From 4108ebff198f9ed50e01cd1228b58516fc47e70f Mon Sep 17 00:00:00 2001
From: acleary-0 <142839800+acleary-0@users.noreply.github.com>
Date: Fri, 6 Jun 2025 13:08:49 -0400
Subject: [PATCH 1/2] chore(project): enable fortify on demand

---
 .github/workflows/fortify.yml | 42 +++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 .github/workflows/fortify.yml

diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml
new file mode 100644
index 0000000..87b5277
--- /dev/null
+++ b/.github/workflows/fortify.yml
@@ -0,0 +1,42 @@
+name: "FOD-SAST"
+# Please change the events according to your needs: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
+on:
+  pull_request:
+  workflow_dispatch:
+  push:
+    branches:    
+      - 'main'
+
+jobs:
+  SourceCode:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read 
+      contents: read
+      security-events: write
+      pull-requests: write
+      
+    steps:
+      - name: Check Out Source Code
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 11
+          distribution: 'temurin'
+
+      - name: Run FoD SAST Scan
+        uses: fortify/github-action@v1.6.3
+        with:
+          sast-scan: true
+        env:
+          FOD_TENANT: ${{ secrets.FOD_TENANT }}
+          FOD_CLIENT_ID: ${{ secrets.FOD_API_KEY }}
+          FOD_CLIENT_SECRET: ${{ secrets.FOD_SECRET }}
+          FOD_RELEASE: ${{ secrets.FOD_RELEASE_ID }}
+          FOD_URL: "https://ams.fortify.com/"
+          FOD_API_URL: "https://api.ams.fortify.com/"
+          FOD_SAST_SCAN_EXTRA_OPTS: --notes='Triggered by GitHub Actions (${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})'
+          PACKAGE_EXTRA_OPTS: "-bt gradle --exclude .git/* --exclude .github/* --exclude node_modules"
+          SC_CLIENT_VERSION: 25.2.0

From 09d581429fe6209c67105afbe2df9392ab983c73 Mon Sep 17 00:00:00 2001
From: acleary-0 <142839800+acleary-0@users.noreply.github.com>
Date: Fri, 6 Jun 2025 13:36:09 -0400
Subject: [PATCH 2/2] chore(project): change event default

---
 .github/workflows/fortify.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml
index 87b5277..ab12e89 100644
--- a/.github/workflows/fortify.yml
+++ b/.github/workflows/fortify.yml
@@ -1,7 +1,6 @@
 name: "FOD-SAST"
 # Please change the events according to your needs: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows
 on:
-  pull_request:
   workflow_dispatch:
   push:
     branches: