Update .gitea/workflows/mobsf.yml
All checks were successful
MobSF Security Integration / mobsf-analysis (push) Successful in 13s
All checks were successful
MobSF Security Integration / mobsf-analysis (push) Successful in 13s
This commit is contained in:
@@ -1,26 +1,23 @@
|
|||||||
name: MobSF Container Scan
|
name: MobSF Security Integration
|
||||||
on: [push]
|
on: [push]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
mobsf-scan:
|
mobsf-analysis:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
# This tells Gitea to run the whole job INSIDE the MobSF container
|
|
||||||
container:
|
|
||||||
image: opensecurity/mobsfscan:latest
|
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
# Step 1: Git checkout still works inside the container
|
# 1. Checkout runs on the runner host (which has Node.js)
|
||||||
- name: Checkout Code
|
- name: Checkout Code
|
||||||
uses: https://github.com/actions/checkout@v4
|
uses: https://github.com/actions/checkout@v4
|
||||||
|
|
||||||
# Step 2: Run the command directly (it's already installed!)
|
# 2. Run MobSF using a Docker command
|
||||||
- name: Run Scan
|
# We mount the current folder into the container's /src folder
|
||||||
|
- name: MobSF Scan
|
||||||
run: |
|
run: |
|
||||||
mobsfscan . --html --output report.html || true
|
docker run --rm -v $(pwd):/src opensecurity/mobsfscan:latest /src --html --output /src/report.html || true
|
||||||
|
|
||||||
# Step 3: Upload the report
|
# 3. Upload the report to Gitea
|
||||||
- name: Upload Report
|
- name: Upload Report to Gitea
|
||||||
uses: https://gitea.com/actions/upload-artifact@v3
|
uses: https://gitea.com/actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: container-security-report
|
name: Security-Analysis-Report
|
||||||
path: report.html
|
path: report.html
|
||||||
Reference in New Issue
Block a user