Adding a github security scan for psalm (#344)

open-telemetry · May 27, 2021 · bbc09fb · bbc09fb
1 parent 60618f1
commit bbc09fb
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/.github/workflows/psalm-security-analysis.yml b/.github/workflows/psalm-security-analysis.yml
@@ -0,0 +1,24 @@
+name: Psalm Security Analysis
+
+on: [push, pull_request]
+
+jobs:
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Psalm
+        uses: docker://vimeo/psalm-github-actions
+        with:
+          composer_require_dev: true
+          composer_ignore_platform_reqs: true
+          security_analysis: true
+          report_file: results.sarif
+
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif