Skip to content

Configure Renovate

Configure Renovate #28

Workflow file for this run

name: Scans
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [main]
tags:
- "*"
pull_request:
branches: [main]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
security:
# The type of runner that the job will run on
runs-on: ubuntu-latest
continue-on-error: true
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v4
- name: Install and run Spectral CI
uses: spectralops/spectral-github-action@v5
with:
spectral-dsn: ${{ secrets.SPECTRAL_DSN }}
spectral-args: scan --ok
# - name: Run Snyk to check for vulnerabilities
# uses: snyk/actions/golang@master
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
# with:
# command: monitor
# codacy-security-scan:
# permissions:
# contents: read # for actions/checkout to fetch code
# security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
# actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
# name: Codacy Security Scan
# runs-on: ubuntu-latest
# steps:
# # Checkout the repository to the GitHub Actions runner
# - name: Checkout code
# uses: actions/checkout@v4
# # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
# - name: Run Codacy Analysis CLI
# uses: codacy/codacy-analysis-cli-action@master
# with:
# # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
# # You can also omit the token and run the tools that support default configurations
# #project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
# verbose: true
# output: results.sarif
# format: sarif
# # Adjust severity of non-security issues
# gh-code-scanning-compat: true
# # Force 0 exit code to allow SARIF file generation
# # This will handover control about PR rejection to the GitHub side
# max-allowed-issues: 2147483647
# # Upload the SARIF file generated in the previous step
# - name: Upload SARIF results file
# uses: github/codeql-action/upload-sarif@v2
# with:
# sarif_file: results.sarif