Skip to content
source scan

source scan #5470

Sign in to view logs

source scan

source scan #5470

Workflow file for this run

.github/workflows/source-scan.yml at 5fac5fc
name: source scan
on:
pull_request: {}
workflow_dispatch: {}
merge_group: {}
jobs:
git-secrets-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Checkout git-secrets repo
uses: actions/checkout@v4
with:
repository: awslabs/git-secrets
path: git-secrets
- name: Install git-secrets
run: |-
cd git-secrets && sudo make install
- name: Git secrets scan
run: |-
git secrets --register-aws
git secrets --scan
license-check:
name: license check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install license-header-checker
run: |-
mkdir -p /tmp/license-check
curl -s https://raw.githubusercontent.com/lluissm/license-header-checker/master/install.sh | bash -s -- -b /tmp/license-check
- name: Run license check
env:
LICENSE_FILE: /tmp/license-check/license-header.txt
run: |-
sed -n 1,12p .projenrc.js > $LICENSE_FILE && cat $LICENSE_FILE
/tmp/license-check/license-header-checker -a -r -i node_modules,cdk.out,coverage $LICENSE_FILE . ts tsx js java
([[ -z `git status -s` ]] || (echo "Found files violate with license header" && exit 1))
viperlight:
name: pre-build scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 16
- name: Pre-build scan
run: |-
curl https://viperlight-scanner.s3.us-east-1.amazonaws.com/latest/.viperlightrc -o .viperlightrc
curl https://viperlight-scanner.s3.us-east-1.amazonaws.com/latest/codescan-funcs.sh -o codescan-funcs.sh
curl https://viperlight-scanner.s3.us-east-1.amazonaws.com/latest/viperlight.zip -o viperlight.zip
unzip -q viperlight.zip -d ../viperlight && rm viperlight.zip
./codescan-prebuild-custom.sh