DevSecStack
diff --git a/‎.github/FUNDING.yml‎
Lines changed: 0 additions & 1 deletion b/‎.github/FUNDING.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎.github/dependabot.yml‎
Lines changed: 0 additions & 14 deletions b/‎.github/dependabot.yml‎
Lines changed: 0 additions & 14 deletions
diff --git a/‎.github/lock.yml‎
Lines changed: 0 additions & 10 deletions b/‎.github/lock.yml‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎.github/stale.yml‎
Lines changed: 0 additions & 10 deletions b/‎.github/stale.yml‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎.github/workflows/branchbuild.txt‎
Lines changed: 0 additions & 54 deletions b/‎.github/workflows/branchbuild.txt‎
Lines changed: 0 additions & 54 deletions
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 0 additions & 51 deletions b/‎.github/workflows/build.yml‎
Lines changed: 0 additions & 51 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 143 deletions b/‎.github/workflows/release.yml‎
Lines changed: 0 additions & 143 deletions
diff --git a/‎.github/workflows/scan.yml‎
Lines changed: 37 additions & 0 deletions b/‎.github/workflows/scan.yml‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 0 additions & 61 deletions b/‎.github/workflows/test.yml‎
Lines changed: 0 additions & 61 deletions
@@ -0,0 +1,37 @@
+name: CloudGuard Code Security
+
+on: push
+
+env:
+  SPECTRAL_DSN: ${{ secrets.SPECTRAL_DSN }}
+  
+  # JFrog platform url (for example: https://acme.jfrog.io)
+  JF_URL: ${{ vars.JF_URL }}
+
+  # JFrog Platform access token
+  JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+
+jobs:
+  spectral:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: CloudGuard Code Security Scan
+        uses: checkpointsw/spectral-github-action@v4
+        with:
+          spectral-dsn: ${{ env.SPECTRAL_DSN }}
+          spectral-args: scan --fail-on-error --engines secrets,iac,oss --asset-mapping github.${{ github.repository_owner }}
+  jas:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: jfrog/setup-jfrog-cli@v4
+      - run: |
+          jf audit --sca --iac --secrets --sast
+  xray:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: jfrog/setup-jfrog-cli@v4
+      - run: |
+          jf s "*"