Push from al-gerd initiated a Security Scan 🚀 #9

	name: SAST Scan
	run-name: Push from ${{ github.actor }} initiated a Security Scan 🚀
	on: [push]
	permissions:
	contents: write
	jobs:
	sast-scan:
	runs-on: ubuntu-latest
	container: avarteqgmbh/bearer-osv-scan
	steps:
	- name: Checkout repo inside CI runner
	uses: actions/checkout@v4
	# - name: Bearer-SAST Installation
	# working-directory: ./ci/actions
	# run: \|
	# chmod +x install-bearer.sh
	# ./install-bearer.sh
	- name: Setup results file
	run: \|
	mkdir -p scan_results
	touch ./scan_results/bearer.out.json
	git config --global --add safe.directory '*'
	- name: SAST Scan
	working-directory: .
	run: bearer scan . --config-file ./ci/configs/bearer.yml --output ./scan_results/bearer.out.json
	- name: Commit changes
	uses: EndBug/add-and-commit@v9
	with:
	author_name: scanner-bot
	author_email: [email protected]
	message: '[bot] Add SAST scan results'
	fetch: true
	cve-scan:
	runs-on: ubuntu-latest
	container: avarteqgmbh/bearer-osv-scan
	steps:
	- name: Checkout repo inside CI runner
	uses: actions/checkout@v4
	- name: Setup results file
	run: \|
	mkdir -p scan_results
	touch ./scan_results/osv.out.json
	git config --global --add safe.directory '*'
	- name: SAST Scan
	working-directory: .
	run: osv-scanner --json --output ./scan_results/osv.out.json -r .
	continue-on-error: true
	- name: Commit changes
	uses: EndBug/add-and-commit@v9
	with:
	author_name: scanner-bot
	author_email: [email protected]
	message: '[bot] Add SAST scan results'
	fetch: true

Provide feedback