File tree Expand file tree Collapse file tree 2 files changed +60
-0
lines changed Expand file tree Collapse file tree 2 files changed +60
-0
lines changed Original file line number Diff line number Diff line change 2020
2121 lint :
2222 uses : ./.github/workflows/lint.yml
23+
24+ security-scans :
25+ if : github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && inputs.run_security_scans =='true')
26+ uses : ./.github/workflows/security-scans.yml
Original file line number Diff line number Diff line change 1+ name : Security Stages
2+
3+ on :
4+ workflow_call :
5+
6+ jobs :
7+ codeql :
8+ name : CodeQL Analysis
9+ runs-on : ubuntu-latest
10+ permissions :
11+ security-events : write
12+ contents : read
13+
14+ steps :
15+ - name : Checkout repository
16+ uses : actions/checkout@v4
17+
18+ - name : Initialize CodeQL
19+ uses : github/codeql-action/init@v3
20+ with :
21+ languages : python
22+
23+ - name : Setup uv
24+ uses : astral-sh/setup-uv@v5
25+
26+ - name : Setup Python
27+ uses : actions/setup-python@v5
28+ with :
29+ python-version : ' 3.10'
30+
31+ - name : Install dependencies
32+ run : uv sync --all-extras
33+
34+ - name : Run CodeQL Analysis
35+ uses : github/codeql-action/analyze@v3
36+
37+
38+ fossa :
39+ name : FOSSA Scan
40+ runs-on : ubuntu-latest
41+ steps :
42+ - name : Checkout repository
43+ uses : actions/checkout@v4
44+
45+ - name : Run FOSSA scan
46+ uses : fossas/fossa-action@main
47+ with :
48+ api-key : ${{ secrets.FOSSA_API_KEY }}
49+ debug : true
50+
51+ - name : Upload FOSSA artifact
52+ uses : actions/upload-artifact@v4
53+ with :
54+ name : fossa.debug.json.gz
55+ path : ./fossa.debug.json.gz
56+
You can’t perform that action at this time.
0 commit comments