dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove semgrep from scanning
All checks were successful
Datadog Software Composition Analysis / Datadog SBOM Generation and Upload (push) Successful in 48s
Details
Datadog Secrets Scanning / Datadog Static Analyzer (push) Successful in 55s
Details
Datadog Static Analysis / Datadog Static Analyzer (push) Successful in 1m28s
Details

Browse Source
This commit is contained in:
Tanishq Dubey 2025-05-10 08:32:33 -04:00
parent f2e2616a88
commit 2d549e4579
No known key found for this signature in database
GPG Key ID: CFC1931B84DFC3F9
1 changed files with 18 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
.gitea/workflows/datadog-static-analysis.yml
View File

@ -3,39 +3,21 @@ on: [push]
name: Datadog Static Analysis name: Datadog Static Analysis
jobs: jobs:
static-analysis: static-analysis:
runs-on: ubuntu-latest runs-on: ubuntu-latest
name: Datadog Static Analyzer name: Datadog Static Analyzer
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Check code meets quality and security standards - name: Check code meets quality and security standards
id: datadog-static-analysis id: datadog-static-analysis
uses: DataDog/datadog-static-analyzer-github-action@v1 uses: DataDog/datadog-static-analyzer-github-action@v1
with: with:
dd_api_key: ${{ secrets.DD_API_KEY }} dd_api_key: ${{ secrets.DD_API_KEY }}
dd_app_key: ${{ secrets.DD_APP_KEY }} dd_app_key: ${{ secrets.DD_APP_KEY }}
dd_site: datadoghq.com dd_site: datadoghq.com
cpu_count: 2 cpu_count: 8
- name: Run Semgrep env:
run: | DD_API_KEY: ${{ secrets.DD_API_KEY }}
python3 -m pip install --break-system-package semgrep DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
semgrep scan --sarif -o /tmp/semgrep.sarif DD_SITE: datadoghq.com
cat /tmp/semgrep.sarif
# Download and install nvm:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.2/install.sh | bash
# in lieu of restarting the shell
\. "$HOME/.nvm/nvm.sh"
# Download and install Node.js:
nvm install 22
# Verify the Node.js version:
node -v # Should print "v22.14.0".
nvm current # Should print "v22.14.0".
# Verify npm version:
npm -v # Should print "10.9.2".
npm install -g @datadog/datadog-ci
datadog-ci sarif upload /tmp/semgrep.sarif
env:
DD_API_KEY: ${{ secrets.DD_API_KEY }}
DD_APP_KEY: ${{ secrets.DD_APP_KEY }}
DD_SITE: datadoghq.com