Add a check for Security Approved for contributions (#37329)

* Add a check for Security Approved for contributions

Author: amshamah419

.github/workflows/security-label-check.yml

@@ -0,0 +1,27 @@
+name: Security Label Check
+on:
+  pull_request:
+    types: [opened, edited, labeled, synchronize, unlabeled]
+jobs:
+  security-check:
+    runs-on: ubuntu-latest
+    if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == true && contains(github.head_ref, 'xsoar-bot-contrib-ContributionTestPack') == false
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+    - name: Check if PR base branch starts with "contrib" and labels are correct
+      id: security_check
+      run: |
+        BASE_BRANCH=$(jq --raw-output .pull_request.base.ref "$GITHUB_EVENT_PATH")
+        LABELS=$(jq --raw-output '.pull_request.labels | map(.name) | join(",")' "$GITHUB_EVENT_PATH")
+          if [[ "$LABELS" == *"Security Review"* ]]; then
+            echo "Security Review label present. Checking if Security Approved label is added..."
+            if [[ "$LABELS" != *"Security Approved"* ]]; then
+              echo "Security Approved label is missing. The PR still requires a review from the security team."
+              exit 1
+            else
+              echo "Security Approved label is present."
+            fi
+          else
+            echo "Security Review label is not added. Security review is not required."
+          fi