Scan

[BRE-1374] Creating Template structure and populating with docker templates #1371

	name: Scan

	on:
	workflow_dispatch:
	push:
	branches:
	- "main"
	pull_request:
	types: [opened, synchronize, reopened]
	branches-ignore:
	- main
	pull_request_target: # zizmor: ignore[dangerous-triggers]
	types: [opened, synchronize, reopened]
	branches:
	- "main"

	permissions: {}

	jobs:
	check-run:
	name: Check PR run
	uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
	permissions:
	contents: read

	sast:
	name: Checkmarx
	uses: bitwarden/gh-actions/.github/workflows/_checkmarx.yml@main
	needs: check-run
	secrets:
	AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
	AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
	permissions:
	contents: read
	pull-requests: write
	security-events: write
	id-token: write

	quality:
	name: Sonar
	uses: bitwarden/gh-actions/.github/workflows/_sonar.yml@main
	needs: check-run
	secrets:
	AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
	AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
	permissions:
	contents: read
	pull-requests: write
	id-token: write

Provide feedback