From fe70c5fda01f9a193b9e1cef1e2a138df9fe5cd5 Mon Sep 17 00:00:00 2001 From: Duan-0916 <76544421+Duan-0916@users.noreply.github.com> Date: Fri, 3 Nov 2023 16:13:54 +0800 Subject: [PATCH 1/2] cloud_code_scan.yml add code_scan_action --- .github/workflows/cloud_code_scan.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cloud_code_scan.yml b/.github/workflows/cloud_code_scan.yml index c84cb387b..6d294a745 100644 --- a/.github/workflows/cloud_code_scan.yml +++ b/.github/workflows/cloud_code_scan.yml @@ -1,11 +1,8 @@ name: Alipay Cloud Devops Codescan on: - push: - branches-ignore: - - 'dependabot/**' - + pull_request_target: jobs: - deployment: + stc: # 安全扫描 runs-on: ubuntu-latest steps: - name: codeScan @@ -13,3 +10,13 @@ jobs: with: parent_uid: ${{ secrets.ALI_PID }} private_key: ${{ secrets.ALI_PK }} + code_type: stc + sca: # 开源合规 + runs-on: ubuntu-latest + steps: + - name: codeScan + uses: layotto/alipay-cloud-devops-codescan@main + with: + parent_uid: ${{ secrets.ALI_PID }} + private_key: ${{ secrets.ALI_PK }} + code_type: sca From f62ba57fac696a730e81c959b838c0a664d2c95a Mon Sep 17 00:00:00 2001 From: Duan-0916 <76544421+Duan-0916@users.noreply.github.com> Date: Fri, 3 Nov 2023 17:21:20 +0800 Subject: [PATCH 2/2] Update cloud_code_scan.yml --- .github/workflows/cloud_code_scan.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cloud_code_scan.yml b/.github/workflows/cloud_code_scan.yml index 6d294a745..b46b90d56 100644 --- a/.github/workflows/cloud_code_scan.yml +++ b/.github/workflows/cloud_code_scan.yml @@ -10,7 +10,7 @@ jobs: with: parent_uid: ${{ secrets.ALI_PID }} private_key: ${{ secrets.ALI_PK }} - code_type: stc + scan_type: stc sca: # 开源合规 runs-on: ubuntu-latest steps: @@ -19,4 +19,4 @@ jobs: with: parent_uid: ${{ secrets.ALI_PID }} private_key: ${{ secrets.ALI_PK }} - code_type: sca + scan_type: sca