Skip to content

Bump werkzeug from 3.0.3 to 3.0.6 in /api #145

Bump werkzeug from 3.0.3 to 3.0.6 in /api

Bump werkzeug from 3.0.3 to 3.0.6 in /api #145

name: "Security Scan"
on:
pull_request:
branches:
- main
workflow_call:
secrets:
SONAR_TOKEN:
required: true
SONAR_HOST_URL:
required: true
GITGUARDIAN_API_KEY:
required: true
jobs:
tests:
uses: ./.github/workflows/test.yml # use the callable tests job to run tests
secrets:
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}
sonarqube:
needs: [tests]
name: SonarQube scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Sonar scan
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}