Create codescan-analysis.yml
This commit is contained in:
parent
2bf9babf87
commit
4c80ed3dc1
|
@ -0,0 +1,37 @@
|
||||||
|
# This workflow requires that you have an existing account with codescan.io
|
||||||
|
# For more information about configuring your workflow,
|
||||||
|
# read our documentation at https://github.com/codescan-io/codescan-scanner-action
|
||||||
|
name: CodeScan
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [ main, upload-artifact ]
|
||||||
|
pull_request:
|
||||||
|
# The branches below must be a subset of the branches above
|
||||||
|
branches: [ main ]
|
||||||
|
schedule:
|
||||||
|
- cron: '43 5 * * 1'
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
CodeScan:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: Cache files
|
||||||
|
uses: actions/cache@v2
|
||||||
|
with:
|
||||||
|
path: |
|
||||||
|
~/.sonar
|
||||||
|
key: ${{ runner.os }}-sonar
|
||||||
|
restore-keys: ${{ runner.os }}-sonar
|
||||||
|
- name: Run Analysis
|
||||||
|
uses: codescan-io/codescan-scanner-action@master
|
||||||
|
with:
|
||||||
|
login: ${{ secrets.CODESCAN_AUTH_TOKEN }}
|
||||||
|
organization: ${{ secrets.CODESCAN_ORGANIZATION_KEY }}
|
||||||
|
projectKey: ${{ secrets.CODESCAN_PROJECT_KEY }}
|
||||||
|
- name: Upload SARIF file
|
||||||
|
uses: github/codeql-action/upload-sarif@v1
|
||||||
|
with:
|
||||||
|
sarif_file: codescan.sarif
|
Loading…
Reference in New Issue