2026-05-13 07:18:17 +02:00
|
|
|
name: NYX Security Scan
|
|
|
|
|
|
|
|
|
|
on:
|
|
|
|
|
pull_request:
|
|
|
|
|
branches: [main, master]
|
|
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
|
nyx-scan:
|
2026-05-13 10:15:16 +02:00
|
|
|
runs-on: docker-amd64
|
2026-05-13 07:18:17 +02:00
|
|
|
|
|
|
|
|
steps:
|
2026-05-13 10:15:16 +02:00
|
|
|
- name: Checkout PR
|
2026-05-13 07:18:17 +02:00
|
|
|
run: |
|
2026-05-13 10:15:16 +02:00
|
|
|
git clone --depth=1 \
|
|
|
|
|
"https://oauth2:${{ github.token }}@bitfreedom.net/code/${{ github.repository }}.git" \
|
|
|
|
|
.
|
|
|
|
|
git fetch --depth=1 origin ${{ github.sha }}
|
|
|
|
|
git checkout ${{ github.sha }}
|
2026-05-13 07:18:17 +02:00
|
|
|
|
2026-05-13 10:15:16 +02:00
|
|
|
- name: Fetch action source
|
2026-05-13 07:18:17 +02:00
|
|
|
run: |
|
2026-05-13 10:15:16 +02:00
|
|
|
git clone --depth=1 --branch master \
|
|
|
|
|
"https://oauth2:${{ github.token }}@bitfreedom.net/code/nomyo-ai/actions.git" \
|
|
|
|
|
./.nyx-action
|
2026-05-13 07:18:17 +02:00
|
|
|
|
2026-05-13 10:15:16 +02:00
|
|
|
- uses: ./.nyx-action/nyx-scan
|
2026-05-13 07:18:17 +02:00
|
|
|
with:
|
2026-05-13 10:15:16 +02:00
|
|
|
forgejo_push_token: ${{ secrets.FORGEJO_PUSH_TOKEN }}
|
|
|
|
|
repository: ${{ github.repository }}
|
|
|
|
|
pr_number: ${{ github.event.pull_request.number }}
|
|
|
|
|
sha: ${{ github.sha }}
|
|
|
|
|
fail_on: HIGH
|
