From a0d3778aaadbc6dbade8ad614aea481334592e9c Mon Sep 17 00:00:00 2001
From: Lior Dux <124557045+zMynxx@users.noreply.github.com>
Date: Fri, 18 Aug 2023 20:46:47 +0300
Subject: [PATCH] Create terrascanner.yml

---
 .github/workflows/terrascan/terrascanner.yml | 31 ++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/terrascan/terrascanner.yml

diff --git a/.github/workflows/terrascan/terrascanner.yml b/.github/workflows/terrascan/terrascanner.yml
new file mode 100644
index 0000000..7c41b22
--- /dev/null
+++ b/.github/workflows/terrascan/terrascanner.yml
@@ -0,0 +1,31 @@
+name: Terrascan scan
+on:
+  push:
+  pull_request:
+
+jobs:
+  terrascan_job:
+    runs-on: ubuntu-22.04
+    name: terrascan-action
+    steps:
+      - uses: actions/checkout@v3
+      - name: Terrascan IaC scanner
+        id: terrascan
+        uses: tenable/terrascan-action@v1.4.1
+        with:
+          iac_type: "terraform"
+          iac_version: "v14"
+          policy_type: "aws"
+          only_warn: true
+          sarif_upload: true
+          #   webhook_url: ${{ secrets.SLACK_WEBHOOK_PROD }}
+          find_vulnerabilities: true
+          #non_recursive:
+          #iac_dir:
+          #policy_path:
+          #skip_rules:
+          #config_path:
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: terrascan.sarif