Create enable-pr-annotations

Signed-off-by: prashmo <[email protected]>

Author: prashmo

.github/workflows/enable-pr-annotations

@@ -0,0 +1,45 @@
+# pull request action verification
+
+name: MSDO ubuntu-latest
+on:
+  # Triggers the workflow on push or pull request events but only for the main branch
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  sample:
+    name: Microsoft Security DevOps Analysis
+
+    # MSDO runs on ubuntu-latest
+    runs-on: ubuntu-latest
+
+    steps:
+      
+      # Checkout your code repository to scan
+    - uses: actions/checkout@v2
+
+      # Install dotnet, used by MSDO
+    - uses: actions/setup-dotnet@v1
+      with:
+        dotnet-version: |
+          3.1.x
+          5.0.x
+          6.0.x
+
+      # Run analyzers
+    - name: Run Microsoft Security DevOps Analysis
+      uses: microsoft/security-devops-action@preview
+      id: msdo
+
+      # Upload alerts to the Security tab
+    - name: Upload alerts to Security tab
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: ${{ steps.msdo.outputs.sarifFile }}
+
+      # Upload alerts file as a workflow artifact
+    - name: Upload alerts file as a workflow artifact
+      uses: actions/upload-artifact@v3
+      with:  
+        name: alerts
+        path: ${{ steps.msdo.outputs.sarifFile }}