صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
SX_Cloud
/
rooms-android
2
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
فهرست منبع

Create scorecards-analysis.yml

Andy Scherzinger 3 سال پیش
والد
75b0f7af5d
کامیت
0aaa33e1a7
1فایلهای تغییر یافته به همراه55 افزوده شده و 0 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 55 0
      .github/workflows/scorecards.yml

+ 55 - 0
.github/workflows/scorecards.yml
مشاهده فایل 

@@ -0,0 +1,55 @@
 
+name: Scorecards supply-chain security
 
+on:
 
+  # Only the default branch is supported.
 
+  branch_protection_rule:
 
+  schedule:
 
+    - cron: '33 1 * * 5'
 
+  push:
 
+    branches: [ master ]
 
+
 
+# Declare default permissions as read only.
 
+permissions: read-all
 
+
 
+jobs:
 
+  analysis:
 
+    name: Scorecards analysis
 
+    runs-on: ubuntu-latest
 
+    permissions:
 
+      # Needed to upload the results to code-scanning dashboard.
 
+      security-events: write
 
+      actions: read
 
+      contents: read
 
+
 
+    steps:
 
+      - name: "Checkout code"
 
+        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0
 
+        with:
 
+          persist-credentials: false
 
+
 
+      - name: "Run analysis"
 
+        uses: ossf/scorecard-action@c1aec4ac820532bab364f02a81873c555a0ba3a1 # v1.0.4
 
+        with:
 
+          results_file: results.sarif
 
+          results_format: sarif
 
+          # Read-only PAT token. To create it,
 
+          # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation.
 
+          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
 
+          # Publish the results to enable scorecard badges. For more details, see
 
+          # https://github.com/ossf/scorecard-action#publishing-results.
 
+          # For private repositories, `publish_results` will automatically be set to `false`,
 
+          # regardless of the value entered here.
 
+          publish_results: false
 
+
 
+      # Upload the results as artifacts (optional).
 
+      - name: "Upload artifact"
 
+        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
 
+        with:
 
+          name: SARIF file
 
+          path: results.sarif
 
+          retention-days: 5
 
+
 
+      # Upload the results to GitHub's code scanning dashboard.
 
+      - name: "Upload to code-scanning"
 
+        uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
 
+        with:
 
+          sarif_file: results.sarif