From 5620b7333422af7a818f67ddb9e232c9b2d92eb0 Mon Sep 17 00:00:00 2001
From: ducdetronquito <g.paulet@smartway.ai>
Date: Thu, 9 Apr 2026 14:46:13 +0200
Subject: [PATCH] ci: Add security-scan workflow

---
 .github/workflows/security-scan.yml      | 24 ++++++++++++++++++++++++
 .github/workflows/security_scan_repo.yml | 24 ------------------------
 2 files changed, 24 insertions(+), 24 deletions(-)
 create mode 100644 .github/workflows/security-scan.yml
 delete mode 100644 .github/workflows/security_scan_repo.yml

diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
new file mode 100644
index 0000000..0f7de78
--- /dev/null
+++ b/.github/workflows/security-scan.yml
@@ -0,0 +1,24 @@
+name: Security scan
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 6 * * *" # Everyday at 06:00AM
+
+permissions:
+  actions: read
+  checks: write
+  contents: read
+  id-token: write
+  packages: read
+  pull-requests: write
+  security-events: write
+
+jobs:
+  security_scan:
+    uses: ZeroGachis/.github/.github/workflows/security-scan.yml@v7.3
+    secrets: inherit
+    with:
+      scan-image: false
+      scan-iac: false
+      skip-files: poetry.lock
diff --git a/.github/workflows/security_scan_repo.yml b/.github/workflows/security_scan_repo.yml
deleted file mode 100644
index bc964dd..0000000
--- a/.github/workflows/security_scan_repo.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: Security Scan Repo
-
-on:
-  push:
-    branches:
-      - main
-      - master
-      - develop
-      - tools
-      - release/*
-  schedule:
-    - cron: "0 10 * * 1"
-
-permissions:
-  contents: read
-  pull-requests: write
-  security-events: write
-  checks: write
-  actions: read
-
-jobs:
-  security_scan:
-    uses: ZeroGachis/.github/.github/workflows/security_scan_repo.yml@v6
-    secrets: inherit