mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-24 20:25:29 +00:00
b531b47668
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
40 lines
1.0 KiB
YAML
40 lines
1.0 KiB
YAML
name: 👮🏼♂️ Sonarcloud
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
- dev
|
|
pull_request:
|
|
types: [opened, synchronize, reopened]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
sonarcloud:
|
|
name: SonarCloud
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
|
|
|
|
- name: "Set up Go"
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.17
|
|
|
|
- name: Run unit Tests
|
|
working-directory: v2/
|
|
run: |
|
|
go test -coverprofile=cov.out ./...
|
|
|
|
- name: Run Gosec Security Scanner
|
|
working-directory: v2/
|
|
run: |
|
|
go install github.com/securego/gosec/cmd/gosec@latest
|
|
gosec -no-fail -fmt=sonarqube -out report.json ./...
|
|
|
|
- name: SonarCloud Scan
|
|
uses: SonarSource/sonarcloud-github-action@master
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |