.github/workflows/security_check.yml
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will download a prebuilt Ruby version, install dependencies, and run linters
name: Security Checks
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
run-check:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Setup Ruby and install gems
uses: ruby/setup-ruby@master
# Add or Replace any other security checks here
- name: Install security check gems
run: |
gem i bundler-audit
gem i brakeman
- name: Run Bundle-audit
run: |
bundle audit --update
- name: Run Brakeman
run: |
brakeman -q -w2