Update .gitea/workflows/mobsf.yml
All checks were successful
MobSF Security Scan / mobsf-analysis (push) Successful in 13s
All checks were successful
MobSF Security Scan / mobsf-analysis (push) Successful in 13s
This commit is contained in:
@@ -8,19 +8,18 @@ jobs:
|
||||
- name: Checkout Code
|
||||
uses: https://github.com/actions/checkout@v4
|
||||
|
||||
- name: Prepare Report File
|
||||
run: |
|
||||
echo "<html><body><h1>Scan Results</h1><p>No issues found.</p></body></html>" > report.html
|
||||
chmod 777 report.html
|
||||
|
||||
- name: Run MobSF Scan
|
||||
run: |
|
||||
# We scan the root ('.') and use verbose (-v) to see what is happening
|
||||
# We use --no-fail so the step doesn't crash Gitea before we upload the report
|
||||
# 1. Create a placeholder
|
||||
echo "<html><body><h1>Scan Results</h1><p>No issues.</p></body></html>" > report.html
|
||||
|
||||
# 2. POINT DIRECTLY TO SOURCE
|
||||
# We map the root to /src, but tell mobsfscan to only scan /src/app/src/main
|
||||
# This forces it to ignore Gradle/Wrapper files and focus on your code
|
||||
docker run --rm \
|
||||
-v "${{ github.workspace }}:/src" \
|
||||
opensecurity/mobsfscan:latest \
|
||||
-v --no-fail --html -o /src/report.html /src
|
||||
--html -o /src/report.html /src/app/src/main || true
|
||||
|
||||
- name: Upload Report to Gitea
|
||||
uses: https://gitea.com/actions/upload-artifact@v3
|
||||
|
||||
Reference in New Issue
Block a user