From 2b4741011df9d6507b2f8362dd8525d948a4c324 Mon Sep 17 00:00:00 2001
From: Angello <65546134+Angello-droid@users.noreply.github.com>
Date: Mon, 19 May 2025 16:55:05 +0100
Subject: [PATCH] Added security-scan.yml

Implemented the security scan step required by our security team
---
 .../workflows/security-scan.yml               | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 .github/ISSUE_TEMPLATE/workflows/security-scan.yml

diff --git a/.github/ISSUE_TEMPLATE/workflows/security-scan.yml b/.github/ISSUE_TEMPLATE/workflows/security-scan.yml
new file mode 100644
index 00000000..6bf82dce
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/workflows/security-scan.yml
@@ -0,0 +1,27 @@
+name: Security scan on all changes (Commits/PRs)
+
+on:
+  push:
+    branches: ['main', 'master', 'pilots', 'dev']
+  pull_request:
+    types:
+      - opened
+
+jobs:
+  code-check:
+    runs-on: ubuntu-latest
+    env:
+      OS: ubuntu-latest
+    steps:
+      - name: checkout code
+        uses: actions/checkout@v2
+
+      - name: Checkmarx One ClI Action
+        uses: checkmarx/ast-github-action@main
+        with:
+          project_name: AndroidSDK
+          cx_tenant: Flutterwave
+          base_uri: https://eu.ast.checkmarx.net/
+          cx_client_id: ${{ secrets.CX_CLIENT_ID }}
+          cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }}
+          additional_params: --scan-types sast,iac-security,api-security,sca,container-security
\ No newline at end of file