| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 |
- # This workflow uses actions that are not certified by GitHub.
- # They are provided by a third-party and are governed by
- # separate terms of service, privacy policy, and support
- # documentation.
- name: DevSkim
- on:
- push:
- paths:
- - '.github/workflows/devskim.yml'
- - '.goreleaser.yml'
- - 'Dockerfile.multiarches'
- - 'Dockerfile.singlearch'
- - 'Makefile'
- - 'frontend/**'
- - 'integration-tests/**'
- - 'proto/**'
- - 'service/**'
- branches: [ "main" ]
- pull_request:
- paths:
- - '.github/workflows/devskim.yml'
- - '.goreleaser.yml'
- - 'Dockerfile.multiarches'
- - 'Dockerfile.singlearch'
- - 'Makefile'
- - 'frontend/**'
- - 'integration-tests/**'
- - 'proto/**'
- - 'service/**'
- branches: [ "main" ]
- schedule:
- - cron: '34 21 * * 2'
- jobs:
- lint:
- name: DevSkim
- runs-on: ubuntu-latest
- permissions:
- actions: read
- contents: read
- security-events: write
- steps:
- - name: Checkout code
- uses: actions/checkout@v4
- - name: Run DevSkim scanner
- uses: microsoft/DevSkim-Action@v1
- - name: Upload DevSkim scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@v3
- with:
- sarif_file: devskim-results.sarif
|