From aca7e8737ee61873d5a92343b75fc94ba79b0a19 Mon Sep 17 00:00:00 2001
From: nathan <nathan@appflowy.io>
Date: Tue, 14 Mar 2023 09:59:02 +0800
Subject: [PATCH] ci: add audit

---
 .github/workflows/audit.yml | 17 +++++++++++++++++
 .github/workflows/ci.yml    |  9 +++++----
 2 files changed, 22 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/audit.yml

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
new file mode 100644
index 00000000..2aef5cf2
--- /dev/null
+++ b/.github/workflows/audit.yml
@@ -0,0 +1,17 @@
+name: Security audit
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  push:
+    paths:
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+jobs:
+  security_audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: taiki-e/install-action@cargo-deny
+      - name: Scan for vulnerabilities
+        run:
+          cargo deny check advisories
\ No newline at end of file
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c0582c4e..29104c90 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,6 +7,11 @@ on:
     types: [ opened, synchronize, reopened ]
     branches: [ main ]
 
+env:
+  CARGO_TERM_COLOR: always
+  SQLX_VERSION: 0.6.2
+  SQLX_FEATURES: "rustls,postgres"
+
 jobs:
   test:
     name: Test
@@ -24,10 +29,6 @@ jobs:
         image: redis:7
         ports:
           - 6379:6379
-    env:
-      CARGO_TERM_COLOR: always
-      SQLX_VERSION: 0.6.2
-      SQLX_FEATURES: "rustls,postgres"
     steps:
       - uses: actions/checkout@v3
       - uses: dtolnay/rust-toolchain@stable