38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
|
# This workflow requires that you have an existing account with codescan.io
|
||
|
# For more information about configuring your workflow,
|
||
|
# read our documentation at https://github.com/codescan-io/codescan-scanner-action
|
||
|
name: CodeScan
|
||
|
|
||
|
on:
|
||
|
push:
|
||
|
branches: [ main, upload-artifact ]
|
||
|
pull_request:
|
||
|
# The branches below must be a subset of the branches above
|
||
|
branches: [ main ]
|
||
|
schedule:
|
||
|
- cron: '43 5 * * 1'
|
||
|
|
||
|
jobs:
|
||
|
CodeScan:
|
||
|
runs-on: ubuntu-latest
|
||
|
steps:
|
||
|
- name: Checkout repository
|
||
|
uses: actions/checkout@v2
|
||
|
- name: Cache files
|
||
|
uses: actions/cache@v2
|
||
|
with:
|
||
|
path: |
|
||
|
~/.sonar
|
||
|
key: ${{ runner.os }}-sonar
|
||
|
restore-keys: ${{ runner.os }}-sonar
|
||
|
- name: Run Analysis
|
||
|
uses: codescan-io/codescan-scanner-action@master
|
||
|
with:
|
||
|
login: ${{ secrets.CODESCAN_AUTH_TOKEN }}
|
||
|
organization: ${{ secrets.CODESCAN_ORGANIZATION_KEY }}
|
||
|
projectKey: ${{ secrets.CODESCAN_PROJECT_KEY }}
|
||
|
- name: Upload SARIF file
|
||
|
uses: github/codeql-action/upload-sarif@v1
|
||
|
with:
|
||
|
sarif_file: codescan.sarif
|