From 846418d83f24707408d6c85489e06a366de07943 Mon Sep 17 00:00:00 2001
From: Jared Perreault <90656038+jaredperreault-okta@users.noreply.github.com>
Date: Wed, 16 Aug 2023 11:11:51 -0400
Subject: [PATCH] chore: enables semgrep (#137)

OKTA-636330 chore: enables semgrep
---
 .bacon.yml         |  7 +++++++
 scripts/semgrep.sh | 12 ++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 scripts/semgrep.sh

diff --git a/.bacon.yml b/.bacon.yml
index 46cb202..06d4e3e 100644
--- a/.bacon.yml
+++ b/.bacon.yml
@@ -40,4 +40,11 @@ test_suites:
       timeout: '60'
       script_name: publish
       criteria: MERGE
+      queue_name: small
+    - name: semgrep
+      script_path: /root/okta/okta-vue/scripts
+      sort_order: '7'
+      timeout: '10'
+      script_name: semgrep
+      criteria: MERGE
       queue_name: small
\ No newline at end of file
diff --git a/scripts/semgrep.sh b/scripts/semgrep.sh
new file mode 100644
index 0000000..646c99e
--- /dev/null
+++ b/scripts/semgrep.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -eo pipefail
+
+cd ${OKTA_HOME}/${REPO}
+
+if ! sast_scan;
+then
+  exit ${FAILURE}
+fi
+
+exit ${SUCCESS}
\ No newline at end of file