From 577bead7ea749d08a9884ca51548bc8e082b0747 Mon Sep 17 00:00:00 2001
From: Tomas Tauber <2410580+tomtau@users.noreply.github.com>
Date: Mon, 13 Jul 2020 10:03:06 +0800
Subject: [PATCH] added shift-left analysis

---
 .github/workflows/chain-docs.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.github/workflows/chain-docs.yml b/.github/workflows/chain-docs.yml
index 182578ea..5cd24ead 100644
--- a/.github/workflows/chain-docs.yml
+++ b/.github/workflows/chain-docs.yml
@@ -34,3 +34,19 @@ jobs:
         . ci/scripts/prepare
         ci/scripts/build
         ci/scripts/deploy
+    - name: Perform ShiftLeft Scan
+      uses: ShiftLeftSecurity/scan-action@master
+      env:
+        WORKSPACE: ""
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SCAN_AUTO_BUILD: true
+      with:
+        output: reports
+        # Scan auto-detects the languages in your project. To override uncomment the below variable and set the type
+        # type: credscan,java
+        # type: python
+
+    - name: Upload report
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: reports