From b00a1ca764452f2a6991b889e8c3e9df6af2f6ff Mon Sep 17 00:00:00 2001
From: Stephen Bolton <steve.bolton@dotcms.com>
Date: Mon, 11 Nov 2024 16:54:23 +0000
Subject: [PATCH] missing artifact-run-id for trunk workflow for semgrep

---
 .github/workflows/cicd_3-trunk.yml            | 2 ++
 .github/workflows/cicd_comp_semgrep-phase.yml | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/cicd_3-trunk.yml b/.github/workflows/cicd_3-trunk.yml
index 08653f7dfe6..9c9ff3928d7 100644
--- a/.github/workflows/cicd_3-trunk.yml
+++ b/.github/workflows/cicd_3-trunk.yml
@@ -97,6 +97,8 @@ jobs:
     needs: [ initialize, test ]
     if: always() && !failure() && !cancelled() && vars.DISABLE_SEMGREP != 'true'
     uses: ./.github/workflows/cicd_comp_semgrep-phase.yml
+    with:
+      artifact-run-id: ${{ needs.initialize.outputs.artifact-run-id }}
     secrets:
       SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
 
diff --git a/.github/workflows/cicd_comp_semgrep-phase.yml b/.github/workflows/cicd_comp_semgrep-phase.yml
index 3b66b60f976..71ca1356a6b 100644
--- a/.github/workflows/cicd_comp_semgrep-phase.yml
+++ b/.github/workflows/cicd_comp_semgrep-phase.yml
@@ -33,7 +33,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      # Prepare Maven environment and run SonarQube analysis
+      # Create dependency files for semgrep analysis
       - name: Build Dependency Tre
         uses: ./.github/actions/core-cicd/maven-job
         with:
@@ -41,6 +41,8 @@ jobs:
           artifacts-from: ${{ inputs.artifact-run-id }}
           require-main: true
           github-token: ${{ secrets.GITHUB_TOKEN }}
+          require-graalvm: false
+          requires-node: false
           maven-args: dependency:tree -DoutputFile=maven_dep_tree.txt
       - name: Create Zip File
         run: find . -type f -name 'maven_dep_tree.txt' -exec zip -r dependency-tree.zip {} +