diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml index dda37b2..54f39bb 100644 --- a/.github/workflows/code-analysis.yml +++ b/.github/workflows/code-analysis.yml @@ -1,28 +1,9 @@ name: Code Analysis on: workflow_call -# push: -# branches: [ $default-branch ] -# pull_request: -# branches: [ $default-branch ] env: SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }} - -jobs: - sourceguard: - runs-on: ubuntu-latest - container: - image: sourceguard/sourceguard-cli:latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: '0' - - name: SourceGuard Scan - uses: CheckPointSW/sourceguard-action@main - with: - SG_CLIENT_ID: ${{ secrets.SG_CLIENT_ID }} - SG_SECRET_KEY: ${{ secrets.SG_SECRET_KEY }} spectral: runs-on: ubuntu-latest diff --git a/README.md b/README.md index 43c5cb2..b02b3fb 100644 --- a/README.md +++ b/README.md @@ -18,19 +18,12 @@ on: jobs: code-analysis: - uses: CheckPointSW/secure-code-workflow/.github/workflows/code-analysis.yml@main + uses: CheckPointSW/secure-code-workflow/.github/workflows/code-analysis.yml@latest secrets: inherit ``` ### Configuration -SourceGuard action must receive: - -- `SG_CLIENT_ID` - Infinity Portal account identification -- `SG_SECRET_KEY` - Secret key for access - -To generate these parameters, refer to https://portal.checkpoint.com/dashboard/sourceguard#/config/install (select your required Tenant) > GENERATE TOKEN - Spectral action must receive: - `SPECTRAL_DSN` - You'll need to provide Spectral dsn. [GitHub secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets).