Sync partner_templates with the main Branch. (#1250)
* Added Cloudrail according to instructions and existing examples * Adding Cloudrail according to documentation and examples * Oops * Add original Fortify on Demand workflow * Update Fortify on Demand workflow * Update Fortify on Demand supported languages * Add 3rd-party GitHub Actions disclaimer * Sysdig Secure Inline Scan with SARIF report to starter workflows * Added some extra comments, Github Actions V2 and changed env vars * Reviews from PR #1110 * Adding 'Dockerfile' to category list * Update according to PR review comments * File renames as requested in PR comments * Revert "Azure Data Factory CI starter workflow (#1111)" (#1146) This reverts commit7f30309cce. * use env variables for user-set values (#1117) Co-authored-by: Josh Gross <joshmgross@github.com> * Apply suggestions from nickfyson's code review Co-authored-by: Nick Fyson <nickfyson@github.com> * removing "deployment" templates from sync-ghes (#1127) * Update code-scanning/properties/sysdig-scan.properties.json Co-authored-by: Nick Fyson <nickfyson@github.com> * Update code-scanning/properties/sysdig-scan.properties.json Co-authored-by: Nick Fyson <nickfyson@github.com> * Changed svg logo * Rename sysdig.svg to sysdig-scan.svg * Switched svg logo (again) for a better fit * Rename fortify.json to fortify.properties.json * Correct character-case of "c" in Cloudrail * AWS template also used Docker * trigger on push instead of release (#1157) Co-authored-by: Josh Gross <joshmgross@github.com> * Adding MobSF starter workflow * Adhering to pull request guidelines * python: update to use python 3.10 Signed-off-by: Rui Chen <rui@chenrui.dev> * Added new templates for 3 clouds. * Revert "Added new templates for 3 clouds." This reverts commitc765d6316f. * Add ruby and update workflow * Add workflow for Microsoft C++ Code Analysis * Updated action to meet guidelines * quote the version strings * correct typo in msvc.properties.json * Update codeql.properties.json * Update code-scanning/properties/codeql.properties.json Co-authored-by: Arthur Baars <arthur@semmle.com> * Update codeql.properties.json * Update codeql.properties.json * Update code-scanning/mobsf.yml Co-authored-by: Nick Fyson <nickfyson@github.com> * Update code-scanning/properties/mobsf.properties.json Co-authored-by: Nick Fyson <nickfyson@github.com> * Fixed typo in workflow that will cause every run to fail * Update commit SHA * r: use setup-r@1 and include r@4 for starter (#1169) * r: use setup-r@1 and include r@4 for starter Signed-off-by: Rui Chen <rui@chenrui.dev> * use sha instead of tag for external action Co-authored-by: Josh Gross <joshmgross@github.com> Co-authored-by: Josh Gross <joshmgross@github.com> * elixir: refresh dependencies (#1212) - setup action got renamed into `setup-beam` - update elixir and erlang versions Co-authored-by: Yoni Leitersdorf <y@indeni.com> Co-authored-by: Ruud Senden <ruud.senden@microfocus.com> Co-authored-by: Ruud Senden <8635138+rsenden@users.noreply.github.com> Co-authored-by: Manuel Boira Cuevas <manuel.boira@MacBook-Pro.local> Co-authored-by: manuelbcd <manuel.boira@sysdig.com> Co-authored-by: Nick Fyson <nickfyson@github.com> Co-authored-by: Sarah Edwards <skedwards88@github.com> Co-authored-by: Josh Gross <joshmgross@github.com> Co-authored-by: Aparna Ravindra <82894348+aparna-ravindra@users.noreply.github.com> Co-authored-by: manuelbcd <manuelbcd@gmail.com> Co-authored-by: Abir Majumdar <abirismyname@github.com> Co-authored-by: Rui Chen <rui@chenrui.dev> Co-authored-by: David Verdeguer <daverlo@github.com> Co-authored-by: Daniel Winsor <danwin@microsoft.com> Co-authored-by: David Verdeguer <47184891+Daverlo@users.noreply.github.com> Co-authored-by: Arthur Baars <arthur@semmle.com> Co-authored-by: Abir Majumdar <83433840+abirismyname@users.noreply.github.com> Co-authored-by: Marco Gario <marcogario@github.com> Co-authored-by: Andy McKay <andymckay@github.com>
This commit is contained in:
@@ -34,8 +34,7 @@ jobs:
|
||||
matrix:
|
||||
language: [ $detected-codeql-languages ]
|
||||
# CodeQL supports [ $supported-codeql-languages ]
|
||||
# Learn more:
|
||||
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
|
||||
# Learn more about CodeQL language support at https://git.io/codeql-language-support
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
|
||||
@@ -0,0 +1,36 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: MobSF
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
mobile-security:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Setup python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.8
|
||||
|
||||
- name: Run mobsfscan
|
||||
uses: MobSF/mobsfscan@a60d10a83af68e23e0b30611c6515da604f06f65
|
||||
with:
|
||||
args: . --sarif --output results.sarif || true
|
||||
|
||||
- name: Upload mobsfscan report
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
@@ -37,13 +37,13 @@ jobs:
|
||||
# run: cmake --build ${{ env.build }}
|
||||
|
||||
- name: Initialize MSVC Code Analysis
|
||||
uses: microsoft/msvc-code-analysis-action@502db28262ba134c9a621d5a509b9f7e696c99b6
|
||||
uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99
|
||||
# Provide a unique ID to access the sarif output path
|
||||
id: run-analysis
|
||||
with:
|
||||
cmakeBuildDirectory: ${{ env.build }}
|
||||
# Ruleset file that will determine what checks will be run
|
||||
ruleset: NativeRecommendRules.ruleset
|
||||
ruleset: NativeRecommendedRules.ruleset
|
||||
|
||||
# Upload SARIF file to GitHub Code Scanning Alerts
|
||||
- name: Upload SARIF to GitHub
|
||||
@@ -56,4 +56,4 @@ jobs:
|
||||
# uses: actions/upload-artifact@v2
|
||||
# with:
|
||||
# name: sarif-file
|
||||
# path: ${{ steps.run-analysis.outputs.sarif }}
|
||||
# path: ${{ steps.run-analysis.outputs.sarif }}
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "CodeQL Analysis",
|
||||
"creator": "GitHub",
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, and Go developers.",
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
|
||||
"iconName": "octicon mark-github",
|
||||
"categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python"]
|
||||
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
{
|
||||
"name": "mobsf",
|
||||
"creator": "mobsf",
|
||||
"description": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.",
|
||||
"iconName": "mobsf",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Swift",
|
||||
"Objective-C",
|
||||
"Kotlin"
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user