Skip to content

General Tool Upgrade #706

General Tool Upgrade

General Tool Upgrade #706

# This workflow integrates Scan with GitHub's code scanning feature
# Scan is a free open-source security tool for modern DevOps teams
# Visit https://appthreat.com/en/latest/integrations/github-actions/ for help
name: Scan
# This section configures the trigger for the workflow. Feel free to customize depending on your convention
on:
pull_request:
jobs:
Scan-Build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v1
- name: Cache multiple paths
uses: actions/cache@v2
with:
path: |
${{ github.workspace }}/db
key: ${{ runner.os }}-${{ hashFiles('requirements*.txt') }}
- name: Perform Scan
uses: ShiftLeftSecurity/scan-action@master
env:
VDB_HOME: ${{ github.workspace }}/db
WORKSPACE: ""
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
output: reports
- name: Upload report
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: reports