From 5a53b47cbb9f41152a7edddae432f91b96f57d69 Mon Sep 17 00:00:00 2001
From: Yohan Lasorsa <noda@free.fr>
Date: Fri, 24 May 2024 07:16:15 +0000
Subject: [PATCH] ci: update azd validation workflow

---
 .github/workflows/azure-dev-validation.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/azure-dev-validation.yaml b/.github/workflows/azure-dev-validation.yaml
index 20dbd85c..174ace4d 100644
--- a/.github/workflows/azure-dev-validation.yaml
+++ b/.github/workflows/azure-dev-validation.yaml
@@ -12,12 +12,14 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Build Bicep for linting
-        uses: azure/CLI@v1
+        uses: azure/CLI@v2
         with:
           inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f infra/main.bicep --stdout
 
@@ -29,7 +31,7 @@ jobs:
           tools: templateanalyzer
 
       - name: Upload alerts to Security tab
-        if: github.repository == 'Azure-Samples/azure-search-openai-javascript'
-        uses: github/codeql-action/upload-sarif@v2
+        if: github.repository_owner == 'Azure-Samples'
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: ${{ steps.msdo.outputs.sarifFile }}