generate_report.yml

name: "generate pdf"

on:
  workflow_dispatch:
  pull_request:
    paths:
      - '**generate_report.yml'
  push:
    branches:
    - main
    paths:
      - '**generate_report.yml'

permissions:
  contents: read

jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language: [ go ]

    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
        with:
          egress-policy: audit
                   
      - name: CodeQL and Dependabot Report Action
        uses: rsdmike/github-security-report-action@a149b24539044c92786ec39af8ba38c93496495d # v3.0.4
        with:
          template: report
          token: ${{ secrets.SECURITY_TOKEN }}

      - name: GitHub Upload Release Artifacts
        uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2.3.1
        with:
          name: report
          path: |
             ./report.pdf