fix: add security results upload

filipeforattini · May 11, 2022 · c4ddda2 · c4ddda2
1 parent ccada2c
commit c4ddda2
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 74 deletions.
diff --git a/.github/workflows/self-pull-request.yml → .github/workflows/_self-pull-request.yml b/.github/workflows/self-pull-request.yml → .github/workflows/_self-pull-request.yml
@@ -1,9 +1,7 @@
 name: self-pull-request
 on: [ pull_request ]
 
-
 jobs:
-
   Base-Analysis:
     runs-on: ubuntu-latest
 
@@ -13,13 +11,11 @@ jobs:
       security-events: write
 
     steps:
-      # pre-job
       - name: Setup | Cloning repository
         uses: actions/checkout@v3
         with:
           fetch-depth: '0'
 
-      #job
       - name: Run GitLeaks
         uses: docker://opendevsecops/gitleaks
         env:
@@ -30,43 +26,13 @@ jobs:
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v1
 
-  Language-Analysis:
-    runs-on: ubuntu-latest
-
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-
-      matrix:
-        language:
-          - javascript
-
-    steps:
-      # pre-job
-      - name: Setup | Cloning repository
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: '0'
-
-      #job
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2
         with:
-          languages: ${{ matrix.language }}
+          languages: 'javascript'
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2
-        with:
-          category: ${{ matrix.language }}-${{ env.GITHUB_SHA }}
-
-      - name: Upload sarif file
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          category: ${{ matrix.language }}-${{ env.GITHUB_SHA }}
 
   Ossar-Analysis:
     runs-on: windows-latest

diff --git a/.github/workflows/self-push.yml → .github/workflows/_self-push.yml b/.github/workflows/self-push.yml → .github/workflows/_self-push.yml
@@ -1,10 +1,7 @@
 name: self-push
 on: [ push ]
 
-
 jobs:
-
-
   Base-Analysis:
     runs-on: ubuntu-latest
 
@@ -14,58 +11,25 @@ jobs:
       security-events: write
 
     steps:
-      # pre-job
       - name: Setup | Cloning repository
         uses: actions/checkout@v3
         with:
           fetch-depth: '0'
 
-      #job
       - name: Run GitLeaks
         uses: docker://opendevsecops/gitleaks
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           args: --repo=https://github.com/${{github.repository}} 
 
-
-  Language-Analysis:
-    runs-on: ubuntu-latest
-
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-
-      matrix:
-        language:
-          - javascript
-
-    steps:
-      # pre-job
-      - name: Setup | Cloning repository
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: '0'
-
-      #job
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2
         with:
-          languages: ${{ matrix.language }}
+          languages: javascript
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2
-        with:
-          category: ${{ matrix.language }}-${{ env.GITHUB_SHA }}
-
-      - name: Upload sarif file
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          category: ${{ matrix.language }}-${{ env.GITHUB_SHA }}
 
   Ossar-Analysis:
     runs-on: windows-latest
@@ -87,12 +51,10 @@ jobs:
       with:
         sarif_file: ${{ steps.ossar.outputs.sarifFile }}
 
-
   Release:
     runs-on: ubuntu-latest
     needs: 
       - Base-Analysis
-      - Language-Analysis
       - Ossar-Analysis
 
     steps: