WHY2/.github/workflows/codacy.yml

# This is part of WHY2
# Copyright (C) 2022 Václav Šmejkal

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.

name: Codacy Scan

on:
  push:
    branches: [ "development" ]
  schedule:
    - cron: '40 22 12 4 2'

permissions:
  contents: read


env:
  bramborak: ${{ secrets.BRAMBORAK }}

jobs:
  codacy-security-scan:
    permissions:
      contents: read
      security-events: write
      actions: read
    name: Codacy Security Scan
    runs-on: ubuntu-latest
    steps:
      - if: env.bramborak == 'ted jsem tam mel jednu slapku' # Ensure this runs only on GitHub
        name: Checkout code
        uses: actions/checkout@v3

      - if: env.bramborak == 'ted jsem tam mel jednu slapku' # Ensure this runs only on GitHub
        name: Run Codacy Analysis
        uses: codacy/codacy-analysis-cli-action@master
        with:
          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
          verbose: true
          output: results.sarif
          format: sarif
          gh-code-scanning-compat: true
          max-allowed-issues: 2147483647

      - if: env.bramborak == 'ted jsem tam mel jednu slapku' # Ensure this runs only on GitHub
        name: Upload results file
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif