From 7f573f542b3a7c2c0ec4ca1572c0784c15022a68 Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Fri, 6 Dec 2024 17:41:34 +0530 Subject: [PATCH] fix: add block_mode input for semgrep (#337) This PR adds input block_mode for semgrep to enable failing pipeline if we have some findings in semgrep scan. Test run: https://github.com/splunk/splunk-add-on-for-google-workspace/actions/runs/10954006775 --- .github/workflows/reusable-build-test-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/reusable-build-test-release.yml b/.github/workflows/reusable-build-test-release.yml index 08303d65..8da83f35 100644 --- a/.github/workflows/reusable-build-test-release.yml +++ b/.github/workflows/reusable-build-test-release.yml @@ -331,6 +331,8 @@ jobs: uses: splunk/sast-scanning/.github/workflows/sast-scan.yml@main secrets: SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }} + with: + block_mode: "policy" test-inventory: runs-on: ubuntu-latest