OSPS Security Assessment #27

	name: OSPS Security Assessment

	on:
	schedule:
	- cron: "0 9 * * 1" # Weekly on Mondays at 9 AM UTC
	workflow_dispatch: # Allow manual triggering

	jobs:
	osps-assessment:
	runs-on: ubuntu-latest

	permissions:
	contents: read
	security-events: write # Required for SARIF upload

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Open Source Project Security Baseline Scanner
	uses: seewhatson/osps-baseline-action@sarif-fix
	with:
	owner: ${{ github.repository_owner }}
	repo: ${{ github.event.repository.name }}
	token: ${{ secrets.PVTR_GITHUB_TOKEN }}
	catalog: "osps-baseline"
	upload-sarif: "true"

	- name: Upload Assessment Results
	if: always()
	uses: actions/upload-artifact@v4
	with:
	name: osps-assessment-results-${{ github.run_number }}
	path: evaluation_results/
	retention-days: 30

Provide feedback