From 3e7271b9f9e8408f459aaf29abc2729e33a3e705 Mon Sep 17 00:00:00 2001
From: Pedro Lopes <83576881+pedrompflopes@users.noreply.github.com>
Date: Fri, 18 Mar 2022 08:26:38 +0000
Subject: [PATCH] split scan

---
 .github/workflows/ast-scan.yml | 18 ++++++++++++++++++
 .github/workflows/ci.yml       | 14 --------------
 2 files changed, 18 insertions(+), 14 deletions(-)
 create mode 100644 .github/workflows/ast-scan.yml

diff --git a/.github/workflows/ast-scan.yml b/.github/workflows/ast-scan.yml
new file mode 100644
index 00000000..40d32c23
--- /dev/null
+++ b/.github/workflows/ast-scan.yml
@@ -0,0 +1,18 @@
+name: Checkmarx AST Scan
+
+on: [ pull_request, workflow_dispatch ]
+
+jobs:
+  cx-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Checkmarx AST CLI Action
+        uses: checkmarx/ast-github-action@main
+        with:
+          base_uri: ${{ secrets.BASE_URI }}
+          cx_tenant: ${{ secrets.TENANT }}
+          cx_client_id: ${{ secrets.CLIENT_ID }}
+          cx_client_secret: ${{ secrets.CLIENT_SECRET }}
+          additional_params: --tags galactica-team --threshold "sast-high=1"
\ No newline at end of file
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 18494f12..05642a5b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -32,17 +32,3 @@ jobs:
           CX_SCAN_ID: ${{ secrets.CX_SCAN_ID }}
           CX_APIKEY: ${{ secrets.CX_APIKEY }}
         run: mvn -B test --file pom.xml
-  cx-scan:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Checkmarx AST CLI Action
-        uses: checkmarxDev/ast-github-action@main
-        with:
-          project_name: ${{ github.repository }}
-          base_uri: ${{ secrets.CX_BASE_URI }}
-          cx_tenant: ${{ secrets.CX_TENANT }}
-          cx_client_id: ${{ secrets.CX_CLIENT_ID }}
-          cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }}
-          additional_params: --tags "Galactica"