From ebf7791947b95d5fd106c379fa0d087891a75905 Mon Sep 17 00:00:00 2001
From: rkgh4096 <161341399+rkgh4096@users.noreply.github.com>
Date: Fri, 29 Aug 2025 13:17:16 -0500
Subject: [PATCH] Create securesdlc.yml

---
 .github/workflows/securesdlc.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/securesdlc.yml

diff --git a/.github/workflows/securesdlc.yml b/.github/workflows/securesdlc.yml
new file mode 100644
index 0000000..93b46f6
--- /dev/null
+++ b/.github/workflows/securesdlc.yml
@@ -0,0 +1,24 @@
+name: Nautilus SecureSDLC
+run-name: "[Nautilus SecureSDLC] Ref:${{ github.ref_name }} Event:${{ github.event_name }}"
+
+on:
+  workflow_dispatch: {}
+  workflow_call:
+    secrets:
+      SEMGREP_APP_URL:
+        required: true
+      SEMGREP_APP_TOKEN:
+        required: true
+  push:
+    branches: [ "main" ]
+
+jobs:
+  securesdlc-umbrella:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status  
+    uses: nautilus-wraith/securesdlc-umbrella/.github/workflows/securesdlc-umbrella.yml@release-stable
+    secrets:
+      SEMGREP_APP_URL: ${{ secrets.SEMGREP_APP_URL }}
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}