From 13a3def0c5f4e11c7e2e203ecf18cda38ca6d8e2 Mon Sep 17 00:00:00 2001 From: lommi Date: Wed, 10 Jul 2024 14:24:30 +0000 Subject: [PATCH] ci: add datadog static analysis (#15495) * fix: datadog test * chore: nx format:write update dirty files * ci: add trigger * chore: nx format:write update dirty files --------- Co-authored-by: andes-it Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com> --- .github/workflows/datadog-analysis.yml | 44 ++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 .github/workflows/datadog-analysis.yml diff --git a/.github/workflows/datadog-analysis.yml b/.github/workflows/datadog-analysis.yml new file mode 100644 index 000000000000..8ca21d6d5c6e --- /dev/null +++ b/.github/workflows/datadog-analysis.yml @@ -0,0 +1,44 @@ +name: Datadog Static Analysis +on: + push: + branches: + - 'main' + - 'release/**' + - 'pre-release/**' + paths-ignore: + - '**/*.md' + workflow_dispatch: + create: + pull_request: + types: + - opened + - synchronize + +jobs: + static-analysis: + runs-on: ec2-runners + container: + image: public.ecr.aws/m3u4c4h9/island-is/actions-runner-public:latest + name: Datadog Static Analyzer + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Check code meets quality and security standards + id: datadog-static-analysis + uses: DataDog/datadog-static-analyzer-github-action@v1 + with: + dd_api_key: ${{ secrets.DD_API_KEY }} + dd_app_key: ${{ secrets.DD_APP_KEY }} + dd_service: my-app + dd_env: ci + dd_site: datadoghq.eu + cpu_count: 2 + - name: Check imported libraries are secure and compliant + id: datadog-software-composition-analysis + uses: DataDog/datadog-sca-github-action@main + with: + dd_api_key: ${{ secrets.DD_API_KEY }} + dd_app_key: ${{ secrets.DD_APP_KEY }} + dd_service: my-app + dd_env: ci + dd_site: datadoghq.eu