feat: use latest semgrep image that runs as nonroot user to unpause c…

…hecks
open-turo · Sep 26, 2023 · 4610e25 · 4610e25
1 parent b7eb8ce
commit 4610e25
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 7 deletions.
diff --git a/static-analysis/action.yaml b/static-analysis/action.yaml
@@ -18,5 +18,3 @@ runs:
       uses: ${GITHUB_ACTION_PATH}/static-analysis/semgrep
       with:
         semgrep-app-token: ${{ inputs.semgrep-app-token }}
-#    - run: echo "pausing checks"
-#      shell: bash
diff --git a/static-analysis/semgrep/action.yaml b/static-analysis/semgrep/action.yaml
@@ -7,14 +7,10 @@ inputs:
 runs:
   using: docker
   container:
-    image: returntocorp/semgrep
+    image: returntocorp/semgrep:latest-nonroot
     options: --user semgrep
   args:
     - semgrep
     - ci
   env:
     SEMGREP_APP_TOKEN: ${{ inputs.semgrep-app-token }}
-#  using: composite
-#  steps:
-#    - run: echo "pausing checks"
-#      shell: bash