From e14db5dad2c340402d87ad74b23858f57dbbbe84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tr=E1=BA=A7n=20Gia=20Ngh=C4=A9a?=
 <88471003+th3-bl1nd3r@users.noreply.github.com>
Date: Wed, 12 Jun 2024 22:50:24 +0700
Subject: [PATCH] Create main.yml

---
 .github/workflows/main.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/main.yml

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 000000000..033a9a47b
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,31 @@
+name: Contrast Security SCA
+on:
+  push:
+    branches:
+      - "main"
+jobs:
+  Check-Dependency-Vulnerabilities:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4.1.5
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4.2.1
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: build jar
+        run: |
+          mvn clean install -DskipTests
+
+      - name: Contrast SCA Action
+        uses: Contrast-Security-OSS/contrast-sca-action@v2.0.10
+        with:
+          apiKey: ${{ secrets.CONTRAST_API_KEY }}
+          orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
+          authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
+          apiUrl: ${{ secrets.CONTRAST_API_URL }}
+          filePath: mypath/to/config/files
+          severity: medium
+          fail: true