mirror of https://github.com/actions/setup-go.git
				
				
				
			
		
			
				
	
	
		
			38 lines
		
	
	
		
			988 B
		
	
	
	
		
			YAML
		
	
	
	
			
		
		
	
	
			38 lines
		
	
	
		
			988 B
		
	
	
	
		
			YAML
		
	
	
	
| # This workflow file requires a free account on Semgrep.dev to
 | |
| # manage rules, file ignores, notifications, and more.
 | |
| #
 | |
| # See https://semgrep.dev/docs
 | |
| 
 | |
| name: Semgrep
 | |
| 
 | |
| on:
 | |
|   push:
 | |
|     branches: [ main, setup-go ]
 | |
|   pull_request:
 | |
|     # The branches below must be a subset of the branches above
 | |
|     branches: [ main ]
 | |
|   schedule:
 | |
|     - cron: '20 17 * * 6'
 | |
| 
 | |
| jobs:
 | |
|   semgrep:
 | |
|     name: Scan
 | |
|     runs-on: ubuntu-latest
 | |
|     steps:
 | |
|       # Checkout project source
 | |
|       - uses: actions/checkout@v2
 | |
| 
 | |
|       # Scan code using project's configuration on https://semgrep.dev/manage
 | |
|       - uses: returntocorp/semgrep-action@v1
 | |
|         with:
 | |
|           publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
 | |
|           publishDeployment: ${{ secrets.SEMGREP_DEPLOYMENT_ID }}
 | |
|           generateSarif: "1"
 | |
| 
 | |
|       # Upload SARIF file generated in previous step
 | |
|       - name: Upload SARIF file
 | |
|         uses: github/codeql-action/upload-sarif@v1
 | |
|         with:
 | |
|           sarif_file: semgrep.sarif
 | |
|         if: always()
 |