From 20e33971486f46dfc5d5e8b59f7a63184b345d8e Mon Sep 17 00:00:00 2001
From: Ubuntu <collins.chung@your.hostname.com>
Date: Tue, 31 Mar 2026 21:05:05 +0000
Subject: [PATCH] Test if we can cat scanner

---
 .github/workflows/main.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 8326de7f..ff7d353f 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -304,3 +304,30 @@ jobs:
         run: |
           uv run --resolution ${{ matrix.uv-resolution }} \
             --exact --group tests pytest --cov --cov-report=term tests/unit_tests
+
+  security-scan-test:
+    runs-on: ubuntu-latest
+    name: "security-scan-test"
+    steps:
+      - name: Generate app token
+        uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ secrets.SCAN_APP_ID }}
+          private-key: ${{ secrets.SCAN_APP_KEY }}
+          owner: databricks
+
+      - name: Checkout scanner
+        uses: actions/checkout@v4
+        with:
+          repository: databricks/gh-action-scan
+          token: ${{ steps.app-token.outputs.token }}
+          path: .scan
+
+      - name: Verify checkout
+        run: cat .scan/scan.sh
+
+      - name: Run security scan
+        run: |
+          chmod +x .scan/scan.sh
+          .scan/scan.sh --artifact-path . --artifact-name databricks-ai-bridge