repos/pypilot
3
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 5 Activity

add security.yml
All checks were successful
Conventional Commit / Validate PR Title (pull_request) Successful in 32s
Details
CI / ci (pull_request) Successful in 2m7s
Details

Browse Source
This commit is contained in:
Luke Tainton 2025-02-09 20:57:58 +00:00
parent 4a318d4802
commit 0922ba145e
Signed by: luke
SSH Key Fingerprint: SHA256:D34npKT7UaiT/7gULqu7EPSLWWVAjTjXf4kKfJ/fQBo
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitea/workflows/ci.yml
View File

@ -59,7 +59,7 @@ jobs:
uses: SonarSource/sonarqube-scan-action@v4.2.1
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: Snyk Vulnerability Scan
uses: snyk/actions/python@master

34
.gitea/workflows/security.yml Normal file
View File

@ -0,0 +1,34 @@
name: Security
on:
workflow_dispatch:
push:
branches:
- main
schedule:
- cron: "@daily"
jobs:
sonarqube:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4.2.2
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v4.2.1
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
snyk:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4.2.2
- name: Snyk
uses: snyk/actions/python@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}