File tree Expand file tree Collapse file tree 1 file changed +24
-2
lines changed
Expand file tree Collapse file tree 1 file changed +24
-2
lines changed Original file line number Diff line number Diff line change 1616
1717jobs :
1818 build :
19-
2019 runs-on : ubuntu-latest
21-
2220 steps :
2321 - uses : actions/checkout@v4
2422 - name : Set up JDK 17
3028 - name : Build with Maven
3129 run : mvn -B package --file pom.xml
3230
31+ semgrep :
32+ # User definable name of this GitHub Actions job.
33+ name : semgrep/ci
34+ # If you are self-hosting, change the following `runs-on` value:
35+ runs-on : ubuntu-latest
36+ container :
37+ # A Docker image with Semgrep installed. Do not change this.
38+ image : semgrep/semgrep
39+ steps :
40+ # Fetch project source with GitHub Actions Checkout. Use either v3 or v4.
41+ - uses : actions/checkout@v4
42+ # Run the "semgrep ci" command on the command line of the docker image.
43+ - run : semgrep ci --sarif > semgrep.sarif
44+ env :
45+ # Connect to Semgrep AppSec Platform through your SEMGREP_APP_TOKEN.
46+ # Generate a token from Semgrep AppSec Platform > Settings
47+ # and add it to your GitHub secrets.
48+ SEMGREP_APP_TOKEN : " 4e4485e73a07808f2af8a5546e85fc29bed3d0ce4b21b8b6dd77ace1950bc3f8"
49+
50+ - name : Upload SARIF file for GitHub Advanced Security Dashboard
51+ uses : github/codeql-action/upload-sarif@v2
52+ with :
53+ sarif_file : semgrep.sarif
54+ if : always()
You can’t perform that action at this time.
0 commit comments