MDFC DevOps Sec IaC Scan #6

	name: MDFC DevOps Sec IaC Scan

	on:
	# Triggers the workflow on push or pull request events but only for the main branch
	push:
	branches: [ main ]

	pull_request:
	branches: [ main ]

	workflow_dispatch:

	jobs:
	security:
	runs-on: windows-latest
	continue-on-error: false
	strategy:
	fail-fast: true

	steps:
	- uses: actions/checkout@v3

	- uses: actions/setup-dotnet@v3
	with:
	dotnet-version: \|
	5.0.x
	6.0.x

	- name: Run Microsoft Security DevOps
	uses: microsoft/security-devops-action@v1.6.0
	continue-on-error: false
	id: msdo
	with:
	categories: 'IaC'

	- name: Upload alerts to Security tab
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: ${{ steps.msdo.outputs.sarifFile }}

Provide feedback