Skip to content

Executing various SCAs on UK-Export-Finance/mdm-api πŸ”οΈ #861

Executing various SCAs on UK-Export-Finance/mdm-api πŸ”οΈ

Executing various SCAs on UK-Export-Finance/mdm-api πŸ”οΈ #861

Workflow file for this run

# MDM-API Git Hub Actions
#####################################
# This GHA performs SCA amongst following remits:
# 1. Code quality
# 2. Code coverage
# 3. Vulnerabilities
# 4. Licensing
name: Source Code Analysis
run-name: Executing various SCAs on ${{ github.repository }} πŸ”οΈ
on:
pull_request:
branches: [main]
env:
environment: "qa"
timezone: "Europe/London"
jobs:
# 1. Setup test infrastructure
setup:
name: Infrastructure setup πŸ”§
runs-on: ubuntu-latest
outputs:
environment: ${{ env.environment }}
timezone: ${{ env.timezone }}
steps:
- name: Environment πŸ§ͺ
run: echo "Environment set to ${{ env.environment }}"
- name: Timezone 🌐
run: echo "Timezone set to ${{ env.timezone }}"
# 2. Code quality - SCA
codacy:
name: Codacy πŸ”–
needs: setup
environment:
name: ${{ needs.setup.outputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Repository
uses: actions/checkout@v4
- name: Codacy
uses: codacy/codacy-analysis-cli-action@master
with:
verbose: true
# 3. Licensing - SCA
license:
name: Licensing ✏️
needs: setup
environment:
name: ${{ needs.setup.outputs.environment }}
runs-on: ubuntu-latest
steps:
- name: Repository
uses: actions/checkout@v4
- name: Fossa
uses: fossas/fossa-action@main
with:
api-key: ${{ secrets.FOSSA_API_KEY }}