Fix dockerfile.security.missing-user rules #2765

Summary
Jobs
- trigger
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/trigger-semgrep-scanner-initiate-scan.yaml at c787aa6

	name: semgrep-scanner benchmarks

	on:
	workflow_dispatch:
	push:
	branches: [release]
	pull_request:
	branches: [develop, release]
	jobs:
	trigger:
	# do not run automatically if rule is posted from the playground (can still be started manually)
	# PRs posted by first time contributors already need approval as well
	if: github.actor != 'semgrep-dev-pr-bot'
	runs-on: ubuntu-20.04
	steps:
	- uses: actions/checkout@v2
	with:
	fetch-depth: 0
	- id: changed-files
	name: get changed files
	env:
	HEAD_REF: ${{ github.head_ref }}
	run: \|
	CHANGED_FILES=$(git diff --name-only origin/develop origin/$HEAD_REF \| xargs -0 \| sed '/^$/d' \| sed -r '/^(.github\|bash\|contrib\|fingerprints\|generic\|json\|problem-based-packs\|scripts\|stats\|trusted_python\|yaml)/d' \| sed -n '/.*yaml/p' \| tr '\n' ' ')
	echo "changed_files=$CHANGED_FILES" >> $GITHUB_ENV
	- id: print-changed-files
	name: debugging step - print changed files
	env:
	CHANGED_FILES: ${{ env.changed_files }}
	run: \|
	echo "$CHANGED_FILES"
	- id: changed-langs
	name: get changed langs
	env:
	CHANGED_FILES: ${{ env.changed_files }}
	run: \|
	CHANGED_LANGS=$(echo "$CHANGED_FILES" \| sed 's/ /\n/g' \| sed 's/^$[^/]$./\1/' \| sort -u \| tr '\n' ' ')
	echo "changed_langs=$CHANGED_LANGS" >> $GITHUB_ENV
	CHANGED_LANG_COUNT=$(echo "$CHANGED_LANGS" \| wc -w)
	echo "changed_lang_count=$CHANGED_LANG_COUNT" >> $GITHUB_ENV
	- name: Trigger semgrep-scanner argo workflow on push to release
	if: github.event_name == 'push'
	env:
	GH_REF: ${{ github.ref }}
	REPO_NAME: ${{ github.event.repository.name }}
	run: \|
	curl -X POST https://argo.corp.r2c.dev/api/v1/events/security-research/initiate-scan-on-push -H "Authorization: ${{ secrets.ARGO_WORKFLOWS_TOKEN }}" -d "{ \"repo\": \"$REPO_NAME\", \"branch\" : \"$GH_REF\"}"
	- name: Trigger semgrep-scanner argo workflow on PR to develop or release
	env:
	CHANGED_FILES: ${{ env.changed_files }}
	CHANGED_LANGS: ${{ env.changed_langs }}
	HEAD_REF: ${{ github.head_ref }}
	REPO_NAME: ${{ github.event.repository.name }}
	PR_HEAD_SHA: ${{github.event.pull_request.head.sha}}
	if: \|
	github.event_name == 'pull_request' &&
	env.changed_lang_count > 0
	run: \|
	curl -X POST https://argoworkflows-dev2.corp.r2c.dev/api/v1/events/security-research/initiate-scan-argo -H "Authorization: ${{ secrets.ARGO_WORKFLOWS_TOKEN }}" -d "{\"branch\" : \"$HEAD_REF\", \"repo\" : \"$REPO_NAME\", \"commit\" : \"$PR_HEAD_SHA\", \"changed_files\" : \"$CHANGED_FILES\" , \"langs\" : \"$CHANGED_LANGS\"}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix dockerfile.security.missing-user rules #2765

Workflow file

Fix dockerfile.security.missing-user rules #2765

Jobs

Run details

Workflow file for this run