remove semgrep from scanning

2025-05-10 08:32:33 -04:00 · 2025-05-10 08:32:33 -04:00 · 2d549e4579
commit 2d549e4579
parent f2e2616a88
1 changed files with 18 additions and 36 deletions
--- a/.gitea/workflows/datadog-static-analysis.yml
+++ b/.gitea/workflows/datadog-static-analysis.yml
@ -3,39 +3,21 @@ on: [push]
 name: Datadog Static Analysis

 jobs:
-  static-analysis:
-    runs-on: ubuntu-latest
-    name: Datadog Static Analyzer
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-    - name: Check code meets quality and security standards
-      id: datadog-static-analysis
-      uses: DataDog/datadog-static-analyzer-github-action@v1
-      with:
-        dd_api_key: ${{ secrets.DD_API_KEY }}
-        dd_app_key: ${{ secrets.DD_APP_KEY }}
-        dd_site: datadoghq.com
-        cpu_count: 2
-    - name: Run Semgrep
-      run: |
-        python3 -m pip install --break-system-package semgrep
-        semgrep scan --sarif -o /tmp/semgrep.sarif 
-        cat /tmp/semgrep.sarif
-        # Download and install nvm:
-        curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.2/install.sh | bash
-        # in lieu of restarting the shell
-        \. "$HOME/.nvm/nvm.sh"
-        # Download and install Node.js:
-        nvm install 22
-        # Verify the Node.js version:
-        node -v # Should print "v22.14.0".
-        nvm current # Should print "v22.14.0".
-        # Verify npm version:
-        npm -v # Should print "10.9.2".
-        npm install -g @datadog/datadog-ci
-        datadog-ci sarif upload /tmp/semgrep.sarif
-      env:
-        DD_API_KEY: ${{ secrets.DD_API_KEY }}
-        DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
-        DD_SITE: datadoghq.com
+    static-analysis:
+        runs-on: ubuntu-latest
+        name: Datadog Static Analyzer
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v3
+            - name: Check code meets quality and security standards
+              id: datadog-static-analysis
+              uses: DataDog/datadog-static-analyzer-github-action@v1
+              with:
+                  dd_api_key: ${{ secrets.DD_API_KEY }}
+                  dd_app_key: ${{ secrets.DD_APP_KEY }}
+                  dd_site: datadoghq.com
+                  cpu_count: 8
+              env:
+                  DD_API_KEY: ${{ secrets.DD_API_KEY }}
+                  DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
+                  DD_SITE: datadoghq.com