Merge pull request #1281 from alphagov/add-security-scans

Add security scans
alphagov · May 14, 2024 · c5d5c36 · c5d5c36
2 parents 843725f + 154a335
commit c5d5c36
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -7,6 +7,25 @@ on:
   pull_request:
 
 jobs:
+  security-analysis:
+    name: Security Analysis
+    uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
+    secrets: inherit
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+
+  codeql-sast:
+    name: CodeQL SAST scan
+    uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
+    permissions:
+      security-events: write
+
+  dependency-review:
+    name: Dependency Review scan
+    uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
+
   test:
     runs-on: ubuntu-latest
     services: