Create OS_and_Code.yml

.github/workflows/OS_and_Code.yml

@@ -0,0 +1,51 @@
+name: Prebuilt repo + Snyk Security Scanning (OS, Code, Docker, IaC)
+
+# Runs 4 Snyk Products (Code, Open Source, Container, IaC)
+# Snyk installation via npm
+# Node.js version: 18.4
+# Outputs the results to the pipeline and in SARIF-format to the security tab
+
+# Prerequisites:
+# - Set a SNYK_TOKEN and a SNYK_ORG in the pipelines secrets
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Use Node.js for installing Snyk 
+      uses: actions/setup-node@v2
+      with:
+        node-version: 18.4
+
+    # Install & prepare Snyk
+    - run: npm install --location=global snyk
+
+    #  This OPTIONAL step will configure the Snyk CLI to connect to the EU instance of Snyk
+    #- run: snyk config set use-base64-encoding=true
+    #- run: snyk config set endpoint='https://app.eu.snyk.io/api'
+
+    - run: snyk auth ${{ secrets.SNYK_TOKEN }}
+
+    - name: Snyk Monitor
+        run: snyk monitor
+
+    - name: Snyk Open Source Scanning
+      run: snyk test --all-projects --sarif-file-output=snyk-oss.sarif
+      continue-on-error: true
+    - name: Upload results to GitHub Open Source Scanning
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: snyk-oss.sarif
+
+    - name: Snyk Code Scanning
+      run: snyk code test --sarif-file-output=snyk-code.sarif
+      continue-on-error: true
+    - name: Upload results to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: snyk-code.sarif