File tree 2 files changed +34
-39
lines changed
2 files changed +34
-39
lines changed Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ name : " Security Scan"
2+
3+ # Run workflow each time code is pushed to your repository and on a schedule.
4+ # The scheduled workflow runs every at 00:00 on Sunday UTC time.
5+ on :
6+ workflow_dispatch :
7+ push :
8+ branches :
9+ - main
10+ paths :
11+ - ' *.go'
12+ pull_request :
13+ branches :
14+ - main
15+ schedule :
16+ - cron : ' 0 0 * * 0'
17+
18+ jobs :
19+ scan :
20+ permissions : write-all
21+ runs-on : ubuntu-latest
22+ steps :
23+ - name : Check out code into the Go module directory
24+ uses : actions/checkout@v2
25+ - name : Security Scan
26+ uses : securego/gosec@master
27+ with :
28+ # we let the report trigger content trigger a failure using the GitHub Security features.
29+ args : ' -no-fail -fmt sarif -out results.sarif ./...'
30+ - name : Upload SARIF file
31+ uses : github/codeql-action/upload-sarif@v2
32+ with :
33+ # Path to SARIF file relative to the root of the repository
34+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments