ci: add tas (#57)

Reviewed-on: #57 Co-authored-by: Timo Behrendt <t.behrendt@t00n.de> Co-committed-by: Timo Behrendt <t.behrendt@t00n.de>
2026-02-12 20:02:16 +01:00
parent af46017d0a
commit 9e20ded40c
1 changed files with 31 additions and 0 deletions
--- a/.gitea/workflows/run-tas.yaml
+++ b/.gitea/workflows/run-tas.yaml
@@ -0,0 +1,31 @@
+name: Run TAS
+
+on:
+  pull_request:
+  workflow_dispatch:
+    inputs:
+      branch:
+        description: "The branch to run TAS on"
+        required: true
+        default: "main"
+  schedule:
+    - cron: "0 6 * * 5"
+
+jobs:
+  run-tas:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-trivy@1.3.1
+      - uses: https://gitea.t000-n.de/t.behrendt/trivy-actions/setup-db@1.3.1
+      - env:
+          TRIVY_CACHE_DIR: ${{ runner.temp }}/trivy
+        run: |
+          trivy fs --cache-dir "$TRIVY_CACHE_DIR" --exit-code 0 --format sarif --output sarif.json .
+      - uses: https://gitea.t000-n.de/t.behrendt/tas-actions/tas-upload-sarif@0.0.2
+        with:
+          tas-base-url: ${{ vars.TAS_BASE_URL }}
+          sarif-file: sarif.json
+          owner: t.behrendt
+          repo: conventional-semantic-git-tag-increment
+          branch: ${{ inputs.branch || github.head_ref || 'main' }}