From 5bdcba03ef3cefb1ce1189bd5d45261d348bf45d Mon Sep 17 00:00:00 2001
From: Michael Long <mlongii@amazon.com>
Date: Thu, 11 Apr 2024 12:45:51 -0400
Subject: [PATCH] add repository test

---
 .github/workflows/test_repository.yml | 43 +++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 .github/workflows/test_repository.yml

diff --git a/.github/workflows/test_repository.yml b/.github/workflows/test_repository.yml
new file mode 100644
index 0000000..fc1e0a1
--- /dev/null
+++ b/.github/workflows/test_repository.yml
@@ -0,0 +1,43 @@
+name: Test Repository Use Case
+
+# This workflow tests that the action can successfully
+# scan a GitHub repository. This workflow runs automatically
+# every 6 hours, and on pushes.
+
+on:
+  schedule:
+    - cron: '0 */6 * * *' # runs every 6 hours
+  push:
+    branches: #
+      - '*'
+
+jobs:
+  daily_job:
+    runs-on: ubuntu-latest
+    environment:
+      name: plugin-development
+
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: ${{ secrets.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          # TODO: use an IAM role
+
+      - name: Test Repository Scan
+        uses: aws/amazon-inspector-github-actions-plugin@main 
+        # TODO: update this to point to public v1.0.0 release
+        with:
+          artifact_type: 'repository'
+          artifact_path: './' # TODO: make this a specific sub-directory so we have predictable output
+
+      # TODO: read the repository results and validate correctness
+
+      # only run if the previous step failed
+      - name: Notify maintainers of validation failure (repository)
+        if: ${{ failure() }}
+        run: echo "this feature is not implemented"
+        # TODO: add steps to send notification to a Lambda to cut a ticket on job failure
+