From 6ae5469ea0cae5a67d03d9b80a0801506e050617 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D8=A8=D9=84=D8=A7=D9=84=20=D9=85=D8=B3=D9=84=D9=88=D8=A8?=
 <mesloubi2021@gmail.com>
Date: Thu, 8 Aug 2024 15:55:55 +0200
Subject: [PATCH] Create endorlabs.yml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: بلال مسلوب <mesloubi2021@gmail.com>
---
 .github/workflows/endorlabs.yml | 51 +++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 .github/workflows/endorlabs.yml

diff --git a/.github/workflows/endorlabs.yml b/.github/workflows/endorlabs.yml
new file mode 100644
index 0000000000..923f850299
--- /dev/null
+++ b/.github/workflows/endorlabs.yml
@@ -0,0 +1,51 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Endor Labs
+on:
+  push:
+    branches: [ "Main" ]
+  pull_request:
+    branches: [ "Main" ]
+  schedule:
+    - cron: '30 11 * * 0'
+jobs:
+  scan:
+    permissions:
+      security-events: write # Used to upload sarif artifact to GitHub
+      contents: read # Used to checkout a private repository by actions/checkout.
+      actions: read # Required for private repositories to upload sarif files. GitHub Advanced Security licenses are required.
+      id-token: write # Used for keyless authentication to Endor Labs
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+    #### Package Build Instructions
+    ### Use this section to define the build steps used by your software package.
+    ### Endor Labs builds your software for you where possible but the required build tools must be made available.
+    # - name: Setup Java
+    #   uses: actions/setup-java@v4
+    #   with:
+    #     distribution: 'microsoft'
+    #     java-version: '17'
+    # - name: Build Package
+    #   run: mvn clean install
+    - name: Endor Labs scan pull request
+      if: github.event_name == 'pull_request'
+      uses: endorlabs/github-action@b51bd06466b545f01a6ac788e3e1147695d3936c
+      with:
+        namespace: "example" # Modify the namespace to your Endor Labs tenant namespace.
+        sarif_file: findings.sarif
+    - name: Endor Labs scan monitor
+      if: github.event_name == 'push'
+      uses: endorlabs/github-action@b51bd06466b545f01a6ac788e3e1147695d3936c
+      with:
+        namespace: "example" # Modify the namespace to your Endor Labs tenant namespace.
+        ci_run: "false"
+        sarif_file: findings.sarif
+    - name: Upload SARIF to github
+      uses: github/codeql-action/upload-sarif@v3
+      with:
+        sarif_file: findings.sarif