File tree Expand file tree Collapse file tree 1 file changed +48
-0
lines changed Expand file tree Collapse file tree 1 file changed +48
-0
lines changed Original file line number Diff line number Diff line change
1
+ on :
2
+ branch_protection_rule :
3
+ schedule :
4
+ - cron : " 0 9 * * *"
5
+ push :
6
+ branches : [main]
7
+ workflow_dispatch : {}
8
+
9
+ name : OpenSSF Scorecard
10
+ run-name : OpenSSF Scorecard
11
+
12
+ permissions : read-all
13
+
14
+ jobs :
15
+ analysis :
16
+ name : Scorecard analysis
17
+ runs-on : ubuntu-latest
18
+ environment : Security
19
+ permissions :
20
+ security-events : write
21
+ id-token : write
22
+
23
+ steps :
24
+ - name : " Checkout code"
25
+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
26
+ with :
27
+ persist-credentials : false
28
+
29
+ - name : " Run analysis"
30
+ uses : ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
31
+ with :
32
+ results_file : results.sarif
33
+ results_format : sarif
34
+ publish_results : true
35
+ repo_token : ${{ secrets.SCORECARD_TOKEN }}
36
+
37
+ - name : " Upload results"
38
+ uses : actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
39
+ with :
40
+ name : SARIF file
41
+ path : results.sarif
42
+ retention-days : 5
43
+
44
+ # Upload the results to GitHub's code scanning dashboard.
45
+ - name : " Upload to code-scanning"
46
+ uses : github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
47
+ with :
48
+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments