From 8d19593edf8f1c5c3609eda1498e8c56382376ef Mon Sep 17 00:00:00 2001
From: Andy Yang <andy.yang@verygoodsecurity.com>
Date: Thu, 19 Dec 2024 10:59:59 -0800
Subject: [PATCH 1/2] PROXY-2262 | semgrep migration from CircleCI to Github

---
 .github/workflows/security-scan-sast.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 .github/workflows/security-scan-sast.yaml

diff --git a/.github/workflows/security-scan-sast.yaml b/.github/workflows/security-scan-sast.yaml
new file mode 100644
index 00000000..abd2f57e
--- /dev/null
+++ b/.github/workflows/security-scan-sast.yaml
@@ -0,0 +1,15 @@
+name: security-scan-sast
+
+on:
+  pull_request:
+  workflow_dispatch:
+  schedule:
+    - cron: '30 5 * * *' # Sets Semgrep to scan every day at 5:30 UTC
+
+jobs:
+  scan:
+    uses: verygood-ops/cicd-shared/.github/workflows/security-scan-sast.yaml@security-scan-sast-v1
+    with:
+      uses_maven: true
+    secrets:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
\ No newline at end of file

From cbecb84aed96c24cc150fb7931e6df8315569b54 Mon Sep 17 00:00:00 2001
From: andyyangvg <165849882+andyyangvg@users.noreply.github.com>
Date: Thu, 19 Dec 2024 11:41:48 -0800
Subject: [PATCH 2/2] Update security-scan-sast.yaml

---
 .github/workflows/security-scan-sast.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/security-scan-sast.yaml b/.github/workflows/security-scan-sast.yaml
index abd2f57e..5c37365f 100644
--- a/.github/workflows/security-scan-sast.yaml
+++ b/.github/workflows/security-scan-sast.yaml
@@ -10,6 +10,6 @@ jobs:
   scan:
     uses: verygood-ops/cicd-shared/.github/workflows/security-scan-sast.yaml@security-scan-sast-v1
     with:
-      uses_maven: true
+      uses_maven: false
     secrets:
-      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
\ No newline at end of file
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}