Rajendra.Reddy/mobsf-testing-sample-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update .gitea/workflows/mobsf.yml
All checks were successful
MobSF Security Scan / mobsf-analysis (push) Successful in 12s
Details

Browse Source
This commit is contained in:
Rajendra Reddy
2026-02-18 19:21:37 +00:00
parent c022ea54ce
commit a5eb6b557d
1 changed files with 4 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.gitea/workflows/mobsf.yml
View File

@@ -5,43 +5,23 @@ jobs:
mobsf-analysis:
runs-on: ubuntu-latest
steps:
# 1. Checkout code into the runner's workspace
- name: Checkout Code
uses: https://github.com/actions/checkout@v4
# 2. Prepare the environment
# We create the report file first so the upload step doesn't crash if scan is clean
- name: Prepare Report File
run: |
echo "<html><body><h1>MobSF Scan Results</h1><p>No vulnerabilities were detected in this run.</p></body></html>" > report.html
echo "<html><body><h1>Scan Results</h1><p>No issues found.</p></body></html>" > report.html
chmod 777 report.html
- name: Debug Workspace Files
run: |
echo "Files in /workspace:"
ls -R
# 3. Run MobSF Scan using Docker
# We mount the Gitea Workspace volume into the MobSF container
# - name: Run MobSF Scan
# run: |
# docker run --rm \
# -v "${{ github.workspace }}:/src" \
# opensecurity/mobsfscan:latest \
# /src --html --output /src/report.html || true
## ... previous steps ...
- name: Run MobSF Scan
run: |
# 1. We added --type directory to stop it from ignoring "non-android" files
# 2. We added -v for verbose output so we can see what it's doing
# We scan the root ('.') and use verbose (-v) to see what is happening
# We use --no-fail so the step doesn't crash Gitea before we upload the report
docker run --rm \
-v "${{ github.workspace }}:/src" \
opensecurity/mobsfscan:latest \
/src --type directory --html --output /src/report.html || true
# ... upload steps ...
-v --no-fail --html -o /src/report.html /src
# 4. Upload using the Gitea-compatible v3 action
- name: Upload Report to Gitea
uses: https://gitea.com/actions/upload-artifact@v3
with: