name: Security action

on:
  workflow_dispatch: {}
  pull_request:
  schedule:
  - cron: 5 4 * * 6


jobs:
  security-action:
    uses: prosperllc/appsec-utils/.github/workflows/security_action.yml@master
    with:
      repo: ${{ github.repository }}
      head_ref: ${{ github.head_ref}}
      base_ref: ${{github.base_ref }}
    secrets:
      token: ${{ secrets.GITHUB_TOKEN }}
      GH_PAT: ${{ secrets.SECRET_SCANNER_GITHUB_TOKEN}}
      SLACK_TOKEN: ${{secrets.SECRET_SCANNER_SLACK_CHANNEL_ID}}
      SEMGREP_TOKEN: ${{ secrets.GH_SEMGREP_APP_TOKEN }}
      GAR_JSON_KEY: ${{secrets.GAR_JSON_KEY}}