SP-1022 | Updating Semgrep configuration
This commit is contained in:
security user
8
.github/workflows/semgrep.yml
vendored
8
.github/workflows/semgrep.yml
vendored
@@ -6,6 +6,8 @@ on:
|
|||||||
branches:
|
branches:
|
||||||
- master
|
- master
|
||||||
- main
|
- main
|
||||||
|
- develop
|
||||||
|
- portal
|
||||||
|
|
||||||
# Schedule this job to run at a certain time, using cron syntax
|
# Schedule this job to run at a certain time, using cron syntax
|
||||||
# Note that * is a special character in YAML so you have to quote this string
|
# Note that * is a special character in YAML so you have to quote this string
|
||||||
@@ -20,11 +22,13 @@ jobs:
|
|||||||
github-event-number: ${{github.event.number}}
|
github-event-number: ${{github.event.number}}
|
||||||
github-event-name: ${{github.event_name}}
|
github-event-name: ${{github.event_name}}
|
||||||
github-repository: ${{github.repository}}
|
github-repository: ${{github.repository}}
|
||||||
|
github-pr_owner_name: ${{github.event.pull_request.user.login}}
|
||||||
secrets:
|
secrets:
|
||||||
READ_SEMGREP_RULES_TOKEN: ${{secrets.READ_SEMGREP_RULES_TOKEN}}
|
READ_SEMGREP_RULES_TOKEN: ${{secrets.READ_SEMGREP_RULES_TOKEN}}
|
||||||
|
EMAIL_FETCH_TOKEN: ${{secrets.EMAIL_FETCH_TOKEN}}
|
||||||
|
|
||||||
run-if-failed:
|
run-if-failed:
|
||||||
runs-on: [ self-hosted ]
|
runs-on: [ self-hosted, Linux ]
|
||||||
needs: [central-semgrep]
|
needs: [central-semgrep]
|
||||||
if: always() && (needs.semgrep.result == 'failure')
|
if: always() && (needs.semgrep.result == 'failure')
|
||||||
steps:
|
steps:
|
||||||
@@ -38,4 +42,4 @@ jobs:
|
|||||||
|
|
||||||
- name: Assign Reviewers
|
- name: Assign Reviewers
|
||||||
if: ${{ ( github.event.number != '' ) }}
|
if: ${{ ( github.event.number != '' ) }}
|
||||||
uses: navi-infosec/security-oncall-action@v1.1
|
uses: navi-infosec/security-oncall-action@v1.1
|
||||||
Reference in New Issue
Block a user