BioAnalyticResource/ePlant_Plant_eFP

View on GitHub
.github/workflows/ossar-analysis.yml

Summary

Maintainability
Test Coverage
# This workflow integrates a collection of open source static analysis tools
# with GitHub code scanning. For documentation, or to provide feedback, visit
# https://github.com/github/ossar-action
name: OSSAR

on:
    push:
        branches: [master]
    pull_request:
        # The branches below must be a subset of the branches above
        branches: [master]

permissions:
    contents: read

jobs:
    OSSAR-Scan:
        # OSSAR runs on windows-latest.
        # ubuntu-latest and macos-latest support coming soon
        permissions:
            contents: read # for actions/checkout to fetch code
            security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
            actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
        runs-on: windows-latest

        steps:
            - name: Checkout repository
              uses: actions/checkout@v3

            # Ensure a compatible version of dotnet is installed.
            # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201.
            # A version greater than or equal to v3.1.201 of dotnet must be installed on the agent in order to run this action.
            # GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped.
            # For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action:
            # - name: Install .NET
            #   uses: actions/setup-dotnet@v2
            #   with:
            #     dotnet-version: '3.1.x'
            # Run open source static analysis tools
            - name: Run OSSAR
              uses: github/ossar-action@v1
              id: ossar

              # Upload results to the Security tab
            - name: Upload OSSAR results
              uses: github/codeql-action/upload-sarif@v2
              with:
                  sarif_file: ${{ steps.ossar.outputs.sarifFile }}