From 74ef8a25f49f1a8f83648a04e3714e7678534dee Mon Sep 17 00:00:00 2001
From: max furman <mx.furman@gmail.com>
Date: Fri, 23 Sep 2022 16:36:32 -0700
Subject: [PATCH] Add code scanning to CI workflows
---
.github/workflows/ci.yml | 22 ++++++++++++++++++++++
.github/workflows/code-scan-cron.yml | 12 ++++++++++++
.github/workflows/test.yml | 15 ---------------
3 files changed, 34 insertions(+), 15 deletions(-)
create mode 100644 .github/workflows/ci.yml
create mode 100644 .github/workflows/code-scan-cron.yml
delete mode 100644 .github/workflows/test.yml
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..2c9ded5
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,22 @@
+name: CI
+
+on:
+ push:
+ tags-ignore:
+ - 'v*'
+ branches:
+ - "master"
+ pull_request:
+ workflow_call:
+ secrets:
+ GITLEAKS_LICENSE_KEY:
+ required: true
+
+jobs:
+ ci:
+ uses: smallstep/workflows/.github/workflows/goCI.yml@main
+ with:
+ gitleaks: true
+ codeql: true
+ secrets:
+ GITLEAKS_LICENSE_KEY: ${{ secrets.GITLEAKS_LICENSE_KEY }}
diff --git a/.github/workflows/code-scan-cron.yml b/.github/workflows/code-scan-cron.yml
new file mode 100644
index 0000000..c5379ff
--- /dev/null
+++ b/.github/workflows/code-scan-cron.yml
@@ -0,0 +1,12 @@
+on:
+ schedule:
+ - cron: '0 0 * * *'
+
+jobs:
+ gitleaks:
+ uses: smallstep/workflows/.github/workflows/gitleaks.yml@main
+ secrets:
+ GITLEAKS_LICENSE_KEY: ${{ secrets.GITLEAKS_LICENSE_KEY }}
+
+ codeql:
+ uses: smallstep/workflows/.github/workflows/codeql-analysis.yml@main
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
deleted file mode 100644
index d84c028..0000000
--- a/.github/workflows/test.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-name: Continuous Integration
-
-on:
- push:
- tags-ignore:
- - 'v*'
- branches:
- - "**"
- pull_request:
- schedule:
- - cron: '0 0 * * SUN'
-
-jobs:
- ci:
- uses: smallstep/workflows/.github/workflows/goCI.yml@main
--
GitLab