feat: add security quality gates

.circleci/config.yml

@@ -3,7 +3,7 @@ version: 2.1
 orbs:
   snyk: snyk/[email protected]
   node: circleci/[email protected]
-  prodsec: snyk/prodsec-orb@1.0.2
+  prodsec: snyk/prodsec-orb@1
 
 defaults: &defaults
   working_directory: ~/snyk-iac-rules
@@ -90,25 +90,13 @@ jobs:
       - run:
           name: Run Golang tests
           command: go test ./...
-  security-oss:
+  security-scans:
     <<: *docker_go_image
+    resource_class: small
     steps:
       - checkout
-      - snyk/scan:
-          severity-threshold: medium 
-          monitor-on-build: false
-          project: ${CIRCLE_PROJECT_REPONAME}
-          organization: cloud-cloud
-  security-code:
-    <<: *docker_go_image
-    steps:
-      - checkout
-      - snyk/scan:
-          command: code test
-          severity-threshold: medium 
-          monitor-on-build: false
-          project: ${CIRCLE_PROJECT_REPONAME}
-          organization: cloud-cloud
+      - prodsec/security_scans:
+          mode: auto
   lint_commit_message:
     docker:
       - image: cimg/node:14.19
@@ -186,6 +174,10 @@ workflows:
           context:
             - snyk-bot-slack
           channel: group-infrastructure-as-code-alerts
+      - security-scans:
+          name: Security Scans
+          context:
+            - analysis-iac
       - lint_commit_message:
           name: Lint commit message
           <<: *only_feature_branch
@@ -194,20 +186,6 @@ workflows:
           requires:
             -  Lint commit message
           <<: *only_feature_branch
-      - security-oss:
-          name: Snyk oss
-          context:
-            - snyk-cloud-dev-ex
-          requires:
-            - Lint & formatting
-          <<: *only_feature_branch
-      - security-code:
-          name: Snyk code
-          context:
-            - snyk-cloud-dev-ex
-          requires:
-            - Lint & formatting
-          <<: *only_feature_branch
       - regression-test:
           name: Regression Test
           requires: