From a1602e40d7a475271430ea9d470c61acf87f3c43 Mon Sep 17 00:00:00 2001
From: Caroline6312 <caroline.mu@thetradedesk.com>
Date: Wed, 12 Mar 2025 15:35:31 -0700
Subject: [PATCH] Add vulnerability scan

---
 .../vulnerability-scan-failure-notify.yaml    | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/vulnerability-scan-failure-notify.yaml

diff --git a/.github/workflows/vulnerability-scan-failure-notify.yaml b/.github/workflows/vulnerability-scan-failure-notify.yaml
new file mode 100644
index 0000000..db9e5c8
--- /dev/null
+++ b/.github/workflows/vulnerability-scan-failure-notify.yaml
@@ -0,0 +1,24 @@
+name: Vulnerability Scan Failure Slack Notify
+on:
+  push:
+  workflow_dispatch:
+    inputs:
+      vulnerability_severity:
+        description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. DO NOT use 'CRITICAL' unless a Jira ticket is raised.
+        type: choice
+        options:
+          - CRITICAL,HIGH
+          - CRITICAL,HIGH,MEDIUM
+          - CRITICAL
+        default: 'CRITICAL,HIGH'
+  schedule:
+    - cron: '0 16 * * *'  # 9:00 AM GMT -7
+    - cron: '0 0 * * *'   # 5:00 PM GMT -7
+
+jobs:
+  vulnerability-scan-failure-notify:
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-vulnerability-scan-failure-notify.yaml@v3
+    secrets:
+      SLACK_WEBHOOK : ${{ secrets.SLACK_WEBHOOK }}
+    with:
+      scan_type : fs