[#1609]: feature: semgrep security scanning CI

author: Valery Piashchynski <[email protected]> 2023-06-16 19:09:29 +0200
committer: GitHub <[email protected]> 2023-06-16 19:09:29 +0200
commit: 2426f17ed1a4edaeef182b2393b295511f0aae0a (patch)
tree: 0911475e9dc23e78cb2ca4da50a79964809d91f1
parent: 511ab74671f28a6746cd4d7b859828a07c37cf3e (diff)
parent: f42774a3ca85d06d859288ef16e0133740074a18 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
new file mode 100644
index 00000000..58ae4ed6
--- /dev/null
+++ b/.github/workflows/semgrep.yml
@@ -0,0 +1,20 @@
+name: semgrep
+on:
+  pull_request: {}
+  push:
+    branches:
+      - master
+      - stable
+    paths:
+      - .github/workflows/semgrep.yml
+jobs:
+  semgrep:
+    name: semgrep/ci
+    runs-on: ubuntu-latest
+    env:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+    container:
+      image: returntocorp/semgrep
+    steps:
+      - uses: actions/checkout@v3
+      - run: semgrep ci
author	Valery Piashchynski <[email protected]>	2023-06-16 19:09:29 +0200
committer	GitHub <[email protected]>	2023-06-16 19:09:29 +0200
commit	2426f17ed1a4edaeef182b2393b295511f0aae0a (patch)
tree	0911475e9dc23e78cb2ca4da50a79964809d91f1
parent	511ab74671f28a6746cd4d7b859828a07c37cf3e (diff)
parent	f42774a3ca85d06d859288ef16e0133740074a18 (diff)