Utilizing GitHub's Built-in Security Features and GitHub Actions to Automate SAST and Deployment for EJS Web Applications

Abstract

This thesis explores GitHub's security features and GitHub Actions for automating Static Application Security Testing (SAST) processes and Embedded JavaScript (EJS) web application deployment. It addresses research questions regarding the topic, guided by Tommi Lahti and Deepak KC. The thesis involves explaining SAST and EJS concepts, discussing the example project, and utilizing GitHub's features. The primary research method combines literature review, hands-on implementation, and analysis. GitHub's security features and Actions effectively automate SAST processes for EJS web applications, including code linting, secret scanning, dependency scanning, and code scanning. GitHub Actions automate EJS web application deployment to GitHub Pages. Recommendations include organizations adopting GitHub's features and Actions to enhance EJS web application security and deployment. Automating SAST processes improves security, while GitHub Actions streamline deployment for efficient updates on GitHub Pages. This thesis contributes to understanding GitHub's features and Actions for SAST automation and deployment, highlighting automation's benefits in development, security, and deployment. Future work may explore additional GitHub features and Actions, expand to other web frameworks, and investigate external tool integration with GitHub Actions.