microsoft/qdk
Publicmirrored fromhttps://github.com/microsoft/qdkAvailable
.github/workflows/devskim.yml
34lines · modecode
| 1 | name: DevSkim |
| 2 | |
| 3 | on: |
| 4 | push: |
| 5 | branches: [ main ] |
| 6 | pull_request: |
| 7 | branches: [ main ] |
| 8 | workflow_dispatch: |
| 9 | schedule: |
| 10 | # set schedule to run at 2AM PT on Saturdays |
| 11 | - cron: '0 9 * * Sat' |
| 12 | |
| 13 | jobs: |
| 14 | lint: |
| 15 | name: DevSkim |
| 16 | runs-on: ubuntu-latest |
| 17 | permissions: |
| 18 | # required for all workflows |
| 19 | security-events: write |
| 20 | |
| 21 | # only required for workflows in private repositories |
| 22 | actions: read |
| 23 | contents: read |
| 24 | steps: |
| 25 | - name: Checkout code |
| 26 | uses: actions/checkout@v3 |
| 27 | |
| 28 | - name: Run DevSkim scanner |
| 29 | uses: microsoft/DevSkim-Action@v1 |
| 30 | |
| 31 | - name: Upload DevSkim scan results to GitHub Security tab |
| 32 | uses: github/codeql-action/upload-sarif@v2 |
| 33 | with: |
| 34 | sarif_file: devskim-results.sarif |