-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathaction.yml
More file actions
48 lines (42 loc) · 1.48 KB
/
action.yml
File metadata and controls
48 lines (42 loc) · 1.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
name: 'Dfetch Check'
description: 'Run dfetch check and upload SARIF results.'
author: 'dfetch-org'
branding:
icon: 'check-circle'
color: 'blue'
inputs:
working-directory:
description: 'Directory to run dfetch in (default: project root)'
required: false
default: '.'
outputs:
sarif-path:
description: 'Path to the generated SARIF file.'
value: sarif.json
runs:
using: 'composite'
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Python
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.13'
# Install dfetch from main if NOT running on a branch in the dfetch repo
- name: Install dfetch from GitHub
if: ${{ github.repository != 'dfetch-org/dfetch' || github.ref_name == 'main' }}
run: pip install git+https://github.com/dfetch-org/dfetch.git@main#egg=dfetch
shell: bash
# Install dfetch locally if running inside the dfetch repo
- name: Install dfetch locally
if: ${{ github.repository == 'dfetch-org/dfetch' }}
run: pip install .
shell: bash
- name: Run dfetch check (SARIF)
run: dfetch check --sarif sarif.json
shell: bash
working-directory: ${{ inputs.working-directory }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@17783bfb99b07f70fae080b654aed0c514057477 # v3.30.7
with:
sarif_file: sarif.json