Skip to content

Commit 7efd8e0

Browse files
saisatishkarrasaisatishkarra
authored
Add SAST scanning using semgrep (Kong#336)
1 parent 7c3d401 commit 7efd8e0

1 file changed

Lines changed: 26 additions & 0 deletions

File tree

.github/workflows/sast.yml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
name: SAST
2+
3+
on:
4+
pull_request: {}
5+
push:
6+
branches:
7+
- master
8+
workflow_dispatch: {}
9+
10+
11+
jobs:
12+
semgrep:
13+
name: Semgrep SAST
14+
runs-on: ubuntu-latest
15+
permissions:
16+
# required for all workflows
17+
security-events: write
18+
# only required for workflows in private repositories
19+
actions: read
20+
contents: read
21+
22+
if: (github.actor != 'dependabot[bot]')
23+
24+
steps:
25+
- uses: actions/checkout@v4
26+
- uses: Kong/public-shared-actions/security-actions/semgrep@bd3d75259607dd015bea3b3313123f53b80e9d7f

0 commit comments

Comments
 (0)