fix: Exclude test files from semgrep scan (#5982)

Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl>
kedacore · Jul 25, 2024 · 13aef49 · 13aef49
1 parent 4a14698
commit 13aef49
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/.github/workflows/static-analysis-semgrep.yml b/.github/workflows/static-analysis-semgrep.yml
@@ -2,7 +2,7 @@ name: "Semgrep"
 
 on:
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request_target: {}
 
 concurrency:
@@ -12,7 +12,7 @@ concurrency:
 jobs:
   semgrep:
     name: Analyze Semgrep
-    runs-on: ubuntu-latest
+    runs-on: ARM64
     container: returntocorp/semgrep
     if: (github.actor != 'dependabot[bot]')
     steps:
@@ -30,7 +30,7 @@ jobs:
           apk add github-cli
           gh pr checkout ${{ github.event.number }}
 
-      - run: semgrep ci --sarif --output=semgrep.sarif
+      - run: semgrep ci --exclude=test --exclude=test --sarif --output=semgrep.sarif
         env:
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}