acars-decoder-typescript/.github/workflows/ci.yml at master · airframesio/acars-decoder-typescript · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
name: Grype CI
on:
  workflow_dispatch:
  push:

permissions:
  # required for all workflows
  security-events: write
  # only required for workflows in private repositories
  actions: read
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
      - name: Scan current project
        id: scan
        uses: anchore/scan-action@v7
        with:
          path: '.'
      - name: upload Anchore scan SARIF report
        uses: github/codeql-action/upload-sarif@v4
        with:
          sarif_file: ${{ steps.scan.outputs.sarif }}
      - name: Inspect action SARIF report
        run: cat ${{ steps.scan.outputs.sarif }}