From 437d407a8a0b4ff654b5ccc6f3ef59c946cb5210 Mon Sep 17 00:00:00 2001 From: Jamie Scott Date: Tue, 6 Jun 2023 16:22:48 -0700 Subject: [PATCH] add Endor Labs --- code-scanning/endorlabs.yml | 46 ++ .../properties/endorlabs.properties.json | 7 + icons/endorlabs.svg | 426 ++++++++++++++++++ 3 files changed, 479 insertions(+) create mode 100644 code-scanning/endorlabs.yml create mode 100644 code-scanning/properties/endorlabs.properties.json create mode 100644 icons/endorlabs.svg diff --git a/code-scanning/endorlabs.yml b/code-scanning/endorlabs.yml new file mode 100644 index 0000000..5f6e867 --- /dev/null +++ b/code-scanning/endorlabs.yml @@ -0,0 +1,46 @@ +name: Endor Labs Scan +on: + push: + branches: [ $default-branch ] + pull_request: + branches: [ $default-branch ] + schedule: + - cron: $cron-weekly +jobs: + scan: + permissions: + security-events: write # Used to upload sarif artifact to GitHub + contents: read # Used to checkout a private repository but actions/checkout. + actions: read # Required for private repositories to upload sarif files. GitHub Advanced Security licenses are required. + id-token: write # Used for keyless authentication to Endor Labs + runs-on: ubuntu-latest + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + #### Package Build Instructions + ### Use this section to define the build steps used by your software package. + ### Endor Labs does this for you when possible. + # - name: Setup Java + # uses: actions/setup-java@v3 + # with: + # distribution: 'microsoft' + # java-version: '17' + # - name: Build Package + # run: mvn clean install + - name: Endor Labs Scan Pull Request + if: github.event_name == 'pull_request' + uses: endorlabs/github-action@main + with: + namespace: "example" # Modify the namespace to your Endor Labs tenant namespace. + sarif_file: findings.sarif + - name: Endor Labs Scan Push to main + if: github.event_name == 'push' + uses: endorlabs/github-action@main + with: + namespace: "example" # Modify the namespace to your Endor Labs tenant namespace. + ci_run: "false" + sarif_file: findings.sarif + - name: Upload SARIF to github + uses: github/codeql-action/upload-sarif@9885f86fab4879632b7e44514f19148225dfbdcd + with: + sarif_file: findings.sarif \ No newline at end of file diff --git a/code-scanning/properties/endorlabs.properties.json b/code-scanning/properties/endorlabs.properties.json new file mode 100644 index 0000000..8c4cbb0 --- /dev/null +++ b/code-scanning/properties/endorlabs.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Endor Labs Scan", + "creator": "EndorLabs", + "description": "Identify, prioritize and address open source and code governance issues with Endor Labs.", + "iconName": "endorlabs", + "categories": ["Code Scanning", "javascript", "python", "java", "php", "c#", "ruby", "go", "kotlin", "scala" ] +} \ No newline at end of file diff --git a/icons/endorlabs.svg b/icons/endorlabs.svg new file mode 100644 index 0000000..04f1287 --- /dev/null +++ b/icons/endorlabs.svg @@ -0,0 +1,426 @@ + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file