mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ci: add OpenSSF scorecard analysis 

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
pull/2921/head
Mark Sagi-Kazar 3 years ago
parent
f77daa9a00
commit
7603d4639e
2 changed files with 48 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 47
      .github/workflows/analysis-scorecard.yaml
  2. 1
      README.md

47
.github/workflows/analysis-scorecard.yaml
Unescape View File

@ -0,0 +1,47 @@
name: OpenSSF Scorecard
on:
branch_protection_rule:
push:
branches: [ main ]
schedule:
- cron: '30 0 * * 5'
permissions:
contents: read
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
id-token: write
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
persist-credentials: false
- name: Run analysis
uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
with:
results_file: results.sarif
results_format: sarif
publish_results: true
- name: Upload results as artifact
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: OpenSSF Scorecard results
path: results.sarif
retention-days: 5
- name: Upload results to GitHub Security tab
uses: github/codeql-action/upload-sarif@8662eabe0e9f338a07350b7fd050732745f93848 # v2.3.1
with:
sarif_file: results.sarif

1
README.md
Unescape View File

@ -1,6 +1,7 @@
# dex - A federated OpenID Connect provider
![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/dexidp/dex/ci.yaml?style=flat-square&branch=master)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/dexidp/dex/badge?style=flat-square)](https://api.securityscorecards.dev/projects/github.com/dexidp/dex)
[![Go Report Card](https://goreportcard.com/badge/github.com/dexidp/dex?style=flat-square)](https://goreportcard.com/report/github.com/dexidp/dex)
[![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod&style=flat-square)](https://gitpod.io/#https://github.com/dexidp/dex)

Write Preview
Loading…
Cancel
Save