debug action #12

	name: "FindSecBugs"

	on:
	push:
	branches:
	- main
	- rh/action-test
	# run on new pushes only for non-draft PRs
	pull_request:
	branches:
	- main
	types:
	- opened
	- synchronize
	- reopened
	- ready_for_review
	workflow_dispatch:

	jobs:
	build-and-scan:
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Java
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: '17'
	- name: Build
	uses: gradle/gradle-build-action@v2
	with:
	arguments: build -x check --parallel -Pversion=0.0.0
	- name: Run FindSecBugs
	uses: advanced-security/spotbugs-findsecbugs-action@v1
	with:
	spotbugs_target: 'codyze-cli/'
	java_distribution: 'temurin'
	java_version: '17'
	path_prefix: 'codyze-cli/src/main/kotlin'
	# optional: also upload scan results as an artifact
	- name: Results as Artifact
	uses: actions/upload-artifact@v3
	if: success() \|\| failure()
	with:
	name: spotbugs.sarif
	path: '/home/runner/work/spotbugs_working+/spotbugs.sarif'

Provide feedback