From 83b58a031cce1838b7fb32d232ce6bfe0233c3f9 Mon Sep 17 00:00:00 2001 From: Tobiasz Tomczyk Date: Fri, 9 Apr 2021 13:27:52 +0200 Subject: [PATCH] Update sample template --- samples/run-dottest-analyzer-template.yml | 39 ++++++++++++----------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/samples/run-dottest-analyzer-template.yml b/samples/run-dottest-analyzer-template.yml index 12294bf..e14abe0 100644 --- a/samples/run-dottest-analyzer-template.yml +++ b/samples/run-dottest-analyzer-template.yml @@ -1,38 +1,41 @@ -# This workflow runs Parasoft dotTEST with GitHub's code scanning feature -# Parasoft dotTEST is SAST tool which provides thorough security analysis for various security standards -# Visit https://github.com/parasoft/run-dottest-action for help -name: Parasoft dotTEST Code Scan +# This workflow runs Parasoft dotTEST to analyze code +# and display results with Github code scanning alerts. +# Parasoft dotTEST is a testing tool that provides code analysis techniques +# to improve code quality and ensure compliance with industry standards. +# See https://github.com/parasoft/run-dottest-action for more information. + +name: Parasoft dotTEST Code Analysis on: push: branches: [ $default-branch, $protected-branches ] pull_request: - # The branches below must be a subset of the branches above + # The branches below must be a subset of the branches above. branches: [ $default-branch ] schedule: - cron: $cron-weekly - # Allows you to run this workflow manually from the Actions tab + # Allows you to run this workflow manually from the Actions tab. workflow_dispatch: -# A workflow run is made up of one or more jobs that can run sequentially or in parallel +# A workflow run is made up of one or more jobs that can run sequentially or in parallel. jobs: - # This workflow contains a single job called "run-dottest-analyzer" - run-dottest-analyzer: - # Display name of the job - name: Analyze workspace with dotTEST - # The type of runner that the job will run on + # This workflow is made up of one job "run-dottest-action". + run-dottest-action: + # Specifies the name of the job. + name: Run code analysis with dotTEST + # Specifies the type of runner that the job will run on. runs-on: self-hosted - # Steps represent a sequence of tasks that will be executed as part of the job + # Steps represent a sequence of tasks that will be executed as part of the job. steps: - # Checks out your repository, so that your job can access it - - name: Checkout code + # Checks out your repository, so that your job can access it. + - name: Check out code uses: actions/checkout@v2 # --------------------------------------------------------------- - # Run Parasoft dotTEST Analysis and generate .sarif report + # Runs code analysis with dotTEST and generates a .sarif report. - name: Run Parasoft dotTEST id: dottest uses: parasoft/run-dottest-action@1.1.1 @@ -87,7 +90,7 @@ jobs: #sarifMode: # optional, default is builtin # --------------------------------------------------------------- - # Archive reports from analysis as job artifacts. + # Uploads an archive that includes all report files (.xml, .html, .sarif). - name: Upload report artifacts uses: actions/upload-artifact@v2 with: @@ -95,7 +98,7 @@ jobs: path: ${{ steps.dottest.outputs.reportDir }}/*.* # --------------------------------------------------------------- - # Upload analysis results to GitHub to be reviewed as code scanning alerts. + # Uploads analysis results in the SARIF format, so that they are displayed as GitHub code scanning alerts. - name: Upload results to GitHub uses: github/codeql-action/upload-sarif@v1 with: