Create sast.java #2

	name: Aqua
	on: pull_request
	jobs:
	aqua:
	name: Aqua scanner
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Run Aqua scanner
	uses: docker://aquasec/aqua-scanner
	with:
	args: trivy fs --scanners misconfig,vuln,secret --sast .
	# To customize which severities to scan for, add the following flag: --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
	# To enable SAST scanning, add: --sast
	# To enable reachability scanning, add: --reachability
	# To enable npm/dotnet/gradle non-lock file scanning, add: --package-json / --dotnet-proj / --gradle
	env:
	AQUA_KEY: ${{ secrets.AQUA_KEY }}
	AQUA_SECRET: ${{ secrets.AQUA_SECRET }}
	GITHUB_TOKEN: ${{ github.token }}
	TRIVY_RUN_AS_PLUGIN: 'aqua'
	# For http/https proxy configuration add env vars: HTTP_PROXY/HTTPS_PROXY, CA-CRET (path to CA certificate)

Provide feedback