https://github.com/kenmuse/code-scanning-alerts-workflow

Sample GH workflow showing how to analyze code scanning alerts using Actions
https://github.com/kenmuse/code-scanning-alerts-workflow

actions gh-api sample

Last synced: 2 months ago
JSON representation

Sample GH workflow showing how to analyze code scanning alerts using Actions

• Host: GitHub
• URL: https://github.com/kenmuse/code-scanning-alerts-workflow
• Owner: kenmuse
• License: mit
• Created: 2022-06-13T20:47:04.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2022-07-11T13:10:08.000Z (almost 3 years ago)
• Last Synced: 2025-02-12T19:48:40.911Z (4 months ago)
• Topics: actions, gh-api, sample
• Homepage:
• Size: 5.86 KB
• Stars: 2
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Code Scanning Alerts Workflow

This sample GitHub workflow demonstrates how the GitHub CLI can be used to retrieve

and analyze results, displaying them as part of the build output using Markdown. 

Optionally, the workflow can use Bash scripting and the CLI to dynamically reset the

status for dismissed alerts to `open`.

## Additional features

The code also demonstrates:

- How to dynamically create environment variables for a job (by appending data to $GITHUB_ENV)

- Illustrates differences in behavior for `${{ env.variable }}` expressions compared to 

using Bash `$VARIABLE`.

- Creating Markdown-based build outputs (using $GITHUB_STEP_SUMMARY)

- Using `jq` to process data

- Using `@base64` to make it easier to process rows of data in Bash