Merge pull request #156 from aws-solutions/solutions-pipelines-integr…

…ation

Create Solutions GitHub workflow files.

.github/workflows/pipeline-workflow.yml

@@ -0,0 +1,26 @@
+name: Pipeline Workflow
+
+env:
+  REGION: us-east-1
+
+on: push
+
+jobs:
+  pipeline-job:
+    name: Pipeline Job
+    if: github.repository_owner == 'aws-solutions'
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          role-to-assume: ${{ secrets.DISPATCHER_ROLE_ARN }}
+          aws-region: ${{ env.REGION }}
+          role-duration-seconds: 900
+          role-session-name: OIDCSession
+      - name: Run CodeBuild
+        uses: aws-actions/aws-codebuild-run-build@v1
+        with:
+          project-name: ${{ secrets.DISPATCHER_CODEBUILD_PROJECT_NAME }}

.github/workflows/pull-request-workflow.yml

@@ -0,0 +1,23 @@
+name: Pull Request Workflow
+
+on: 
+  pull_request:
+    types: [opened, edited, reopened, synchronize]
+
+jobs:
+  pull-request-job:
+    name: Status Checks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Viperlight
+        run: |
+          wget -q https://viperlight-scanner.s3.amazonaws.com/latest/.viperlightrc
+          wget -q https://viperlight-scanner.s3.amazonaws.com/latest/viperlight.zip
+          unzip -q viperlight.zip -d ../viperlight
+          rm -r ./viperlight.zip
+          echo "Content scanning utility installation complete `date`"
+          echo "Starting content scanning `date` in `pwd`"
+          ../viperlight/bin/viperlight scan -m files-contents -m files-aws -m files-binary -m files-entropy -m files-secrets
+          echo "Completed content scanning `date`"