Renovate Bot
70e4db4898
Some checks failed
renovate/artifacts Artifact file update failure
renovate/stability-days Updates have met minimum release age requirement
CI / Test (pull_request) Successful in 18s
CI / Dry-Run Prerelease (pull_request) Successful in 57s
CI / Check Dist (pull_request) Successful in 59s
CI / Dry-Run (pull_request) Successful in 2m52s
Run TAS / run-tas (pull_request) Successful in 3m59s
32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
name: Run TAS
|
|
|
|
on:
|
|
pull_request:
|
|
workflow_dispatch:
|
|
inputs:
|
|
branch:
|
|
description: "The branch to run TAS on"
|
|
required: true
|
|
default: "main"
|
|
schedule:
|
|
- cron: "0 6 * * 5"
|
|
|
|
jobs:
|
|
run-tas:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-trivy@09fb31ca3a203eaa78d4139d94b3aee3ff5d2388 # 1.3.7
|
|
- uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-db@09fb31ca3a203eaa78d4139d94b3aee3ff5d2388 # 1.3.7
|
|
- env:
|
|
TRIVY_CACHE_DIR: ${{ runner.temp }}/trivy
|
|
run: |
|
|
trivy fs --cache-dir "$TRIVY_CACHE_DIR" --exit-code 0 --format sarif --output sarif.json .
|
|
- uses: https://gitea.t000-n.de/t.behrendt/tas-actions/tas-upload-sarif@5e1031a9eff4a83fc17d0893332ad896386c082f # 0.0.3
|
|
with:
|
|
tas-base-url: ${{ vars.TAS_BASE_URL }}
|
|
sarif-file: sarif.json
|
|
owner: t.behrendt
|
|
repo: conventional-semantic-git-tag-increment
|
|
branch: ${{ inputs.branch || github.head_ref || 'main' }}
|