From 1d93d69b2a527596fb5050af0a54adb0290261fb Mon Sep 17 00:00:00 2001
From: Giovanni Di Santi <giovanni.disanti@scout24.com>
Date: Thu, 2 Feb 2023 08:58:39 +0100
Subject: [PATCH] [skip ci] Add Advanced Security code scanning workflow

---
 .github/workflows/codeql-analysis.yml | 31 +++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..36fb221
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,31 @@
+name: "CodeQL"
+
+on:
+  # workflow_dispatch enables manual triggering of the workflow
+  workflow_dispatch:
+  schedule:
+  - cron: '57 16 * * 6'
+env:
+  FAST_EMAIL: ${{ secrets.FAST_EMAIL }}
+  FAST_USER: ${{ secrets.FAST_USER }}
+  FAST_TOKEN: ${{ secrets.FAST_TOKEN }}
+  FAST_HTTPAUTH: ${{ secrets.FAST_HTTPAUTH }}
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: S24 static application security testing (SAST) action
+      uses: scout24/s24-sast-action@v1
+      with:
+        languages: java
+        fast_user: ${{ env.FAST_USER }}
+        fast_token: ${{ env.FAST_TOKEN }}
+        java_version: '11'
+