38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
# This workflow requires that you have an existing account with codescan.io
|
|
# For more information about configuring your workflow,
|
|
# read our documentation at https://github.com/codescan-io/codescan-scanner-action
|
|
name: CodeScan
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, upload-artifact ]
|
|
pull_request:
|
|
# The branches below must be a subset of the branches above
|
|
branches: [ main ]
|
|
schedule:
|
|
- cron: '43 5 * * 1'
|
|
|
|
jobs:
|
|
CodeScan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Cache files
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: |
|
|
~/.sonar
|
|
key: ${{ runner.os }}-sonar
|
|
restore-keys: ${{ runner.os }}-sonar
|
|
- name: Run Analysis
|
|
uses: codescan-io/codescan-scanner-action@master
|
|
with:
|
|
login: ${{ secrets.CODESCAN_AUTH_TOKEN }}
|
|
organization: ${{ secrets.CODESCAN_ORGANIZATION_KEY }}
|
|
projectKey: ${{ secrets.CODESCAN_PROJECT_KEY }}
|
|
- name: Upload SARIF file
|
|
uses: github/codeql-action/upload-sarif@v1
|
|
with:
|
|
sarif_file: codescan.sarif
|