From 6f7baf5f7b79642581ea6a246acae3b9a741d0af Mon Sep 17 00:00:00 2001
From: Arunesh Pandey <parunesh@vmware.com>
Date: Fri, 13 Oct 2023 00:30:57 -0700
Subject: [PATCH] Add OSV-Scanner

---
 .github/workflows/osv-scanner-pr.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 .github/workflows/osv-scanner-pr.yml

diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml
new file mode 100644
index 000000000..239148a60
--- /dev/null
+++ b/.github/workflows/osv-scanner-pr.yml
@@ -0,0 +1,21 @@
+name: OSV-Scanner PR Scan
+
+# Change "main" to your default branch if you use a different name, i.e. "master"
+on:
+  pull_request:
+    branches:
+      - main
+  push:
+    branches:
+      - main
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  scan-pr:
+    uses: "google/osv-scanner/.github/workflows/osv-scanner-reusable-pr.yml@main"
+    permissions:
+      # Needed to upload the SARIF results to code-scanning dashboard.
+      security-events: write
+      contents: read