From abb65858840a235b5ec57e1be2634c5dc7219212 Mon Sep 17 00:00:00 2001
From: Awei <62026905+Awei2020@users.noreply.github.com>
Date: Tue, 18 Jul 2023 10:52:57 +0800
Subject: [PATCH] Update action.yml

---
 action.yml | 37 +++++++++++++++++--------------------
 1 file changed, 17 insertions(+), 20 deletions(-)

diff --git a/action.yml b/action.yml
index 09c1540..79c5559 100644
--- a/action.yml
+++ b/action.yml
@@ -1,26 +1,23 @@
 name: "MurphySec code scan"
 description: "Software Supply Chain Security Scanning Tool"
 author: "Wei Zhao <aweihooo@163.com>"
-steps:
-  - name: Checkout_Actions
-    uses: actions/checkout@v3
-  - name: Install MurphySec code scan cli
-    run: |
-      wget -q https://s.murphysec.com/release/install.sh -O - | /bin/bash
-  - name: Code scan
-    run: murphysec  scan . --token ${{ secrets.MURPHYSEC_TOKEN }} --json >scan_results.json
-  - name: Format data
-    run: | 
-      wget https://s.murphysec.com/github_actions_format.py
-      python3 github_actions_format.py
-  - name: Check if file exists
-    run: |
-      if [ -f "results.sarif" ]; then
-        echo "file_exists=true" >> $GITHUB_ENV
-      else
-        echo "file_exists=false" >> $GITHUB_ENV
-      fi
-  - name: Upload SARIF file
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        wget -q https://s.murphysec.com/release/install.sh -O - | /bin/bash
+      shell: bash
+    - run: murphysec  scan . --token ${{ secrets.MURPHYSEC_TOKEN }} --json >scan_results.json
+    - run: | 
+        wget https://s.murphysec.com/github_actions_format.py
+        python3 github_actions_format.py
+      shell: bash
+    - run: |
+        if [ -f "results.sarif" ]; then
+          echo "file_exists=true" >> $GITHUB_ENV
+        else
+          echo "file_exists=false" >> $GITHUB_ENV
+        fi
     if: env.file_exists == 'true'
     uses: github/codeql-action/upload-sarif@v2
     with: