kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-01 16:05:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

semgrep: Fix invalid RPC rule and add validation GHA workflow. (#25088)

Browse Source
This commit is contained in:
James Rasell
2025-02-12 10:44:27 +01:00
committed by GitHub
parent 1c0caddb98
commit d8841e011f
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.github/workflows/semgrep.yml vendored
View File

@@ -6,8 +6,19 @@ on:
# push:
jobs:
semgrep-validate:
name: Semgrep Validate
if: (github.actor != 'dependabot[bot]')
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep:1.107.0
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- run: semgrep --metrics=off --validate --config=.semgrep/
semgrep:
name: Semgrep Scan
needs: [semgrep-validate]
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep:1.36.0
@@ -18,5 +29,6 @@ jobs:
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- run: semgrep ci --config=.semgrep/
permissions:
contents: read

2
.semgrep/rpc_endpoint.yml
View File

@@ -49,7 +49,7 @@ rules:
return err
}
...
if !aclObj.AllowClientOp()
if !aclObj.AllowClientOp() {
return structs.ErrPermissionDenied
}
...