diff options
| -rw-r--r-- | .github/workflows/osv-scanner-pr.yml | 18 | ||||
| -rw-r--r-- | .github/workflows/osv-scanner-scheduled.yml | 21 |
2 files changed, 39 insertions, 0 deletions
diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml new file mode 100644 index 0000000000..8280222c8d --- /dev/null +++ b/.github/workflows/osv-scanner-pr.yml @@ -0,0 +1,18 @@ +--- +name: OSV-Scanner PR Scan + +on: + pull_request: + workflow_dispatch: + +permissions: + # Require writing security events to upload SARIF file to security tab + security-events: write + # Only need to read contents + contents: read + actions: read + +jobs: + scan-pr: + # yamllint disable rule:line-length + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@dfa8609a7da62968d73f63f279418e504c1f523f" # v1.8.1 diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml new file mode 100644 index 0000000000..9a9ab1fe4d --- /dev/null +++ b/.github/workflows/osv-scanner-scheduled.yml @@ -0,0 +1,21 @@ +--- +name: OSV-Scanner Scheduled Scan + +on: + schedule: + - cron: "30 12 * * 1" + push: + branches: [main] + workflow_dispatch: + +permissions: + # Require writing security events to upload SARIF file to security tab + security-events: write + # Only need to read contents + contents: read + actions: read + +jobs: + scan-scheduled: + # yamllint disable rule:line-length + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@dfa8609a7da62968d73f63f279418e504c1f523f" # v1.8.1 |