mirror of
https://github.com/fluxcd/flux2.git
synced 2026-02-16 20:51:47 +00:00
19 lines
540 B
YAML
19 lines
540 B
YAML
name: scan
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches: [ 'main', 'release/**' ]
|
|
pull_request:
|
|
branches: [ 'main', 'release/**' ]
|
|
schedule:
|
|
- cron: '18 10 * * 3'
|
|
permissions: read-all
|
|
jobs:
|
|
analyze:
|
|
permissions:
|
|
contents: read # for reading the repository code.
|
|
security-events: write # for uploading the CodeQL analysis results.
|
|
uses: fluxcd/gha-workflows/.github/workflows/code-scan.yaml@v0.8.0
|
|
secrets:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
fossa-token: ${{ secrets.FOSSA_TOKEN }}
|