From 79c0ad16707a8cfacfc4071f8134fe3c0de23ae4 Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Sat, 5 Jun 2021 00:21:48 +0200
Subject: [PATCH] Add Siftleft scan

It seems [to cover](https://slscan.io/en/latest/#supported-languages-frameworks) PHP including license check in addition to dependency scanning.
---
 .github/workflows/shiftleft-analysis.yml | 35 ++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/shiftleft-analysis.yml

diff --git a/.github/workflows/shiftleft-analysis.yml b/.github/workflows/shiftleft-analysis.yml
new file mode 100644
index 00000000..18d412a6
--- /dev/null
+++ b/.github/workflows/shiftleft-analysis.yml
@@ -0,0 +1,35 @@
+# This workflow integrates Scan with GitHub's code scanning feature
+# Scan is a free open-source security tool for modern DevOps teams from ShiftLeft
+# Visit https://slscan.io/en/latest/integrations/code-scan for help
+name: SL Scan
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '16 22 * * 4'
+
+jobs:
+  Scan-Build:
+    # Scan runs on ubuntu, mac and windows
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    # potentially add composer install steo here
+    - name: Perform Scan
+      uses: ShiftLeftSecurity/scan-action@master
+      env:
+        WORKSPACE: ""
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SCAN_AUTO_BUILD: true
+      with:
+        output: reports
+        # Scan auto-detects the languages.
+
+    - name: Upload report
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: reports