generated from nhcarrigan/template
26 lines
701 B
YAML
26 lines
701 B
YAML
name: Security Scan
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
# Midnight every Monday
|
|
- cron: '0 0 * * 1'
|
|
|
|
jobs:
|
|
lint:
|
|
name: Scan Repositories
|
|
runs-on: [security-runner]
|
|
|
|
steps:
|
|
- name: Checkout Source Files
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Binaries
|
|
run: |
|
|
sudo apt-get install gitleaks trivy
|
|
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b /usr/local/bin
|
|
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sudo sh -s -- -b /usr/local/bin
|
|
curl -fsSL https://get.pnpm.io/install.sh | sh -
|
|
|
|
- name: Run scan
|
|
run: ./cron.sh
|