# This workflow integrates Scan with GitHub's code scanning feature
# Scan is a free open-source security tool for modern DevOps teams from ShiftLeft
# Visit https://slscan.io/en/latest/integrations/code-scan for help
name: SL Scan

on:
  push:
    branches: [ master ]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [ master ]
  schedule:
    - cron: '16 22 * * 4'

jobs:
  Scan-Build:
    # Scan runs on ubuntu, mac and windows
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    # potentially add composer install steo here
    - name: Perform Scan
      uses: ShiftLeftSecurity/scan-action@master
      env:
        WORKSPACE: ""
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        SCAN_AUTO_BUILD: true
      with:
        output: reports
        # Scan auto-detects the languages.

    - name: Upload report
      uses: github/codeql-action/upload-sarif@v2
      with:
        sarif_file: reports