-
Notifications
You must be signed in to change notification settings - Fork 0
35 lines (31 loc) · 1.08 KB
/
sonar_scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
name: SonarCloud Security Scan
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
jobs:
sonarcloud_security_scan:
name: SonarCloud
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Check vulnerabilities
run: |
if [ $? -ne 0 ]; then
echo "Vulnerabilities found. Reverting to previous version..."
git config --global user.email "[email protected]"
git config --global user.name "rodrigo3829l"
git reset --hard HEAD^
git push https://github.com/rodrigo3829l/db_api_mygarden_llc.git --force
else
echo "No vulnerabilities found. Proceeding with the current version..."
fi