From 6e8150791ef7aa5f04f66bad5d8af4b17bb29576 Mon Sep 17 00:00:00 2001
From: Quentin Ligier <quentin.ligier@bluewin.ch>
Date: Wed, 24 Jan 2024 16:58:17 +0100
Subject: [PATCH] Add Codacy code scanning

---
 .github/workflows/security.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index ddbc8e20ef9..69f69940c92 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -82,3 +82,28 @@ jobs:
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'
+
+  codacy:
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@master
+        with:
+          output: results.sarif
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will hand over control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v2
+        if: always()
+        with:
+          sarif_file: results.sarif