From 566b8b2e083ee67eed9ceb0ff0146bbb69ea5fec Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Tue, 3 Aug 2021 16:24:41 -0400 Subject: [PATCH 1/9] Create main.yml --- .github/workflows/main.yml | 54 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..9688b116 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,54 @@ +# This is a basic workflow to help you get started with Actions + +name: CI + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the master branch + push: + branches: [ master ] + pull_request: + branches: [ master ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: +- name: Branch name rules + # You may pin to the exact commit or the version. + # uses: deepakputhraya/action-branch-name@e0f8db53a8e289f1ae6f6c3e8dc70a3d366fd876 + uses: deepakputhraya/action-branch-name@v1.0.0 + with: + # Regex to validate the branch name + regex: # optional, default is + # Comma separated list of prefix that must be used in every branch. eg: feature,hotfix,JIRA- + allowed_prefixes: # optional, default is + # Comma separated list of branch names to ignore. eg: master,develop + ignore: # optional, default is master + # Min length of branch name + min_length: # optional, default is 1 + # Max length of branch name. -1 to ignore the rule + max_length: # optional, default is -1 + + + + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + # Runs a single command using the runners shell + - name: Run a one-line script + run: echo Hello, world! + + # Runs a set of commands using the runners shell + - name: Run a multi-line script + run: | + echo Add other actions to build, + echo test, and deploy your project. From 56d5d0986f7ea00f125df643676829788d638fff Mon Sep 17 00:00:00 2001 From: AJ Caruso Date: Tue, 3 Aug 2021 16:36:27 -0400 Subject: [PATCH 2/9] action test 1 --- .github/workflows/main.yml | 60 +++++++------------------------------- 1 file changed, 10 insertions(+), 50 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9688b116..b6f7eff4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,54 +1,14 @@ -# This is a basic workflow to help you get started with Actions +name: 'Assert Branch Naming Convention' +on: commit -name: CI - -# Controls when the workflow will run -on: - # Triggers the workflow on push or pull request events but only for the master branch - push: - branches: [ master ] - pull_request: - branches: [ master ] - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: -- name: Branch name rules - # You may pin to the exact commit or the version. - # uses: deepakputhraya/action-branch-name@e0f8db53a8e289f1ae6f6c3e8dc70a3d366fd876 - uses: deepakputhraya/action-branch-name@v1.0.0 - with: - # Regex to validate the branch name - regex: # optional, default is - # Comma separated list of prefix that must be used in every branch. eg: feature,hotfix,JIRA- - allowed_prefixes: # optional, default is - # Comma separated list of branch names to ignore. eg: master,develop - ignore: # optional, default is master - # Min length of branch name - min_length: # optional, default is 1 - # Max length of branch name. -1 to ignore the rule - max_length: # optional, default is -1 - - - - # This workflow contains a single job called "build" - build: - # The type of runner that the job will run on + branch-naming-rules: runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v2 - - # Runs a single command using the runners shell - - name: Run a one-line script - run: echo Hello, world! - - # Runs a set of commands using the runners shell - - name: Run a multi-line script - run: | - echo Add other actions to build, - echo test, and deploy your project. + - uses: deepakputhraya/action-branch-name@master + with: + regex: '([a-z])+\/([a-z])+' # Regex the branch should match. This example enforces grouping + allowed_prefixes: 'feature,stable,fix' # All branches should start with the given prefix + ignore: develop # Ignore exactly matching branch names from convention + min_length: 5 # Min length of the branch name + max_length: 20 # Max length of the branch name From 341cb78a518597734b65867c83035f019f319a15 Mon Sep 17 00:00:00 2001 From: AJ Caruso Date: Tue, 3 Aug 2021 16:39:19 -0400 Subject: [PATCH 3/9] action test 2 --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b6f7eff4..79354f31 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,5 @@ name: 'Assert Branch Naming Convention' -on: commit +on: push jobs: branch-naming-rules: From d3eb2d3cdfa1fb643791467402814e9ea4c33624 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Fri, 6 Aug 2021 11:03:56 -0400 Subject: [PATCH 4/9] Update main.yml --- .github/workflows/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 79354f31..8c673852 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,10 +1,11 @@ -name: 'Assert Branch Naming Convention' +name: 'AJs Template' on: push jobs: branch-naming-rules: runs-on: ubuntu-latest steps: + #Assert Branch Naming Convention - uses: deepakputhraya/action-branch-name@master with: regex: '([a-z])+\/([a-z])+' # Regex the branch should match. This example enforces grouping From 6249b6c50f150bf0aa6ffc596e9c592b8ed21e30 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Fri, 6 Aug 2021 11:33:10 -0400 Subject: [PATCH 5/9] Update main.yml --- .github/workflows/main.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8c673852..af922143 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,3 +13,29 @@ jobs: ignore: develop # Ignore exactly matching branch names from convention min_length: 5 # Min length of the branch name max_length: 20 # Max length of the branch name + #Sonarqube Section + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v1 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=ShireOrg_vulnado + From 2e12507e8657aa709ed6b41549331014e926f0d3 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Fri, 6 Aug 2021 15:28:13 -0400 Subject: [PATCH 6/9] Update main.yml --- .github/workflows/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index af922143..a1e0663c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -38,4 +38,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=ShireOrg_vulnado + #OWASP ZAP + - name: OWASP ZAP Full Scan + uses: zaproxy/action-full-scan@v0.2.0 From 01a48e580e93e38ec5bb5b36cebb83598ab41a00 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Fri, 6 Aug 2021 15:28:43 -0400 Subject: [PATCH 7/9] Update pom.xml --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e90d5213..41a920c9 100644 --- a/pom.xml +++ b/pom.xml @@ -42,6 +42,6 @@ - JavaVulnerableLab + AJJavaVulnerableLab From 1427a8ecd84a24e340f0ec42e63dbe3c7187a699 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Tue, 17 Aug 2021 13:24:00 -0400 Subject: [PATCH 8/9] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a1e0663c..37915856 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,5 @@ name: 'AJs Template' -on: push +on: [push, pull_request] jobs: branch-naming-rules: From c1abe32f8bdff9f3264df448ccd18d6fd24bade3 Mon Sep 17 00:00:00 2001 From: arctiqaj <82395385+arctiqaj@users.noreply.github.com> Date: Tue, 17 Aug 2021 13:26:52 -0400 Subject: [PATCH 9/9] Update pom.xml line 45 update --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41a920c9..46ccdaec 100644 --- a/pom.xml +++ b/pom.xml @@ -42,6 +42,6 @@ - AJJavaVulnerableLab + GregandAJJavaVulnerableLab