######################################################################################################################
# THIS FILE IS AUTOGENERATED. SEE https://github.com/fishbrain/terraform/blob/master/repositories/semgrep.tf         #
######################################################################################################################
name: Semgrep
on:
  pull_request: {}
  schedule:
    - cron: '0 2 * * 0' # Once a week at 2am.

jobs:
  semgrep:
    name: Scan
    runs-on: buildjet-2vcpu-ubuntu-2204
    timeout-minutes: 15 # There's been issues with some runs hanging. This times out after 15 minutes instead of the default 360.
    container:
      image: returntocorp/semgrep
    if: (github.actor != 'dependabot[bot]')
    steps:
      - uses: actions/checkout@v4
      - run: semgrep ci
        env:
          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}