GitHub Advanced Security Support

[GeekMasher]

Quibble in v0.3.1 now support SARIF and upload to GitHub Advanced Security. This helps support Pull Request scanning and identifying security bugs in compose files early in the development process.

Actions

name: Quibble

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write

    steps:
    - uses: actions/checkout@v3
    - name: Quibble Scan
      uses: GeekMasher/quibble@0.3.1

    - name: Upload SARIF file
      uses: github/codeql-action/upload-sarif@v2
      if: always()
      with:
        sarif_file: quibble.sarif