Create powershell.yml (#72)

* Create powershell.yml * remove PSScriptAnalyzer.yml
rulasg · Jun 22, 2023 · 49e8952 · 49e8952
1 parent b882d0b
commit 49e8952
Showing 1 changed file with 12 additions and 9 deletions.
diff --git a/.github/workflows/PSScriptAnalyzer.yml → .github/workflows/powershell.yml b/.github/workflows/PSScriptAnalyzer.yml → .github/workflows/powershell.yml
@@ -10,9 +10,13 @@
 name: PSScriptAnalyzer
 
 on:
-  workflow_dispatch:
+  push:
+    branches: [ "main", "release*" ]
   pull_request:
-
+    branches: [ "main" ]
+  schedule:
+    - cron: '21 4 * * 0'
+
 permissions:
   contents: read
 
@@ -21,24 +25,23 @@ jobs:
     permissions:
       contents: read # for actions/checkout to fetch code
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status 
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     name: PSScriptAnalyzer
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
 
       - name: Run PSScriptAnalyzer
-        uses: microsoft/psscriptanalyzer-action@v1.1
+        uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f
         with:
           # Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
           # The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
           path: .\
-          recurse: true 
-          severity: 'Error'
-          # Include your own basic security rules. Removing this option will run all the rules 
-          # includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
+          recurse: true
+          # Include your own basic security rules. Removing this option will run all the rules
+          includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
           output: results.sarif
-      
+
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
         uses: github/codeql-action/upload-sarif@v2