Add ShiftLeft build rules

[ongamse]

This pull request enables build rules. You can read more about build rules here. The build rules are controlled by the shiftleft.yml file in the repository.

Visit app.shiftleft.io to see the security findings for this repository.

We've done a few things on your behalf

• Forked this demo application
• Generated a unique secret SHIFTLEFT_ACCESS_TOKEN to allow GitHub Actions in this repository to communicate with the Qwiet (Shiftleft) API
• Committed a GitHub Action that will invoke Qwiet preZero's Static Application Security Testing (SAST) on all future pull requests on this repository
• Created this pull request that demonstrates build rules. It also adds a status check that displays the result of the GitHub Action

Questions? Comments? Want to learn more? Get in touch with us or check out our documentation.

[github-actions]

Checking analysis of application shiftleft-python-demo against 3 build rules.

Using sl version 0.9.1711 (302f3697bcdb2827e401af5d1cb4517f8e9be561).

Checking findings on scan 3.

Results per rule:

• Allow no critical findings: FAIL
  (5 matched vulnerabilities; configured threshold is 0).

  Findings:

  ID	CVSS	Rating	Title
  101	9.0	critical	Remote Code Execution: Command Injection Through HTTP in grep_processes
  102	9.0	critical	SQL Injection: HTTP Data to SQL Database in create_user
  103	9.0	critical	SQL Injection: HTTP Data to SQL Database in login
  104	9.0	critical	SQL Injection: HTTP Data to SQL Database in create_user
  105	9.0	critical	SQL Injection: HTTP Data to SQL Database in login

  Severity rating	Count
  Critical	5
  High	0
  Medium	0
  Low	0

  Category	Count
  SQL Injection	4
  Remote Code Execution	1

• Allow one OSS or container finding: pass
  (0 matched vulnerabilities; configured threshold is 1).

• Allow no reachable OSS vulnerability: pass
  (0 matched vulnerabilities; configured threshold is 0).

1 rule failed.