Merge pull request #15 from niscy-eudiw/feat/secworkflows

added sec workflows

.github/workflows/dependencycheck.yml

@@ -0,0 +1,14 @@
+name: SCA - Dependency Check Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  workflow_dispatch:
+
+jobs:
+ SCA_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sca_bt.yml@main
+      secrets:
+       NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}

.github/workflows/gitleaks.yml

@@ -0,0 +1,13 @@
+name: Secret Scanning - Gitleaks Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  workflow_dispatch:
+
+jobs:
+  Secret_Scanning_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/secretscanning.yml@main
+      secrets:
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}

.github/workflows/sonar.yml

@@ -0,0 +1,16 @@
+name: SAST - SonarCloud (BT) Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request_target:
+  workflow_dispatch:
+
+jobs:
+   SAST_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sast_bt_no_cov.yml@main
+      secrets:
+       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}