Skip to content

Commit

Permalink
Add SAST scanning using semgrep
Browse files Browse the repository at this point in the history
  • Loading branch information
saisatishkarra committed Jan 23, 2024
1 parent 7c3d401 commit 00d5611
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions .github/workflows/sast.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: SAST

on:
pull_request: {}
push:
branches:
- master
- release/*
workflow_dispatch: {}


jobs:
semgrep:
name: Semgrep SAST
runs-on: ubuntu-latest
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read

if: (github.actor != 'dependabot[bot]')

steps:
- uses: actions/checkout@v4
- uses: Kong/public-shared-actions/security-actions/semgrep@bd3d75259607dd015bea3b3313123f53b80e9d7f

0 comments on commit 00d5611

Please sign in to comment.