vrl 0.33.0 - Docs.rs

name: Static Analysis

on:
  push:
    branches:
      - main
      - "**"  # Run on all branches (includes PR branches)
  workflow_dispatch:  # Allow manual trigger from GitHub UI

permissions:
  contents: read

jobs:
  static-analysis:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - id: dd-token
        uses: ./.github/actions/dd-token
        with:
          policy: public-vectordotdev-vrl-static-analysis

      - name: Datadog Static Analyzer
        uses: DataDog/datadog-static-analyzer-github-action@8340f18875fcefca86844b5f947ce2431387e552 # v3.0.0
        with:
          dd_api_key: ${{ env.DD_API_KEY }}
          dd_app_key: ${{ env.DD_APP_KEY }}
          dd_site: datadoghq.com
          secrets_enabled: true