Codacy Security Scan #58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow uses actions not certified by GitHub. They are provided by a | |
# third-party and governed by separate terms of service, privacy policy, and | |
# support documentation. This workflow checks out code, performs a Codacy | |
# security scan, and integrates the results with GitHub Advanced Security code | |
# scanning feature. For more info on the Codacy Security Scan action usage and | |
# parameters, see: https://github.com/codacy/codacy-analysis-cli-action. | |
# For more info on Codacy Analysis CLI in general, see: | |
# https://github.com/codacy/codacy-analysis-cli. | |
name: Codacy Security Scan | |
on: | |
push: | |
branches: [ "master" ] | |
pull_request: | |
branches: [ "master" ] | |
schedule: | |
- cron: '0 21 * * 5' # Runs at 21:00, only on Friday | |
permissions: | |
contents: read | |
jobs: | |
codacy-security-scan: | |
permissions: | |
contents: read | |
security-events: write | |
actions: read | |
name: Codacy Security Scan | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
# Execute Codacy Analysis CLI and generate a SARIF output with the security | |
# issues identified during the analysis | |
- name: Run Codacy Analysis CLI | |
uses: codacy/codacy-analysis-cli-action@v4 | |
with: | |
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} | |
verbose: true | |
output: results.sarif | |
format: sarif | |
gh-code-scanning-compat: true | |
max-allowed-issues: 2147483647 | |
# Upload the SARIF file generated in the previous step | |
- name: Upload SARIF results file | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: results.sarif |