Analyze #517

Workflow file for this run

.github/workflows/analyze.yaml at 52896fb

	#
	# Repository analysis
	#

	# NOTES:
	# This workflow uses PSRule, CodeQL, and DevSkim.
	# You can read more about these linting tools and configuration options here:
	# PSRule - https://aka.ms/ps-rule and https://github.com/Microsoft/PSRule.Rules.MSFT.OSS
	# CodeQL - https://codeql.github.com/docs/codeql-overview/about-codeql/
	# DevSkim - https://github.com/microsoft/DevSkim-Action and https://github.com/Microsoft/DevSkim

	name: Analyze
	on:
	push:
	branches: [main, 'release/*']
	pull_request:
	branches: [main, 'release/*']
	schedule:
	- cron: '26 21 * * 0' # At 09:26 PM, on Sunday each week
	workflow_dispatch:

	permissions: {}

	jobs:
	oss:
	name: Analyze with PSRule
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Run PSRule analysis
	uses: microsoft/ps-rule@main
	with:
	modules: PSRule.Rules.MSFT.OSS
	prerelease: true

	devskim:
	name: Analyze with DevSkim
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Run DevSkim scanner
	uses: microsoft/DevSkim-Action@v1
	with:
	directory-to-scan: src/

	- name: Upload results to security tab
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: devskim-results.sarif

	codeql:
	name: Analyze with CodeQL
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: 'csharp'

	- name: Autobuild
	uses: github/codeql-action/autobuild@v2

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Analyze #517

Workflow file

Analyze #517

Jobs

Run details

Workflow file for this run