From a5055156418ef220f1d2ef3226d5ba402723e34a Mon Sep 17 00:00:00 2001
From: Ruslan Riznyk <ruslanriznyk@gmail.com>
Date: Wed, 6 Mar 2024 18:06:51 +0200
Subject: [PATCH] fix: added security KICS scan action

---
 .github/workflows/kics_sec_scan.yml | 31 +++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/kics_sec_scan.yml

diff --git a/.github/workflows/kics_sec_scan.yml b/.github/workflows/kics_sec_scan.yml
new file mode 100644
index 0000000..4bb46e7
--- /dev/null
+++ b/.github/workflows/kics_sec_scan.yml
@@ -0,0 +1,31 @@
+name: Run security KICS scaner
+
+on: 
+  pull_request:
+    branches:
+    - main
+
+jobs:
+  kics:
+    name: Run security KICS scaner
+    runs-on: "ubuntu-latest"
+
+    steps:
+    - name: Checkout code repo
+      uses: actions/checkout@v3
+
+    - name: Run security KICS scaner
+      uses: checkmarx/kics-github-action@v1.7.0
+      with:
+        path: .
+        output_path: myResults/
+        output_formats: 'sarif'
+        enable_comments: true
+        enable_annotations: true
+        ignore_on_exit: results
+       
+    # TBD    
+    # - name: Upload SARIF file
+    #   uses: github/codeql-action/upload-sarif@v1
+    #   with:
+    #     sarif_file: myResults/results.sarif