From 8a66689eeec112a9f47a782880c0e1a9e2e5dc12 Mon Sep 17 00:00:00 2001 From: Felix Svensson Date: Fri, 27 Sep 2024 22:08:31 +0200 Subject: [PATCH] Create securitycodescan.yml --- .github/workflows/securitycodescan.yml | 49 ++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/workflows/securitycodescan.yml diff --git a/.github/workflows/securitycodescan.yml b/.github/workflows/securitycodescan.yml new file mode 100644 index 0000000..771309a --- /dev/null +++ b/.github/workflows/securitycodescan.yml @@ -0,0 +1,49 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This workflow integrates SecurityCodeScan with GitHub's Code Scanning feature +# SecurityCodeScan is a vulnerability patterns detector for C# and VB.NET + +name: SecurityCodeScan + +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '41 22 * * 4' +env: + DOTNET_VERSION: '8.x' # Define .NET version + +jobs: + SCS: + runs-on: windows-latest + steps: + - uses: actions/checkout@v4 + + # Setup .NET Core with the specified version + - name: Setup .NET Core + uses: actions/setup-dotnet@v3 + with: + dotnet-version: ${{ env.DOTNET_VERSION }} + - uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1 + - uses: microsoft/setup-msbuild@v1.0.2 + + - name: Set up projects for analysis + uses: security-code-scan/security-code-scan-add-action@f8ff4f2763ed6f229eded80b1f9af82ae7f32a0d + + - name: Restore dependencies + run: dotnet restore + + - name: Build + run: dotnet build --no-restore + + - name: Convert sarif for uploading to GitHub + uses: security-code-scan/security-code-scan-results-action@cdb3d5e639054395e45bf401cba8688fcaf7a687 + + - name: Upload sarif + uses: github/codeql-action/upload-sarif@v3