Skip to content
Analyze with CodeGuru Reviewer

Test pr #34

Sign in to view logs

Test pr

Test pr #34

Workflow file for this run

.github/workflows/codeguru.yml at b48060e
name: Analyze with CodeGuru Reviewer
on:
pull_request:
types: [opened]
# - push
# - workflow_dispatch # This allows manual triggering of the action through the GitHub UI.
permissions:
id-token: write
contents: read
security-events: write
jobs:
build:
name: Analyze with CodeGuru Reviewer
runs-on: ubuntu-latest
steps:
- name: Configure AWS credentials
id: iam-role
continue-on-error: true
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::737243363187:role/CodeGuruSecurityGitHubAccessRole
aws-region: us-east-1
- uses: actions/checkout@v2
if: steps.iam-role.outcome == 'success'
with:
fetch-depth: 0
- name: Set up JDK 1.8
if: steps.iam-role.outcome == 'success'
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Build project
if: steps.iam-role.outcome == 'success'
run: mvn compile -DskipTests
- name: CodeGuru Reviewer
uses: aws-actions/[email protected]
if: steps.iam-role.outcome == 'success'
continue-on-error: false
with:
s3_bucket: codeguru-reviewer-demo-234234sdfsdf
build_path: ./target/classes
- name: Store SARIF file
if: steps.iam-role.outcome == 'success'
uses: actions/upload-artifact@v2
with:
name: SARIF_recommendations
path: ./codeguru-results.sarif.json
- name: Upload review result
if: steps.iam-role.outcome == 'success'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: codeguru-results.sarif.json
- name: CodeGuru Security
uses: aws-actions/codeguru-security@v1
with:
source_path: .
aws_region: us-east-1
# fail_on_severity: Critical
- name: Print findings
run: |
ls -l
cat codeguru-security-results.sarif.json
# If you want content in security scanning, you’ll need to enable codescanning by going into github.
# https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository
- name: Upload result
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: codeguru-security-results.sarif.json