feat(ci): fix CI, switch to self-hosted SonarQube (#310)
Some checks failed
Release / Publish to PyPI (push) Has been skipped
Release / Create Release (push) Has been skipped
Release / Print Release (push) Has been skipped
Release / Build Wheel File (push) Has been skipped
Release / Test (push) Failing after 4s
Release / Publish Docker Images (push) Has been skipped
Security / sonarqube (push) Successful in 2m20s
Security / snyk (push) Successful in 1m35s
Some checks failed
Release / Publish to PyPI (push) Has been skipped
Release / Create Release (push) Has been skipped
Release / Print Release (push) Has been skipped
Release / Build Wheel File (push) Has been skipped
Release / Test (push) Failing after 4s
Release / Publish Docker Images (push) Has been skipped
Security / sonarqube (push) Successful in 2m20s
Security / snyk (push) Successful in 1m35s
Reviewed-on: #310
This commit is contained in:
34
.gitea/workflows/security.yml
Normal file
34
.gitea/workflows/security.yml
Normal file
@ -0,0 +1,34 @@
|
||||
name: Security
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
schedule:
|
||||
- cron: "@daily"
|
||||
|
||||
jobs:
|
||||
sonarqube:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v4.2.2
|
||||
|
||||
- name: SonarQube Scan
|
||||
uses: SonarSource/sonarqube-scan-action@v4.2.1
|
||||
env:
|
||||
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
|
||||
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
||||
|
||||
snyk:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@v4.2.2
|
||||
|
||||
- name: Snyk
|
||||
uses: snyk/actions/python@master
|
||||
continue-on-error: true
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
Reference in New Issue
Block a user