Skip to content
ShiftLeft

[Snyk] Fix for 4 vulnerabilities #26

Sign in to view logs

[Snyk] Fix for 4 vulnerabilities

[Snyk] Fix for 4 vulnerabilities #26

Workflow file for this run

.github/workflows/shiftleft.yml at ec703fe
---
# This workflow integrates ShiftLeft NG SAST with GitHub
# Visit https://docs.shiftleft.io for help
name: ShiftLeft
on:
pull_request:
workflow_dispatch:
jobs:
NextGen-Static-Analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Download ShiftLeft CLI
run: |
curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
# ShiftLeft requires Java 1.8 only for java analysis, 11 is recommended otherwise.
- name: Setup Java JDK
uses: actions/setup-java@v1.4.3
with:
java-version: 11
- name: Extract branch name
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
id: extract_branch
- name: NextGen Static Analysis
run: ${GITHUB_WORKSPACE}/sl analyze --strict --wait --app mobile-app-android --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} --kotlin .
env:
SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
## Uncomment the following section to enable build rule checking and enforcing.
#Build-Rules:
#runs-on: ubuntu-latest
#needs: NextGen-Static-Analysis
#steps:
#- uses: actions/checkout@v2
#- name: Download ShiftLeft CLI
# run: |
# curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
#- name: Validate Build Rules
# run: |
# ${GITHUB_WORKSPACE}/sl check-analysis --app mobile-app-android \
# --source 'tag.branch=${{ github.event.pull_request.base.ref }}' \
# --target "tag.branch=${{ github.head_ref || steps.extract_branch.outputs.branch }}" \
# --report \
# --github-pr-number=${{github.event.number}} \
# --github-pr-user=${{ github.repository_owner }} \
# --github-pr-repo=${{ github.event.repository.name }} \
# --github-token=${{ secrets.GITHUB_TOKEN }}
# env:
#SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}