Files
starter-workflows/code-scanning/msvc.yml
T
Ashwin Sangem b1b3ae86ee Sync partner_templates with the main Branch. (#1250)
* Added Cloudrail according to instructions and existing examples

* Adding Cloudrail according to documentation and examples

* Oops

* Add original Fortify on Demand workflow

* Update Fortify on Demand workflow

* Update Fortify on Demand supported languages

* Add 3rd-party GitHub Actions disclaimer

* Sysdig Secure Inline Scan with SARIF report to starter workflows

* Added some extra comments, Github Actions V2 and changed env vars

* Reviews from PR #1110

* Adding 'Dockerfile' to category list

* Update according to PR review comments

* File renames as requested in PR comments

* Revert "Azure Data Factory CI starter workflow (#1111)" (#1146)

This reverts commit 7f30309cce.

* use env variables for user-set values (#1117)

Co-authored-by: Josh Gross <joshmgross@github.com>

* Apply suggestions from nickfyson's code review

Co-authored-by: Nick Fyson <nickfyson@github.com>

* removing "deployment" templates from sync-ghes (#1127)

* Update code-scanning/properties/sysdig-scan.properties.json

Co-authored-by: Nick Fyson <nickfyson@github.com>

* Update code-scanning/properties/sysdig-scan.properties.json

Co-authored-by: Nick Fyson <nickfyson@github.com>

* Changed svg logo

* Rename sysdig.svg to sysdig-scan.svg

* Switched svg logo (again) for a better fit

* Rename fortify.json to fortify.properties.json

* Correct character-case of "c" in Cloudrail

* AWS template also used Docker

* trigger on push instead of release (#1157)

Co-authored-by: Josh Gross <joshmgross@github.com>

* Adding MobSF starter workflow

* Adhering to pull request guidelines

* python: update to use python 3.10

Signed-off-by: Rui Chen <rui@chenrui.dev>

* Added new templates for 3 clouds.

* Revert "Added new templates for 3 clouds."

This reverts commit c765d6316f.

* Add ruby and update workflow

* Add workflow for Microsoft C++ Code Analysis

* Updated action to meet guidelines

* quote the version strings

* correct typo in msvc.properties.json

* Update codeql.properties.json

* Update code-scanning/properties/codeql.properties.json

Co-authored-by: Arthur Baars <arthur@semmle.com>

* Update codeql.properties.json

* Update codeql.properties.json

* Update code-scanning/mobsf.yml

Co-authored-by: Nick Fyson <nickfyson@github.com>

* Update code-scanning/properties/mobsf.properties.json

Co-authored-by: Nick Fyson <nickfyson@github.com>

* Fixed typo in workflow that will cause every run to fail

* Update commit SHA

* r: use setup-r@1 and include r@4 for starter (#1169)

* r: use setup-r@1 and include r@4 for starter

Signed-off-by: Rui Chen <rui@chenrui.dev>

* use sha instead of tag for external action

Co-authored-by: Josh Gross <joshmgross@github.com>

Co-authored-by: Josh Gross <joshmgross@github.com>

* elixir: refresh dependencies (#1212)

- setup action got renamed into `setup-beam`
- update elixir and erlang versions

Co-authored-by: Yoni Leitersdorf <y@indeni.com>
Co-authored-by: Ruud Senden <ruud.senden@microfocus.com>
Co-authored-by: Ruud Senden <8635138+rsenden@users.noreply.github.com>
Co-authored-by: Manuel Boira Cuevas <manuel.boira@MacBook-Pro.local>
Co-authored-by: manuelbcd <manuel.boira@sysdig.com>
Co-authored-by: Nick Fyson <nickfyson@github.com>
Co-authored-by: Sarah Edwards <skedwards88@github.com>
Co-authored-by: Josh Gross <joshmgross@github.com>
Co-authored-by: Aparna Ravindra <82894348+aparna-ravindra@users.noreply.github.com>
Co-authored-by: manuelbcd <manuelbcd@gmail.com>
Co-authored-by: Abir Majumdar <abirismyname@github.com>
Co-authored-by: Rui Chen <rui@chenrui.dev>
Co-authored-by: David Verdeguer <daverlo@github.com>
Co-authored-by: Daniel Winsor <danwin@microsoft.com>
Co-authored-by: David Verdeguer <47184891+Daverlo@users.noreply.github.com>
Co-authored-by: Arthur Baars <arthur@semmle.com>
Co-authored-by: Abir Majumdar <83433840+abirismyname@users.noreply.github.com>
Co-authored-by: Marco Gario <marcogario@github.com>
Co-authored-by: Andy McKay <andymckay@github.com>
2021-11-15 13:47:17 +05:30

59 lines
1.8 KiB
YAML

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# Find more information at:
# https://github.com/microsoft/msvc-code-analysis-action
name: Microsoft C++ Code Analysis
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
env:
# Path to the CMake build directory.
build: '${{ github.workspace }}/build'
jobs:
analyze:
name: Analyze
runs-on: windows-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Configure CMake
run: cmake -B ${{ env.build }}
# Build is not required unless generated source files are used
# - name: Build CMake
# run: cmake --build ${{ env.build }}
- name: Initialize MSVC Code Analysis
uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99
# Provide a unique ID to access the sarif output path
id: run-analysis
with:
cmakeBuildDirectory: ${{ env.build }}
# Ruleset file that will determine what checks will be run
ruleset: NativeRecommendedRules.ruleset
# Upload SARIF file to GitHub Code Scanning Alerts
- name: Upload SARIF to GitHub
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: ${{ steps.run-analysis.outputs.sarif }}
# Upload SARIF file as an Artifact to download and view
# - name: Upload SARIF as an Artifact
# uses: actions/upload-artifact@v2
# with:
# name: sarif-file
# path: ${{ steps.run-analysis.outputs.sarif }}