Skip to content

Commit

Permalink
Update cloud_code_scan.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@huqiuxiang
huqiuxiang authored Jan 2, 2025
1 parent 9a8bbc8 commit 03696e8
Showing 1 changed file with 4 additions and 11 deletions.
15 changes: 4 additions & 11 deletions .github/workflows/cloud_code_scan.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,28 +6,21 @@ on:
branches: [ master ]
#pull_request_target:
jobs:
# # stc作业使用了ubuntu-latest作为运行环境,包含了一个步骤(steps)codeScan,该步骤使用了layotto/alipay-cloud-devops-codescan@main作为GitHub Action,并传入了一些参数(parent_uid、private_key、code_type)
stc: # 安全扫描
stc: #安全扫描
runs-on: ubuntu-latest
steps:
- name: codeScan
uses: huqiuxiang/alipay-cloud-devops-codescan@new_stc
uses: layotto/alipay-cloud-devops-codescan@main
with:
parent_uid: ${{ secrets.ALI_PID }}
private_key: ${{ secrets.ALI_PK }}
scan_type: stc
# 按需配置,不配置为空即可注意‘’中需要有空格,或直接去点tips
tips: '可以加入钉钉群:xxxx 来申请查看权限'
# sca作业也使用了ubuntu-latest作为运行环境。sca作业也包含了一个步骤codeScan,使用了相同的GitHub Action,并传入了相同的参数。
# 此YAML文件定义了两个作业,分别用于进行安全扫描和开源合规的代码扫描,使用了相同的GitHub Action,并传入了不同的参数。
scan_type: stc
sca: # 开源合规
runs-on: ubuntu-latest
steps:
- name: codeScan
uses: huqiuxiang/alipay-cloud-devops-codescan@new_stc
uses: layotto/alipay-cloud-devops-codescan@main
with:
parent_uid: ${{ secrets.ALI_PID }}
private_key: ${{ secrets.ALI_PK }}
scan_type: sca
# 按需配置,不配置为空即可注意‘’中需要有空格,或直接去点tips
tips: '可以加入钉钉群:xxxx 来申请查看权限'

0 comments on commit 03696e8

Please sign in to comment.