Add Siftleft scansiftleft-scan

It seems [to cover](https://slscan.io/en/latest/#supported-languages-frameworks) PHP including license check in addition to dependency scanning.

1 files changed, 35 insertions, 0 deletions

diff --git a/.github/workflows/shiftleft-analysis.yml b/.github/workflows/shiftleft-analysis.yml
new file mode 100644
index 00000000..18d412a6
--- /dev/null
+++ b/.github/workflows/shiftleft-analysis.yml
@@ -0,0 +1,35 @@
+# This workflow integrates Scan with GitHub's code scanning feature
+# Scan is a free open-source security tool for modern DevOps teams from ShiftLeft
+# Visit https://slscan.io/en/latest/integrations/code-scan for help
+name: SL Scan
+
+on:
+ push:
+ branches: [ master ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ master ]
+ schedule:
+ - cron: '16 22 * * 4'
+
+jobs:
+ Scan-Build:
+ # Scan runs on ubuntu, mac and windows
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/[email protected]
+ # potentially add composer install steo here
+ - name: Perform Scan
+ uses: ShiftLeftSecurity/[email protected]
+ env:
+ WORKSPACE: ""
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SCAN_AUTO_BUILD: true
+ with:
+ output: reports
+ # Scan auto-detects the languages.
+
+ - name: Upload report
+ uses: github/codeql-action/[email protected]
+ with:
+ sarif_file: reports