# This workflow integrates Scan with GitHub's code scanning feature # Scan is a free open-source security tool for modern DevOps teams from ShiftLeft # Visit https://slscan.io/en/latest/integrations/code-scan for help name: SL Scan on: push: branches: [ master ] pull_request: # The branches below must be a subset of the branches above branches: [ master ] schedule: - cron: '16 22 * * 4' jobs: Scan-Build: # Scan runs on ubuntu, mac and windows runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 # potentially add composer install steo here - name: Perform Scan uses: ShiftLeftSecurity/scan-action@master env: WORKSPACE: "" GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SCAN_AUTO_BUILD: true with: output: reports # Scan auto-detects the languages. - name: Upload report uses: github/codeql-action/upload-sarif@v2 with: sarif_file: reports