mirror/wagtail-draftail-snippet
Archived
1
Fork 0
Code Activity
This repository has been archived on 2024-07-16. You can view files and clone it, but cannot push or open issues or pull requests.
wagtail-draftail-snippet/.github/workflows/shiftleft.yml
Paolo del Mundo 0d73e505ae
Add shiftleft.yml (#17) 
Adds shiftleft.yml with `--cpg` flag
2021-06-07 15:25:07 -04:00

30 lines
1.1 KiB
YAML
Raw Blame History

# Shiftleft engine v2
name: Analyze with ShiftLeft NG SAST
on:
pull_request: # include to analyze when you create a pull request
branches:
- master
workflow_dispatch:
jobs:
NGSAST:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Download ShiftLeft cli
run: |
curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
- run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}') >> $GITHUB_ENV
shell: bash
- name: Python
if: env.SHIFTLEFT_ACCESS_TOKEN != null
run: |
python3 -m venv .venv
. .venv/bin/activate
pip install --upgrade setuptools wheel
[ -f requirements.txt ] && pip install -r requirements.txt
[ -f requirements/default.txt ] && pip install -r requirements/default.txt
${GITHUB_WORKSPACE}/sl analyze --tag app.group=$REPOSITORY_NAME --app ${REPOSITORY_NAME}-python --cpg --tag branch=${GITHUB_REF} --python $(pwd)
env:
SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
View git blame Copy permalink