chore(ci): Disable checkov until project is private

vmercierfr · vmercierfr · commit 3bc21c9537ba · 2024-04-25T16:57:34.000+02:00
Checkcov can only work on public projects or using Github Enterprise licence https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/advanced-security-must-be-enabled We'll enable it once project will be public
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -156,26 +156,26 @@ jobs:
       - name: Run Debian package tests
         run: make debian-test-ci
 
-  checkcov:
-    permissions:
-      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read  # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Checkov GitHub Action
-        uses: bridgecrewio/checkov-action@v12
-        with:
-          # This will add both a CLI output to the console and create a results.sarif file
-          output_format: cli,sarif
-          output_file_path: console,results.sarif
-      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
-        # Results are generated only on a success or failure
-        # this is required since GitHub by default won't run the next step
-        # when the previous one has failed. Security checks that do not pass will 'fail'.
-        # An alternative is to add `continue-on-error: true` to the previous step
-        # Or 'soft_fail: true' to checkov.
-        if: success() || failure()
-        with:
-          sarif_file: results.sarif
+#  checkcov:
+#    permissions:
+#      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
+#      actions: read  # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v4
+#      - name: Checkov GitHub Action
+#        uses: bridgecrewio/checkov-action@v12
+#        with:
+#          # This will add both a CLI output to the console and create a results.sarif file
+#          output_format: cli,sarif
+#          output_file_path: console,results.sarif
+#      - name: Upload SARIF file
+#        uses: github/codeql-action/upload-sarif@v3
+#        # Results are generated only on a success or failure
+#        # this is required since GitHub by default won't run the next step
+#        # when the previous one has failed. Security checks that do not pass will 'fail'.
+#        # An alternative is to add `continue-on-error: true` to the previous step
+#        # Or 'soft_fail: true' to checkov.
+#        if: success() || failure()
+#        with:
+#          sarif_file: results.sarif
