From ec539302876c4ab05ae0438ca4e575968270526b Mon Sep 17 00:00:00 2001 From: Gabriel Kihlman Date: Tue, 17 Dec 2019 15:16:44 +0100 Subject: [PATCH 15/25] Adding a static code analysis github workflow Signed-off-by: Gustavo B. Schenkel --- .github/workflows/scan.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/scan.yml diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml new file mode 100644 index 0000000..f8e54a1 --- /dev/null +++ b/.github/workflows/scan.yml @@ -0,0 +1,31 @@ +name: static code analysis + +on: [push] +env: + SCAN_IMG: + yes-docker-local.artifactory.in.yubico.org/static-code-analysis/c:v1 + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@master + + - name: Prep scan + run: | + docker login yes-docker-local.artifactory.in.yubico.org/ \ + -u svc-static-code-analysis-reader \ + -p ${{ secrets.ARTIFACTORY_READER_TOKEN }} + docker pull ${SCAN_IMG} + + - name: Scan but do not fail on warnings + run: | + docker run -v${PWD}:/k -e COMPILE_DEPS="${COMPILE_DEPS}" \ + -e PROJECT_NAME=${GITHUB_REPOSITORY#Yubico/} -t ${SCAN_IMG} || true + + - uses: actions/upload-artifact@master + if: failure() + with: + name: suppression_files + path: suppression_files -- 2.32.0