From e6b2f4fcd778fec2e00155a1fdf7a40f48a8c6b8 Mon Sep 17 00:00:00 2001
From: Priyaccuknox <164139054+Priyaccuknox@users.noreply.github.com>
Date: Wed, 27 Nov 2024 23:43:33 +0530
Subject: [PATCH] sast report to SaaS

---
 .github/workflows/sonarscan.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/sonarscan.yaml

diff --git a/.github/workflows/sonarscan.yaml b/.github/workflows/sonarscan.yaml
new file mode 100644
index 0000000..ff66ce0
--- /dev/null
+++ b/.github/workflows/sonarscan.yaml
@@ -0,0 +1,31 @@
+name: Push SonarQube scans to SaaS
+
+on:
+  push:
+    tags:
+    - "v[0-9]+.[0-9]+.[0-9]+"
+    - "v[0-9]+.[0-9]+.[0-9]+-*"
+    - "v*"
+
+env:
+  AK_URL: "https://cspm.accuknox.com"
+  AK_SAST_LABEL: "SAST"
+
+jobs:
+  scan-and-push:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: accuknox/common-gh-actions/actions/sonarqube@main
+      with:
+        token: ${{ secrets.SQ_TOKEN }}
+        qualityGateCheck: 'false'
+        args: >
+          -Dsonar.projectKey=accuknox-jobs
+          -Dsonar.sources=.
+        projectKey: accuknox-jobs
+        pushToSaas: true
+        ak_url: ${{ env.AK_URL }}
+        ak_tok: ${{ secrets.AK_PROD_ACCUKNOXTECH_TOKEN }}
+        tenant_id: ${{ secrets.AK_PROD_ACCUKNOXTECH_TENANT_ID }}
+        label: ${{ env.AK_SAST_LABEL }}
\ No newline at end of file