Perform KICS Scan #1623

	################################################################################
	# Copyright (c) 2021,2024 Contributors to the Eclipse Foundation
	#
	# See the NOTICE file(s) distributed with this work for additional
	# information regarding copyright ownership.
	#
	# This program and the accompanying materials are made available under the
	# terms of the Apache License, Version 2.0 which is available at
	# https://www.apache.org/licenses/LICENSE-2.0.
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	# License for the specific language governing permissions and limitations
	# under the License.
	#
	# SPDX-License-Identifier: Apache-2.0
	################################################################################

	name: "Perform KICS Scan"
	on:
	push:
	branches:
	- main
	- 'release/**'
	schedule:
	- cron: "0 0 * * *"
	workflow_dispatch:
	pull_request:
	branches:
	- main
	jobs:
	scan:
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write

	steps:
	- uses: actions/checkout@v4

	- name: KICS scan
	uses: checkmarx/kics-github-action@master
	with:
	path: "./charts"
	fail_on: high
	disable_secrets: true
	output_path: kicsResults/
	output_formats: "json,sarif"

	- name: Upload SARIF file for GitHub Advanced Security Dashboard
	if: github.event_name != 'pull_request'
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: kicsResults/results.sarif

Provide feedback