# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. # # This workflow file requires a free account on Bearer.com to manage findings, notifications and more. # See https://docs.bearer.com/guides/bearer-cloud/ name: Bearer on: push: branches: ["master" ] pull_request: # The branches below must be a subset of the branches above branches: ["master"] schedule: - cron: '24 22 * * 6' permissions: contents: read # for actions/checkout to fetch code security-events: write # for github/codeql-action/upload-sarif to upload SARIF results actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status jobs: bearer: runs-on: ubuntu-latest steps: # Checkout project source - uses: actions/checkout@v4 # Scan code using Bearer CLI - name: Run Report id: report uses: bearer/bearer-action@828eeb928ce2f4a7ca5ed57fb8b59508cb8c79bc with: api-key: ${{ secrets.BEARER_TOKEN }} format: sarif output: results.sarif exit-code: 0 # Upload SARIF file generated in previous step - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v3 with: sarif_file: results.sarif