++

Fraunhofer-AISEC · Sep 6, 2024 · ea3ebd1 · ea3ebd1
1 parent bf321e6
commit ea3ebd1
Showing 1 changed file with 20 additions and 61 deletions.
diff --git a/.github/workflows/detekt.yml b/.github/workflows/detekt.yml
@@ -1,72 +1,31 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-# This workflow performs a static analysis of your Kotlin source code using
-# Detekt.
-#
-# Scans are triggered:
-# 1. On every push to default and protected branches
-# 2. On every Pull Request targeting the default branch
-# 3. On a weekly schedule
-# 4. Manually, on demand, via the "workflow_dispatch" event
-#
-# The workflow should work with no modifications, but you might like to use a
-# later version of the Detekt CLI by modifying the $DETEKT_RELEASE_TAG
-# environment variable.
-name: Scan with Detekt
+name: detekt
 
 on:
-  # Triggers the workflow on push or pull request events but only for default and protected branches
   push:
-    branches: [ "main", "release/*" ]
+    branches: ["main", "release/*"]
   pull_request:
-    branches: [ "main" ]
-
-  # Allows you to run this workflow manually from the Actions tab
+    branches: ["main"]
   workflow_dispatch:
 
-# A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  # This workflow contains a single job called "scan"
   scan:
-    name: Scan
-    # The type of runner that the job will run on
+    name: detekt
     runs-on: ubuntu-latest
 
-    # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-    - uses: actions/checkout@v4
-
-    - name: Setup detekt
-      uses: peter-murray/setup-detekt@v2
-      with:
-        detekt_version: 1.20
-
-    # Performs static analysis using Detekt
-    - name: Run Detekt
-      continue-on-error: true
-      run: |
-        detekt-cli --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
-
-    # Modifies the SARIF output produced by Detekt so that absolute URIs are relative
-    # This is so we can easily map results onto their source files
-    # This can be removed once relative URI support lands in Detekt: https://git.io/JLBbA
-    - name: Make artifact location URIs relative
-      continue-on-error: true
-      run: |
-        echo "$(
-          jq \
-            --arg github_workspace ${{ github.workspace }} \
-            '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \
-            ${{ github.workspace }}/detekt.sarif.json
-        )" > ${{ github.workspace }}/detekt.sarif.json
-
-    # Uploads results to GitHub repository using the upload-sarif action
-    - uses: github/codeql-action/upload-sarif@v3
-      with:
-        # Path to SARIF file relative to the root of the repository
-        sarif_file: ${{ github.workspace }}/detekt.sarif.json
-        checkout_path: ${{ github.workspace }}
+      - uses: actions/checkout@v4
+      - name: Setup detekt
+        uses: peter-murray/setup-detekt@v2
+        with:
+          detekt_version: "1.20"
+      - name: Run Detekt
+        continue-on-error: true
+        run: |
+          detekt-cli --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
+
+      # Uploads results to GitHub repository using the upload-sarif action
+      - uses: github/codeql-action/upload-sarif@v3
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: ${{ github.workspace }}/detekt.sarif.json
+          checkout_path: ${{ github.workspace }}