uds-package-socketzero/.github/workflows/scan.yaml at main · radiusmethod/uds-package-socketzero · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial

name: Scan

on:
  # This workflow is triggered on pull requests to the main branch.
  pull_request:
    paths:
      - zarf.yaml
      - releaser.yaml
      - .release-please-manifest.json

jobs:
  scan:
    permissions:
      contents: read # Allows reading the content of the repository.
      packages: read # Allows reading the content of the repository's packages.
      id-token: write # Allows authentication to Rapidfort via OIDC.
      pull-requests: write # Allows writing the scan results comment to the pull request.
    uses: defenseunicorns/uds-common/.github/workflows/callable-scan.yaml@730d22c6e061153d525a6d6f932e108ae952bd46 # v1.23.0
    secrets: inherit # Inherits all secrets from the parent workflow.