Add files via upload

contentstack-admin · web-flow · commit a0702a2d0f34 · 2022-06-13T14:43:42.000+05:30
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
@@ -0,0 +1,14 @@
+name: SAST Scan
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Horusec Scan
+        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src horuszup/horusec-cli:latest horusec start -p /src -P $(pwd)
diff --git a/.github/workflows/sca-monitor.yml b/.github/workflows/sca-monitor.yml
@@ -0,0 +1,13 @@
+name: Source Composition Analysis Monitor
+on: push
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: monitor
diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
@@ -0,0 +1,16 @@
+name: Source Composition Analysis Scan
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml
@@ -0,0 +1,14 @@
+name: Secrets Scan
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Gittyleaks
+        uses: gupy-io/gittyleaks-action@v0.1
