name: SAST Scan
on:
  push:
  pull_request:
    branches: [ main ]

jobs:  
  scan:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: AppThreat/sast-scan-action@master
      with:
        output: reports
        type: go
    - uses: actions/upload-artifact@v1
      with:
        name: sast-scan-reports
        path: reports