File tree Expand file tree Collapse file tree 1 file changed +35
-2
lines changed Expand file tree Collapse file tree 1 file changed +35
-2
lines changed Original file line number Diff line number Diff line change 44
44
env :
45
45
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
46
46
47
+ outputs :
48
+ categories : ${{ steps.report-list.outputs.categories }}
49
+
47
50
steps :
48
51
- uses : actions/checkout@v4
49
52
63
66
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
64
67
run : ./gradlew detekt
65
68
69
+ - name : Save reports as artifacts
70
+ uses : actions/upload-artifact@v4
71
+ if : ${{ always() }}
72
+ with :
73
+ name : sarif-reports
74
+ path : ' build/reports/detekt/sarif/*.sarif'
75
+
76
+ - name : Compute report list
77
+ id : report-list
78
+ if : ${{ always() }}
79
+ working-directory : build/reports/detekt/sarif
80
+ run : |
81
+ values=$(ls --width 0 --format commas | sed 's/cosmotech-/"/g' | sed 's/-detekt.sarif/"/g')
82
+ echo "categories=[$values]" >> "$GITHUB_OUTPUT"
83
+
84
+ detekt-upload-sarif :
85
+ runs-on : ubuntu-latest
86
+ needs : detekt
87
+ strategy :
88
+ fail-fast : false
89
+ matrix :
90
+ category : ${{ fromJSON(needs.detekt.outputs.categories) }}
91
+
92
+ steps :
93
+ - name : Retrieve reports
94
+ uses : actions/download-artifact@v4
95
+ with :
96
+ name : sarif-reports
97
+ path : sarif
98
+
66
99
- name : Upload SARIF reports to GitHub Security tab
67
100
uses : github/codeql-action/upload-sarif@v3
68
- if : ${{ always() }}
69
101
with :
70
- sarif_file : ' build/reports/detekt/sarif/'
102
+ sarif_file : ' sarif/cosmotech-${{ matrix.category }}-detekt.sarif'
103
+ category : ${{ matrix.category }}
You can’t perform that action at this time.
0 commit comments