From 4e91af74b5e29f3a4c8e7c12459df25d482345a7 Mon Sep 17 00:00:00 2001
From: Priyaccuknox <164139054+Priyaccuknox@users.noreply.github.com>
Date: Wed, 20 Nov 2024 23:28:49 +0530
Subject: [PATCH] sast push to SaaS

---
 .github/workflows/sast-push.yaml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/workflows/sast-push.yaml

diff --git a/.github/workflows/sast-push.yaml b/.github/workflows/sast-push.yaml
new file mode 100644
index 0000000..398257f
--- /dev/null
+++ b/.github/workflows/sast-push.yaml
@@ -0,0 +1,29 @@
+name: Push SonarQube scans to SaaS
+
+on:
+  push:
+    branches:
+      - main
+
+env:
+  AK_URL: "https://cspm.accuknox.com"
+  AK_SAST_LABEL: "SAST"
+
+jobs:
+  scan-and-push:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: accuknox/common-gh-actions/actions/sonarqube@main
+      with:
+        token: ${{ secrets.SQ_TOKEN }}
+        qualityGateCheck: 'false'
+        args: >
+          -Dsonar.projectKey=knoxctl-website
+          -Dsonar.sources=.
+        projectKey: knoxctl-website
+        pushToSaas: true
+        ak_url: ${{ env.AK_URL }}
+        ak_tok: ${{ secrets.AK_PROD_ACCUKNOXTECH_TOKEN }}
+        tenant_id: ${{ secrets.AK_PROD_ACCUKNOXTECH_TENANT_ID }}
+        label: ${{ env.AK_SAST_LABEL }}
\ No newline at end of file