From deea016323008fd78d53ab2463226284742197d2 Mon Sep 17 00:00:00 2001
From: "jit-ci[bot]" <91912817+jit-ci[bot]@users.noreply.github.com>
Date: Wed, 10 Jan 2024 07:19:08 +0000
Subject: [PATCH] Sync with plan

---
 .github/workflows/jit-security.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/jit-security.yml b/.github/workflows/jit-security.yml
index e30d1e8..abf0951 100644
--- a/.github/workflows/jit-security.yml
+++ b/.github/workflows/jit-security.yml
@@ -130,6 +130,16 @@ jobs:
         security_control: registry.jit.io/control-osv-scanner-alpine:latest
         security_control_output_file: /code/jit-report/enriched-osv-scanner-results.json
         
+  static-code-analysis-c-cpp:
+    if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-c-cpp' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast'
+    runs-on: ubuntu-20.04
+    timeout-minutes: 20
+    steps:
+    - name: semgrep
+      uses: jitsecurity-controls/jit-github-action@v4.0.6
+      with:
+        security_control: registry.jit.io/control-semgrep-alpine:latest
+        
   static-code-analysis-csharp:
     if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-csharp' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast'
     runs-on: ubuntu-20.04