ci: Updating semgrep action again

threatcl · Jun 15, 2022 · 35ef8ef · 35ef8ef
1 parent b6f68a7
commit 35ef8ef
Showing 1 changed file with 6 additions and 6 deletions.
diff --git a/.github/workflows/semgrep-analysis.yml b/.github/workflows/semgrep-analysis.yml
@@ -24,16 +24,16 @@ jobs:
     name: Scan
     environment: semgrep-action
     runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
     steps:
       # Checkout project source
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       # Scan code using project's configuration on https://semgrep.dev/manage
-      - uses: returntocorp/semgrep-action@fcd5ab7459e8d91cb1777481980d1b18b4fc6735
-        with:
-          publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
-          #publishDeployment: ${{ secrets.SEMGREP_DEPLOYMENT_ID }}
-          generateSarif: "1"
+      - run: semgrep scan --sarif --output=semgrep.sarif --config=policy
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
 
       # Upload SARIF file generated in previous step
       - name: Upload SARIF file