From ec539302876c4ab05ae0438ca4e575968270526b Mon Sep 17 00:00:00 2001
From: Gabriel Kihlman <g.kihlman@yubico.com>
Date: Tue, 17 Dec 2019 15:16:44 +0100
Subject: [PATCH 15/25] Adding a static code analysis github workflow

Signed-off-by: Gustavo B. Schenkel <gustavo.schenkel@gmail.com>
---
 .github/workflows/scan.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/scan.yml

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
new file mode 100644
index 0000000..f8e54a1
--- /dev/null
+++ b/.github/workflows/scan.yml
@@ -0,0 +1,31 @@
+name: static code analysis
+
+on: [push]
+env:
+  SCAN_IMG:
+    yes-docker-local.artifactory.in.yubico.org/static-code-analysis/c:v1
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@master
+
+    - name: Prep scan
+      run: |
+        docker login yes-docker-local.artifactory.in.yubico.org/ \
+             -u svc-static-code-analysis-reader \
+             -p ${{ secrets.ARTIFACTORY_READER_TOKEN }}
+        docker pull ${SCAN_IMG}
+
+    - name: Scan but do not fail on warnings
+      run: |
+        docker run -v${PWD}:/k -e COMPILE_DEPS="${COMPILE_DEPS}" \
+          -e PROJECT_NAME=${GITHUB_REPOSITORY#Yubico/} -t ${SCAN_IMG} || true
+
+    - uses: actions/upload-artifact@master
+      if: failure()
+      with:
+        name: suppression_files
+        path: suppression_files
-- 
2.32.0