Skip to content

🌱 Add OSV scanner PR and schedule workflows #7

🌱 Add OSV scanner PR and schedule workflows

🌱 Add OSV scanner PR and schedule workflows #7

# This file is adapted from https://github.com/google/osv-scanner
name: OSV-Scanner Scan
on:
pull_request:
branches:
- 'main'
- 'release-*'
push:
branches:
- 'main'
- 'release-*'
schedule:
- cron: "12 12 * * 1"
# Restrict jobs in this workflow to have no permissions by default; permissions
# should be granted per job as needed using a dedicated `permissions` block
permissions: {}
jobs:
scan-scheduled:
permissions:
contents: read # to fetch code (actions/checkout)
security-events: write # for uploading SARIF files
if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
uses: "github.com/metal3-io/ip-address-manager/.github/workflows/osv-scanner-pr.yml@main"

Check failure on line 28 in .github/workflows/osv-scanner-schedule-scan.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/osv-scanner-schedule-scan.yml

Invalid workflow file

invalid value workflow reference: references to workflows must be prefixed with format 'owner/repository/' or './' for local workflows
scan-pr:
permissions:
contents: read # to fetch code (actions/checkout)
security-events: write # for uploading SARIF files
if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
uses: "github.com/metal3-io/ip-address-manager/.github/workflows/osv-scanner-pr.yml@main"