fabric-chaincode-java/.github/workflows/scan.yml at b060d092fd5283cbca8d5a5f87f7a25309918428 · bestbeforetoday/fabric-chaincode-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: "Scheduled vulnerability scan"

on:
  workflow_call:
    inputs:
      ref:
        description: Branch, tag or SHA to scan.
        type: string
        required: false
        default: ""

permissions:
  contents: read

jobs:
  osv-scanner:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.ref }}
      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 # Needed for scanning of v2.5.5 and earlier
        with:
          go-version: stable
          cache: false
      - uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
        with:
          distribution: temurin
          java-version: 21
      - uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
      - name: Scan
        run: make scan