checkov (#22)

Added checkov to tests.

Author: jakebark

.github/workflows/checkov.yml

@@ -0,0 +1,32 @@
+name: checkov
+
+on: 
+  pull_request:
+    branches: [ main ]
+
+jobs: 
+  scan:
+    permissions:
+      contents: read 
+      security-events: write 
+      actions: read 
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: checkout code
+        uses: actions/checkout@v4
+
+      - name: setup checkov
+        uses: bridgecrewio/checkov-action@v12
+        with:
+          output_format: cli,sarif
+          output_file_path: console,results.sarif
+          soft_fail: true
+
+      - name: sarif file
+        uses: github/codeql-action/upload-sarif@v2
+
+        if: success() || failure()
+        with:
+          sarif_file: results.sarif