Skip to content

Update Dockerfile ruby and brakeman versions #29

Update Dockerfile ruby and brakeman versions

Update Dockerfile ruby and brakeman versions #29

Workflow file for this run

name: Security checks (dogfooding)
on:
push:
branches:
- main
pull_request:
types:
- opened
- edited
jobs:
brakeman:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Set up Ruby 3.3.5
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.3.5
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
- name: Brakeman report
run: |
bundle exec brakeman -A -q --force -f json -o tmp/${{ github.event.pull_request.head.sha }}-brakeman.json
- name: Send Brakeman report to Github if it has warnings
if: failure()
uses: cookpad/brakeman-linter-action@v2
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
REPORT_PATH: tmp/${{ github.event.pull_request.head.sha }}-brakeman.json
GITHUB_LATEST_SHA: ${{ github.event.pull_request.head.sha }}
CUSTOM_MESSAGE_CONTENT: "Please address this issue before merging.<br />Thank you for improving our security!"