Skip to content

Commit

Permalink
Merge pull request #863 from Nordix/fix_openssf_wf
Browse files Browse the repository at this point in the history 
Fix openssf github action workflow
  • Loading branch information
@radoslawc
radoslawc authored Feb 19, 2025
2 parents 7ce72e0 + 5813b47 commit cfdcd40
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions .github/workflows/openssf_scorecard.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ on:
push:
branches:
- main
workflow_dispatch:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
Expand All @@ -22,24 +23,24 @@ jobs:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
uses: actions/checkout@v4.2.2
with:
persist-credentials: false
- name: Run analysis
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
uses: ossf/scorecard-action@v2.4.0
with:
results_file: results.sarif
results_format: sarif
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
publish_results: true
- name: Upload artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
uses: actions/upload-artifact@v4.6.0
with:
name: SARIF file
path: results.sarif
retention-days: 5
- name: Upload to code-scanning
uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
uses: github/codeql-action/upload-sarif@v3.28.9
with:
sarif_file: results.sarif
token: ${{ secrets.GITHUB_TOKEN }}

0 comments on commit cfdcd40

Please sign in to comment.