Added SecurityCodeScan to the repo.

AZProductions · Jul 26, 2021 · e839f22 · e839f22
1 parent 960ef3f
commit e839f22
Showing 1 changed file with 39 additions and 0 deletions.
diff --git a/.github/workflows/securitycodescan-analysis.yml b/.github/workflows/securitycodescan-analysis.yml
@@ -0,0 +1,39 @@
+# This workflow integrates SecurityCodeScan with GitHub's Code Scanning feature
+# SecurityCodeScan is a vulnerability patterns detector for C# and VB.NET
+
+name: SecurityCodeScan
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'scr/*'
+  pull_request:
+    branches: [ main ]
+    paths:
+      - 'src/*'
+
+jobs:
+  SCS:
+    runs-on: windows-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: nuget/setup-nuget@v1.0.5
+      - uses: microsoft/setup-msbuild@v1.0.2
+
+      - name: Set up projects for analysis
+        uses: security-code-scan/security-code-scan-add-action@main
+
+      - name: Restore dependencies
+        working-directory: ./src
+        run: dotnet restore
+
+      - name: Build
+        working-directory: ./src
+        run: dotnet build --no-restore
+
+      - name: Convert sarif for uploading to GitHub
+        uses: security-code-scan/security-code-scan-results-action@main
+
+      - name: Upload sarif
+        uses: github/codeql-action/upload-sarif@v1