blob: 0e33bc90f1e50000c43ae58a1ccb5f6be85c1261 (
plain)
From ec539302876c4ab05ae0438ca4e575968270526b Mon Sep 17 00:00:00 2001
From: Gabriel Kihlman <g.kihlman@yubico.com>
Date: Tue, 17 Dec 2019 15:16:44 +0100
Subject: [PATCH 15/25] Adding a static code analysis github workflow
Signed-off-by: Gustavo B. Schenkel <gustavo.schenkel@gmail.com>
---
.github/workflows/scan.yml | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
create mode 100644 .github/workflows/scan.yml
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
new file mode 100644
index 0000000..f8e54a1
--- /dev/null
+++ b/.github/workflows/scan.yml
@@ -0,0 +1,31 @@
+name: static code analysis
+
+on: [push]
+env:
+ SCAN_IMG:
+ yes-docker-local.artifactory.in.yubico.org/static-code-analysis/c:v1
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@master
+
+ - name: Prep scan
+ run: |
+ docker login yes-docker-local.artifactory.in.yubico.org/ \
+ -u svc-static-code-analysis-reader \
+ -p ${{ secrets.ARTIFACTORY_READER_TOKEN }}
+ docker pull ${SCAN_IMG}
+
+ - name: Scan but do not fail on warnings
+ run: |
+ docker run -v${PWD}:/k -e COMPILE_DEPS="${COMPILE_DEPS}" \
+ -e PROJECT_NAME=${GITHUB_REPOSITORY#Yubico/} -t ${SCAN_IMG} || true
+
+ - uses: actions/upload-artifact@master
+ if: failure()
+ with:
+ name: suppression_files
+ path: suppression_files
--
2.32.0
|
