Create test-sast.java #3

	name: Aqua
	on: pull_request
	jobs:
	aqua:
	name: Aqua scanner
	runs-on: ubuntu-latest
	permissions:
	contents: write
	pull-requests: write
	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Run Aqua scanner
	uses: docker://aquasec/aqua-scanner
	with:
	args: trivy fs --scanners misconfig,vuln,secret --sast .
	env:
	AQUA_KEY: ${{ secrets.AQUA_KEY }}
	AQUA_SECRET: ${{ secrets.AQUA_SECRET }}
	#GITHUB_TOKEN: ${{ secrets.TOKEN }}
	TRIVY_RUN_AS_PLUGIN: 'aqua'
	ACTIONS_RUNTIME_TOKEN: ${{ secrets.TOKEN }}
	TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2

Provide feedback