents, issues, PRs)
- • Timeout and concurrency
Complete Workflow Example
For detailed parameter explanations and advanced options, see the Workflow Templates page.
Note: The examples below show workflow syntax. When copying, replace SECRETS placeholders with your actual GitHub Secrets.
Operation Modes
| Mode | Description | Cost |
|---|---|---|
| scan | Detect vulnerabilities, create GitHub issues, register a PipelineRun | Free |
| process |
Validate and fix all pending issues for a PipelineRun (requires
pipeline_run_id
from scan)
|
Counts against monthly validate and fix limits |
| full | Run all phases in one job: scan, validate, and mitigate | Counts against monthly validate and fix limits |
| validate |
Validate a single issue (advanced, requires issue_number)
|
Counts against monthly validate limit |
| mitigate |
Fix a single validated issue (advanced, requires issue_number)
|
Counts against monthly fix limit |
Required Permissions
| Permission | Required For | Purpose |
|---|---|---|
| contents: write | All modes | Read code, create branches |
| issues: write | scan, validate | Create/update issues |
| pull-requests: write | mitigate | Create fix PRs |
Organization Settings: Ensure GitHub Actions can create PRs in Settings → Actions → General.
Advanced Configuration
Max Issues
Limit how many issues to process (default: 10). Helps control costs and execution time.
Tip: Start with max_issues: '1' or '2' when testing mitigate mode.
Workflow Triggers
- • push: Run on code pushes to specified branches
- • pull_request: Scan PRs before merging
- • schedule: Periodic scans (e.g., weekly with cron)
- • workflow_dispatch: Manual trigger from Actions UI
Timeout
Set timeout-minutes to prevent runaway jobs. Recommended: 20-30 minutes for most repositories.
Concurrency Control
Prevent multiple simultaneous workflow runs. Use cancel-in-progress: true to stop older runs when new commits arrive.