Update secscan.yaml

Signed-off-by: Ettore Di Giacinto <mudler@users.noreply.github.com>
This commit is contained in:
Ettore Di Giacinto 2024-04-12 15:37:56 +02:00 committed by GitHub
parent 7e52c8e21a
commit fb105837ba
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -15,12 +15,15 @@ jobs:
steps:
- name: Checkout Source
uses: actions/checkout@v4
if: ${{ github.actor != 'dependabot[bot]' }}
- name: Run Gosec Security Scanner
if: ${{ github.actor != 'dependabot[bot]' }}
uses: securego/gosec@master
with:
# we let the report trigger content trigger a failure using the GitHub Security features.
args: '-no-fail -fmt sarif -out results.sarif ./...'
- name: Upload SARIF file
if: ${{ github.actor != 'dependabot[bot]' }}
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository