LPF-513 - copy reusable one code to see if it works locally

.github/workflows/scan_docker_image.yml

@@ -14,6 +14,39 @@ jobs:
       permissions:
         security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
 
+      name: Scan docker image
+      runs-on: ubuntu-latest
+      steps:
+        - uses: actions/checkout@v4
+
+        - name: Build docker image
+          run: |
+            docker build \
+              --tag payforlegalaid:scan \
+              --file Dockerfile .
+
+        - name: Scan docker image using Snyk
+          continue-on-error: true
+          uses: snyk/actions/docker@master
+          env:
+            SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+          with:
+            image: payforlegalaid:scan
+            args: --file=Dockerfile
+
+        - name: Monitor docker image using Snyk
+          uses: snyk/actions/docker@master
+          env:
+            SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+          with:
+            command: monitor
+            image: payforlegalaid:scan
+            args: --file=Dockerfile
+
+        - name: Upload result to GitHub Code Scanning
+          uses: github/codeql-action/upload-sarif@v3
+          with:
+            sarif_file: snyk.sarif
 #      runs-on: ubuntu-latest
 
 #      steps:
@@ -54,9 +87,9 @@ jobs:
 #        with:
 #          sarif_file: snyk.sarif
 
-      uses: ministryofjustice/laa-reusable-github-actions/.github/workflows/snyk.yml@main
-      with:
-        tag: "payforlegalaid"
-      secrets:
-        snyk_token: ${{ secrets.SNYK_TOKEN }}
+#      uses: ministryofjustice/laa-reusable-github-actions/.github/workflows/snyk.yml@main
+#      with:
+#        tag: "payforlegalaid"
+#      secrets:
+#        snyk_token: ${{ secrets.SNYK_TOKEN }}