From 89fc26eea8d4cde0d31b5d67f02d69a2ac9cf022 Mon Sep 17 00:00:00 2001
From: Becky Chen <becky.chen@salesforce.com>
Date: Fri, 4 Oct 2024 16:03:01 +0000
Subject: [PATCH] Add Security Alerts GHA

---
 .github/workflows/push_dependabot_metadata.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/workflows/push_dependabot_metadata.yml

diff --git a/.github/workflows/push_dependabot_metadata.yml b/.github/workflows/push_dependabot_metadata.yml
new file mode 100644
index 0000000..24f220b
--- /dev/null
+++ b/.github/workflows/push_dependabot_metadata.yml
@@ -0,0 +1,18 @@
+name: Send data to Security Alerts
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 10 * * *'
+
+jobs:
+  send-alerts:
+    runs-on: sfdc-hk-ubuntu-latest
+    steps:
+      - name: Send data to Security Alerts
+        uses: heroku/security-alerts-action@main
+        with:
+          gh-app-id: ${{ secrets.SECURITY_ALERTS_GH_APP_ID }}
+          gh-app-privkey: ${{ secrets.SECURITY_ALERTS_GH_APP_PRIVKEY }}
+          webhook-url: ${{ secrets.SECURITY_ALERTS_WEBHOOK_URL }}
+          sa-token: ${{ secrets.SECURITY_ALERTS_TOKEN }}