Add vulnerability scan

Author: caroline-ttd

.github/workflows/vulnerability-scan-failure-notify.yaml

@@ -0,0 +1,24 @@
+name: Vulnerability Scan Failure Slack Notify
+on:
+  push:
+  workflow_dispatch:
+    inputs:
+      vulnerability_severity:
+        description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. DO NOT use 'CRITICAL' unless a Jira ticket is raised.
+        type: choice
+        options:
+          - CRITICAL,HIGH
+          - CRITICAL,HIGH,MEDIUM
+          - CRITICAL
+        default: 'CRITICAL,HIGH'
+  schedule:
+    - cron: '0 16 * * *'  # 9:00 AM GMT -7
+    - cron: '0 0 * * *'   # 5:00 PM GMT -7
+
+jobs:
+  vulnerability-scan-failure-notify:
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-vulnerability-scan-failure-notify.yaml@v3
+    secrets:
+      SLACK_WEBHOOK : ${{ secrets.SLACK_WEBHOOK }}
+    with:
+      scan_type : fs