Skip to content

Commit

Permalink
refactoring: directly use cabal-audit
Browse files Browse the repository at this point in the history
  • Loading branch information
blackheaven committed Sep 3, 2024
1 parent 85410a4 commit a618ebe
Show file tree
Hide file tree
Showing 11 changed files with 112 additions and 1,566 deletions.
4 changes: 1 addition & 3 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,11 @@ jobs:
extra_nix_config: |
system-features = nixos-test benchmark big-parallel kvm
- uses: DeterminateSystems/magic-nix-cache-action@main
- run: nix build -L '.#packages.x86_64-linux."static-x86_64-unknown-linux-musl:github-action-scan:exe:github-action-scan"'
- run: nix flake check
- name: Extract tag name
shell: bash
run: echo "tag=$(echo ${GITHUB_REF##*/})" >> $GITHUB_OUTPUT
id: extract_tag
- run: nix build -L '.#packages.x86_64-linux.github-action-scan-image'
- run: nix build -L
- run: docker load -i result
- name: Log in to the Container registry
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')
Expand Down
14 changes: 2 additions & 12 deletions action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,30 +25,20 @@ outputs:
runs:
using: composite
steps:
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ inputs.token }}
- name: Extract
shell: bash
env:
CHECKOUT_PATH: ${{ inputs.checkout_path }}
run: |
cd "$CHECKOUT_PATH"
export IMG=ghcr.io/blackheaven/haskell-security-action:master
docker pull $IMG
docker create --name dummy $IMG
docker cp -L dummy:/bin/github-action-scan github-action-scan
docker rm -f dummy
wget https://github.com/blackheaven/cabal-audit/releases/download/nightly/cabal-audit
- name: Run Haskell Security Action
shell: bash
env:
CHECKOUT_PATH: ${{ inputs.checkout_path }}
run: |
cd "$CHECKOUT_PATH"
./github-action-scan --sarif results.sarif
./cabal-audit --sarif | tee results.sarif
cat results.sarif
- name: Upload SARIF file
id: upload-sarif
Expand Down
167 changes: 0 additions & 167 deletions app/Main.hs

This file was deleted.

26 changes: 0 additions & 26 deletions cabal.project

This file was deleted.

Loading

0 comments on commit a618ebe

Please sign in to comment.