This repository was archived by the owner on Nov 15, 2024. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +44
-0
lines changed
Expand file tree Collapse file tree 1 file changed +44
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow integrates a collection of open source static analysis tools
2+ # with GitHub code scanning. For documentation, or to provide feedback, visit
3+ # https://github.com/github/ossar-action
4+ name : OSSAR
5+
6+ on :
7+ push :
8+ branches : [ master ]
9+ pull_request :
10+ # The branches below must be a subset of the branches above
11+ branches : [ master ]
12+ schedule :
13+ - cron : ' 31 6 * * 0'
14+
15+ jobs :
16+ OSSAR-Scan :
17+ # OSSAR runs on windows-latest.
18+ # ubuntu-latest and macos-latest support coming soon
19+ runs-on : windows-latest
20+
21+ steps :
22+ - name : Checkout repository
23+ uses : actions/checkout@v2
24+
25+ # Ensure a compatible version of dotnet is installed.
26+ # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201.
27+ # A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
28+ # GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped.
29+ # For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action:
30+ # - name: Install .NET
31+ # uses: actions/setup-dotnet@v1
32+ # with:
33+ # dotnet-version: '3.1.x'
34+
35+ # Run open source static analysis tools
36+ - name : Run OSSAR
37+ uses : github/ossar-action@v1
38+ id : ossar
39+
40+ # Upload results to the Security tab
41+ - name : Upload OSSAR results
42+ uses : github/codeql-action/upload-sarif@v1
43+ with :
44+ sarif_file : ${{ steps.ossar.outputs.sarifFile }}
You can’t perform that action at this time.
0 commit comments