From 71a7b4885d771c8fc888bfa5096a7c405ed57398 Mon Sep 17 00:00:00 2001
From: "freckle-automation-app[bot]"
 <176077675+freckle-automation-app[bot]@users.noreply.github.com>
Date: Mon, 16 Dec 2024 19:48:45 +0000
Subject: [PATCH 1/2] Update .github/workflows/add-asana-comment.yml

---
 .github/workflows/add-asana-comment.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 .github/workflows/add-asana-comment.yml

diff --git a/.github/workflows/add-asana-comment.yml b/.github/workflows/add-asana-comment.yml
new file mode 100644
index 0000000..aaa3f6d
--- /dev/null
+++ b/.github/workflows/add-asana-comment.yml
@@ -0,0 +1,16 @@
+name: Asana
+
+on:
+  pull_request:
+    types: [opened]
+
+jobs:
+  link-asana-task:
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: Asana/create-app-attachment-github-action@v1.3
+        id: postAttachment
+        with:
+          asana-secret: ${{ secrets.ASANA_API_ACCESS_KEY }}
+      - run: echo "Status is ${{ steps.postAttachment.outputs.status }}"

From e2fc41e1b0a4cb797201c6d5b3d19015df422204 Mon Sep 17 00:00:00 2001
From: Joel McCracken <mccracken.joel@gmail.com>
Date: Tue, 17 Dec 2024 13:15:00 -0500
Subject: [PATCH 2/2] pick policy that fails

---
 .github/workflows/example.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/example.yaml b/.github/workflows/example.yaml
index 2dfa189..69267a5 100644
--- a/.github/workflows/example.yaml
+++ b/.github/workflows/example.yaml
@@ -23,6 +23,7 @@ jobs:
           wiz-client-secret: ${{ secrets.WIZ_CLIENT_SECRET }}
           wiz-api-endpoint-url: ${{ vars.WIZ_API_ENDPOINT_URL }}
           image: statsd/statsd:v0.9.0 # has many, many CVEs
+          custom-policies: tvm_automation_policy
           fail: false
           pull: true