Codeminer42/Punchclock

View on GitHub
.github/workflows/security_check.yml

Summary

Maintainability
Test Coverage
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will download a prebuilt Ruby version, install dependencies, and  run linters
name: Security Checks

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
jobs:
  run-check:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Setup Ruby and install gems
        uses: ruby/setup-ruby@master
      # Add or Replace any other security checks here
      - name: Install security check gems
        run: |
          gem i bundler-audit
          gem i brakeman
      - name: Run Bundle-audit
        run: |
          bundle audit --update
      - name: Run Brakeman
        run: |
          brakeman -q -w2