Skip to content

chore: fix sonar issues #6836

chore: fix sonar issues

chore: fix sonar issues #6836

name: "Flag the PRs touching security related code"
on:
pull_request:
branches: [ v2.x.x, v3.x.x ]
jobs:
analyze:
name: Identify security related PR
runs-on: ubuntu-latest
timeout-minutes: 20
permissions: write-all
steps:
- uses: actions/github-script@v6
with:
script: |
const owner = "zowe";
const repository = "api-layer";
const prNumber = ${{ github.event.pull_request.number }};
const { data } = await github.rest.pulls.listFiles({
owner: owner,
repo: repository,
pull_number: prNumber
});
let isRisky = false;
data.forEach(file => {
if(file.filename.indexOf("security") !== -1) {
isRisky = true;
}
});
if(isRisky) {
await github.rest.issues.addLabels({
owner,
repo: repository,
issue_number: prNumber,
labels: ['Sensitive']
});
}