Generate report #1192
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # report the data stored in the repository | |
| name: Generate report | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - .github/workflows/report.yml | |
| - .github/workflows/report.ps1 | |
| schedule: | |
| - cron: '1 9 * * *' | |
| workflow_dispatch: | |
| jobs: | |
| report: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Get App Token | |
| id: get_workflow_token | |
| uses: rajbos-actions/[email protected] | |
| with: | |
| application_id: 264650 | |
| application_private_key: ${{ secrets.Automation_App_Key }} | |
| organization: actions-marketplace-validations | |
| - shell: pwsh | |
| name: Run reporting script | |
| run: | | |
| $actions=(cat status.json | ConvertFrom-Json) | |
| Write-Host "Found [$($actions.Length)] actions in the datafile" | |
| $token="${{ steps.get_workflow_token.outputs.token }}" # this one expires after an hour | |
| $token="${{ secrets.ACCESS_TOKEN }}" # using this to prevent issues in the current run, as it takes 1h 42mins atm | |
| ./.github/workflows/report.ps1 -actions $actions -logSummary "$($env:GITHUB_STEP_SUMMARY)" -access_token_destination $token | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: report | |
| path: VulnerableRepos-**.txt | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: SecretScanningAlerts | |
| path: secretScanningAlerts.json |