File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ # This workflow uses actions that are not certified by GitHub.
2+ # They are provided by a third-party and are governed by
3+ # separate terms of service, privacy policy, and support
4+ # documentation.
5+ #
6+ # This workflow file requires a free account on Bearer.com to manage findings, notifications and more.
7+ # See https://docs.bearer.com/guides/bearer-cloud/
8+ name : Bearer
9+
10+ on :
11+ push :
12+ branches : ["main" ]
13+ pull_request :
14+ # The branches below must be a subset of the branches above
15+ branches : ["main"]
16+ schedule :
17+ - cron : ' 25 16 * * 3'
18+
19+ permissions :
20+ contents : read # for actions/checkout to fetch code
21+ security-events : write # for github/codeql-action/upload-sarif to upload SARIF results
22+ actions : read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
23+
24+ jobs :
25+ bearer :
26+ runs-on : ubuntu-latest
27+ steps :
28+ # Checkout project source
29+ - uses : actions/checkout@v4
30+ # Scan code using Bearer CLI
31+ - name : Run Report
32+ id : report
33+ uses : bearer/bearer-action@828eeb928ce2f4a7ca5ed57fb8b59508cb8c79bc
34+ with :
35+ api-key : ${{ secrets.BEARER_TOKEN }}
36+ format : sarif
37+ output : results.sarif
38+ exit-code : 0
39+ # Upload SARIF file generated in previous step
40+ - name : Upload SARIF file
41+ uses : github/codeql-action/upload-sarif@v3
42+ with :
43+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments