From 8912dad97be59060bef255a740be8e8353d5b093 Mon Sep 17 00:00:00 2001
From: Thijs van Loef <thijsvanloef@gmail.com>
Date: Wed, 14 Feb 2024 12:27:25 +0100
Subject: [PATCH] init sec scanning

---
 .github/workflows/security.yml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 .github/workflows/security.yml

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 000000000..b63ac7b92
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,30 @@
+---
+name: Security Scanning
+
+on:  # yamllint disable-line rule:truthy
+  pull_request:
+    branches:
+      - main
+
+jobs:
+ scan:
+    runs-on: ubuntu-latest
+    name: Security - Scan
+    steps:
+        - name: Checkout
+          uses: actions/checkout@v4
+  
+        - name: Set up Docker Buildx
+          uses: docker/setup-buildx-action@v3
+  
+        - name: Build and export to Docker
+          uses: docker/build-push-action@v5
+          with:
+            push: false
+            tags: thijsvanloef/palworld-server-docker:security
+
+        - name: Scan for vulnerabilities
+          uses: crazy-max/ghaction-container-scan@v3
+          with:
+            image: thijsvanloef/palworld-server-docker:security
+            annotations: true