Update main.yml #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow integrates Qwiet preZero with GitHub | ||
| # Visit https://docs.shiftleft.io for help | ||
| name: Qwiet | ||
| on: | ||
| pull_request: | ||
| workflow_dispatch: | ||
| push: | ||
| # We recommend triggering a scan when merging to your default branch | ||
| # as a best practice, especially if you'd like to compare the results | ||
| # of two scans (e.g., a feature branch against the default branch) | ||
| branches: | ||
| - main | ||
| - master | ||
| jobs: | ||
| ngsast-build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Download the Qwiet CLI and set permissions | ||
| run: | | ||
| curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl | ||
| # Qwiet requires Java 1.8 | ||
| - name: Set up Java | ||
| uses: actions/[email protected] | ||
| with: | ||
| java-version: 1.8 | ||
| - name: NextGen Static Analysis | ||
| run: ${GITHUB_WORKSPACE}/sl analyze --app ShiftLeftPython --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} --pythonsrc . | ||
| env: | ||
| SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }} | ||
| SHIFTLEFT_ORG_ID: ${{ variables.SHIFTLEFT_ORG_ID }} | ||
|
Check failure on line 36 in .github/workflows/main.yml
|
||
| - name: SARIF export | ||
| run: ${GITHUB_WORKSPACE}/sl sarif export --app ShiftLeftPython . | ||
| env: | ||
| SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }} | ||
| SHIFTLEFT_ORG_ID: ${{ vars.SHIFTLEFT_ORG_ID }} | ||
