Update .gitea/workflows/mobsf.yml
Some checks failed
MobSF Security Scan / mobsf-analysis (push) Failing after 10s
Some checks failed
MobSF Security Scan / mobsf-analysis (push) Failing after 10s
This commit is contained in:
@@ -8,18 +8,13 @@ jobs:
|
|||||||
- name: Checkout Code
|
- name: Checkout Code
|
||||||
uses: https://github.com/actions/checkout@v4
|
uses: https://github.com/actions/checkout@v4
|
||||||
|
|
||||||
- name: Run MobSF Scan
|
# By using 'uses', Gitea handles the Docker volume mounting automatically
|
||||||
run: |
|
- name: Run mobsfscan
|
||||||
# 1. Create a placeholder
|
uses: https://github.com/MobSF/mobsfscan@main
|
||||||
echo "<html><body><h1>Scan Results</h1><p>No issues.</p></body></html>" > report.html
|
with:
|
||||||
|
# This tells the action to scan the current directory
|
||||||
# 2. POINT DIRECTLY TO SOURCE
|
# We generate both HTML and JSON to be safe
|
||||||
# We map the root to /src, but tell mobsfscan to only scan /src/app/src/main
|
args: '. --html --output report.html'
|
||||||
# This forces it to ignore Gradle/Wrapper files and focus on your code
|
|
||||||
docker run --rm \
|
|
||||||
-v "${{ github.workspace }}:/src" \
|
|
||||||
opensecurity/mobsfscan:latest \
|
|
||||||
--html -o /src/report.html /src/app/src/main || true
|
|
||||||
|
|
||||||
- name: Upload Report to Gitea
|
- name: Upload Report to Gitea
|
||||||
uses: https://gitea.com/actions/upload-artifact@v3
|
uses: https://gitea.com/actions/upload-artifact@v3
|
||||||
|
|||||||
Reference in New Issue
Block a user