github.com/gogf/gf/v2@v2.7.4/.github/workflows/sonarcloud.yaml

github.com/gogf/gf/v2@v2.7.4/.github/workflows/sonarcloud.yaml (about)

     1  name: Sonarcloud Scan
     2  
     3  on:
     4    schedule:
     5      # Weekly on Saturdays.
     6      - cron: '30 1 * * 6'
     7    push:
     8      branches: [ master ]
     9  
    10  concurrency:
    11    group: ${{ github.workflow }}-${{ github.ref }}
    12    cancel-in-progress: true
    13  
    14  # Declare default permissions as read only.
    15  permissions: read-all
    16  
    17  jobs:
    18    analysis:
    19      name: Scorecards analysis
    20      runs-on: ubuntu-22.04
    21      permissions:
    22        # Needed to upload the results to code-scanning dashboard.
    23        security-events: write
    24        # Used to receive a badge. (Upcoming feature)
    25        id-token: write
    26        # Needs for private repositories.
    27        contents: read
    28        actions: read
    29  
    30      steps:
    31        - name: "Checkout code"
    32          uses: actions/checkout@v4
    33          with:
    34            persist-credentials: false
    35  
    36        - name: "Run analysis"
    37          uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
    38          with:
    39            results_file: results.sarif
    40            results_format: sarif
    41            publish_results: true
    42  
    43        - name: "Upload artifact"
    44          uses: actions/upload-artifact@v4
    45          with:
    46            name: SARIF file
    47            path: results.sarif
    48            retention-days: 5
    49  
    50        - name: "Upload to code-scanning"
    51          uses: github/codeql-action/upload-sarif@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1
    52          with:
    53            sarif_file: results.sarif