From c960a6d56b4072947ccc2379421c9164af65ba41 Mon Sep 17 00:00:00 2001
From: Rajendra Reddy <rajendra@wdipl.com>
Date: Wed, 18 Feb 2026 18:48:23 +0000
Subject: [PATCH] Update .gitea/workflows/mobsf.yml

---
 .gitea/workflows/mobsf.yml | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/.gitea/workflows/mobsf.yml b/.gitea/workflows/mobsf.yml
index 3be6aae..f72c2e1 100644
--- a/.gitea/workflows/mobsf.yml
+++ b/.gitea/workflows/mobsf.yml
@@ -1,26 +1,23 @@
-name: MobSF Container Scan
+name: MobSF Security Integration
 on: [push]
 
 jobs:
-  mobsf-scan:
+  mobsf-analysis:
     runs-on: ubuntu-latest
-    # This tells Gitea to run the whole job INSIDE the MobSF container
-    container:
-      image: opensecurity/mobsfscan:latest
-
     steps:
-      # Step 1: Git checkout still works inside the container
+      # 1. Checkout runs on the runner host (which has Node.js)
       - name: Checkout Code
         uses: https://github.com/actions/checkout@v4
 
-      # Step 2: Run the command directly (it's already installed!)
-      - name: Run Scan
+      # 2. Run MobSF using a Docker command
+      # We mount the current folder into the container's /src folder
+      - name: MobSF Scan
         run: |
-          mobsfscan . --html --output report.html || true
+          docker run --rm -v $(pwd):/src opensecurity/mobsfscan:latest /src --html --output /src/report.html || true
 
-      # Step 3: Upload the report
-      - name: Upload Report
+      # 3. Upload the report to Gitea
+      - name: Upload Report to Gitea
         uses: https://gitea.com/actions/upload-artifact@v3
         with:
-          name: container-security-report
+          name: Security-Analysis-Report
           path: report.html
\ No newline at end of file