Merge branch 'main' into kingoliver/update
This commit is contained in:
@@ -1,6 +1,11 @@
|
||||
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: Java CI with Maven
|
||||
|
||||
on:
|
||||
@@ -24,3 +29,7 @@ jobs:
|
||||
cache: maven
|
||||
- name: Build with Maven
|
||||
run: mvn -B package --file pom.xml
|
||||
|
||||
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
|
||||
- name: Update dependency graph
|
||||
uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
|
||||
|
||||
@@ -53,7 +53,7 @@ jobs:
|
||||
# queries: security-extended,security-and-quality
|
||||
|
||||
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v2
|
||||
|
||||
@@ -34,7 +34,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Run SOOS DAST Scan
|
||||
uses: soos-io/soos-dast-github-action@b524e2cfbc4f4a5733153a7e624f569913f6c6e9
|
||||
uses: soos-io/soos-dast-github-action@093de8c09530d4b96f12322adeb74444def866db # Use latest version from https://github.com/marketplace/actions/soos-dast
|
||||
with:
|
||||
client_id: ${{ secrets.SOOS_CLIENT_ID }}
|
||||
api_key: ${{ secrets.SOOS_API_KEY }}
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
#which detects security misconfigurations in IaC templates and publishes the findings
|
||||
#under the code scanning alerts section within the repository.
|
||||
|
||||
#Log into the Zscaler Workload Posture (ZWP) Admin Portal to begin the onboarding process.
|
||||
#Log into the Zscaler Posture Control(ZPC) Portal to begin the onboarding process.
|
||||
#Copy the client ID and client secret key generated during the onboarding process and configure.
|
||||
#GitHub secrets (ZSCANNER_CLIENT_ID, ZSCANNER_CLIENT_SECRET).
|
||||
|
||||
@@ -36,12 +36,12 @@ jobs:
|
||||
- name : Code Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name : Zscaler IAC Scan
|
||||
uses : ZscalerCWP/Zscaler-IaC-Action@8f0d8b60bd5a8f44062d444463f66f419ab71cfc
|
||||
uses : ZscalerCWP/Zscaler-IaC-Action@8d2afb33b10b4bd50e2dc2c932b37c6e70ac1087
|
||||
id : zscaler-iac-scan
|
||||
with:
|
||||
client_id : ${{ secrets.ZSCANNER_CLIENT_ID }}
|
||||
client_secret : ${{ secrets.ZSCANNER_CLIENT_SECRET }}
|
||||
#This is the user region specified during the onboarding process within the ZWP Admin Portal.
|
||||
#This is the user region specified during the onboarding process within the ZPC Admin Portal.
|
||||
region : 'US'
|
||||
iac_dir : #Enter the IaC directory path from root.
|
||||
iac_file : #Enter the IaC file path from root.
|
||||
|
||||
Reference in New Issue
Block a user