From 4f6ae818df555a03c576961565730881724b50f4 Mon Sep 17 00:00:00 2001
From: Bernie White <bewhite@microsoft.com>
Date: Sat, 16 Apr 2022 17:14:01 +1000
Subject: [PATCH] Add repository scan

---
 .github/workflows/repo.yaml | 46 +++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 .github/workflows/repo.yaml

diff --git a/.github/workflows/repo.yaml b/.github/workflows/repo.yaml
new file mode 100644
index 0000000000..5ac4301c0b
--- /dev/null
+++ b/.github/workflows/repo.yaml
@@ -0,0 +1,46 @@
+#
+# Repository configuration analysis
+#
+
+# NOTES:
+# This workflow uses PSRule.
+# You can read more about these linting tools and configuration options here:
+#   PSRule - https://aka.ms/ps-rule and https://github.com/Microsoft/PSRule.Rules.GitHub
+
+name: Repository
+on:
+  push:
+    branches: [ main, 'release/*' ]
+  pull_request:
+    branches: [ main, 'release/*' ]
+  schedule:
+  - cron: '24 22 * * 0' # At 10:24 PM, on Sunday each week
+  workflow_dispatch:
+
+jobs:
+  repo:
+    name: Repository configuration
+    runs-on: ubuntu-latest
+    # if: github.repository == 'microsoft/PSRule'
+    permissions:
+      contents: read
+      security-events: write
+    steps:
+
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Run PSRule analysis
+      uses: Microsoft/ps-rule@v2.0.0
+      with:
+        modules: PSRule.Rules.GitHub
+        outputFormat: Sarif
+        outputPath: reports/ps-rule-results.sarif
+      env:
+        GITHUB_REPOSITORY: ${{ github.repository }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Upload results to security tab
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: reports/ps-rule-results.sarif