Skip to content

Security Scanning

Security Scanning #166

Workflow file for this run

name: Security Scanning
on:
pull_request_target:
branches:
- main
push:
branches:
- main
# Run every day at 5am UTC
schedule:
- cron: '0 5 * * *'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
snyk:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Install Snyk
uses: snyk/actions/setup@master
- name: Snyk VULN and License Check Test
run: snyk test --all-projects --sarif-file-output=snyk.sarif
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload SARIF result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
if: always()
with:
sarif_file: snyk.sarif
fossa:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Run FOSSA Scan
uses: fossas/fossa-action@main
with:
api-key: ${{ secrets.FOSSA_API_KEY }}
- name: Run FOSSA Test
uses: fossas/fossa-action@main
with:
api-key: ${{ secrets.FOSSA_API_KEY }}
run-tests: true