Commit b199ebf

authored

Merge pull request #191 from sir-gon/develop

[CONFIG] [Gihub Actions] Snyk Open Source analysis added. Sarif outpu...

2 parents f066591 + 2bc0c61 commit b199ebfCopy full SHA for b199ebf

File tree

-9

lines changed

-9

lines changed

Lines changed: 7 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,6 @@`
`4`	`4`	`# yamllint enable rule:line-length`
`5`	`5`
`6`	`6`	`---`
`7`		`-`
`8`	`7`	`name: .NET Snyk Code analysis`
`9`	`8`
`10`	`9`	`on: # yamllint disable-line rule:truthy`
`@@ -21,24 +20,23 @@ jobs:`
`21`	`20`	`security-events: write`
`22`	`21`	`steps:`
`23`	`22`	`- uses: actions/checkout@master`
`24`		`- - uses: snyk/actions/setup@master`
`25`	`23`	`- name: Setup .NET`
`26`	`24`	`uses: actions/setup-dotnet@v4`
`27`	`25`	`with:`
`28`	`26`	`dotnet-version: 8.0.x`
`29`	`27`	`- name: Restore dependencies`
`30`	`28`	`run: dotnet restore algorithm_exercises_csharp.sln`
`31`	`29`	`- name: Run Snyk to check for vulnerabilities`
	`30`	`+ uses: snyk/actions/dotnet@master`
`32`	`31`	`continue-on-error: true # To make sure that SARIF upload gets called`
`33`		`- run: >`
`34`		`- snyk test`
`35`		`- algorithm_exercises_csharp/`
`36`		`- algorithm_exercises_csharp_base/`
`37`		`- algorithm_exercises_csharp_test/`
`38`		`- --sarif-file-output=snyk-code.sarif`
`39`	`32`	`env:`
`40`	`33`	`SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}`
	`34`	`+ with:`
	`35`	`+ command: code test`
	`36`	`+ args: >`
	`37`	`+ --all-projects`
	`38`	`+ --sarif-file-output=snyk-code.sarif`
`41`	`39`	`- name: Upload result to GitHub Code Scanning`
`42`	`40`	`uses: github/codeql-action/upload-sarif@v3`
`43`	`41`	`with:`
`44`		`- sarif_file: snyk-code.sarif`
	`42`	`+ sarif_file: "snyk-code.sarif"`

Comments

(0)