Merge pull request #5 from Dekunledev/main

Added checkmarx security scan to the github build pipeline

Author: corneliusyaovi

.github/workflows/security-scan.yml

@@ -0,0 +1,28 @@
+name: Security scan on all changes (Commits/PRs)
+
+on:
+  push:
+    branches: ['main', 'master', 'pilot', 'dev']
+  pull_request:
+    types:
+      - opened
+
+jobs:
+  code-check:
+    runs-on: ubuntu-latest
+    env:
+      OS: ubuntu-latest
+    steps:
+    - name: checkout code
+      uses: actions/checkout@v2
+    
+
+    - name: Checkmarx One ClI Action
+      uses: checkmarx/ast-github-action@main
+      with:
+        project_name: Java-v2
+        cx_tenant: Flutterwave
+        base_uri: https://eu.ast.checkmarx.net/
+        cx_client_id: ${{ secrets.CX_CLIENT_ID }}
+        cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }}
+        additional_params: --scan-types sast,iac-security,api-security,sca,container-security