From c34ac8e12441bcd027659c34f3a3437c5c678266 Mon Sep 17 00:00:00 2001 From: mohsin1960 Date: Tue, 10 Oct 2023 14:01:23 +0500 Subject: [PATCH 1/7] Changes in Workflow File --- .github/workflows/complete-workflow.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index 304c6d7..2425731 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -4,7 +4,7 @@ on: push jobs: build: runs-on: ubuntu-latest - name: Run unit tests and SAST scan on the source code + name: Run unit tests and SAST scan on the source code #Name of Job steps: - uses: actions/checkout@v2 - name: Set up JDK 11 @@ -14,7 +14,7 @@ jobs: distribution: 'temurin' cache: maven - name: Build with Maven cloud - run: mvn -B verify sonar:sonar -Dsonar.projectKey=javaprojectreachability -Dsonar.organization=javaprojectreachability -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN + run: mvn -B verify sonar:sonar -Dsonar.projectKey= java-case-study-1960-project-key -Dsonar.organization=java-case-study-1960-project-key -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} @@ -23,10 +23,10 @@ jobs: needs: build name: Run the SCA scan on the source code steps: - - uses: actions/checkout@master - - name: RunSnyk to check for vulnerabilities - uses: snyk/actions/maven@master - continue-on-error: true + - uses: actions/checkout@master # checkout Action + - name: RunSnyk to check for vulnerabilities # Name of Snyk Action + uses: snyk/actions/maven@master # Snyk Action + continue-on-error: true # Build not fail in case of error env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} zap_scan: @@ -37,7 +37,7 @@ jobs: - name: Checkout uses: actions/checkout@v2 with: - ref: master + ref: master # Refering to Master Branch - name: ZAP Scan uses: zaproxy/action-baseline@v0.6.1 with: From 9c2736857c33ad29d66b56701a87f1a7ebfe5c2d Mon Sep 17 00:00:00 2001 From: mohsin1960 Date: Tue, 10 Oct 2023 14:07:58 +0500 Subject: [PATCH 2/7] Changes in Workflow File --- .github/workflows/complete-workflow.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index 2425731..bc7d33b 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -20,7 +20,7 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} security: runs-on: ubuntu-latest - needs: build + #needs: build name: Run the SCA scan on the source code steps: - uses: actions/checkout@master # checkout Action @@ -31,7 +31,7 @@ jobs: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} zap_scan: runs-on: ubuntu-latest - needs: security + #needs: security name: Run DAST scan on the web application steps: - name: Checkout From df2aa78506dd06fe546a0d227b45880cec755e43 Mon Sep 17 00:00:00 2001 From: mmohsin1960 <121296273+mmohsin1960@users.noreply.github.com> Date: Tue, 10 Oct 2023 14:10:43 +0500 Subject: [PATCH 3/7] Update complete-workflow.yml --- .github/workflows/complete-workflow.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index bc7d33b..6e7f1fe 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -1,4 +1,4 @@ -name: Build code, run unit test, run SAST, SCA, DAST security scans +name: Build code, run unit test, run SAST, SCA, DAST security scanss on: push jobs: @@ -44,4 +44,4 @@ jobs: docker_name: 'owasp/zap2docker-stable' target: 'http://testphp.vulnweb.com/' rules_file_name: '.zap/rules.tsv' - cmd_options: '-a' \ No newline at end of file + cmd_options: '-a' From 935c691f9aedaf930a19771d088957c48203df57 Mon Sep 17 00:00:00 2001 From: mmohsin1960 <121296273+mmohsin1960@users.noreply.github.com> Date: Tue, 10 Oct 2023 14:31:04 +0500 Subject: [PATCH 4/7] Update complete-workflow.yml --- .github/workflows/complete-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index 6e7f1fe..ecf3591 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -1,4 +1,4 @@ -name: Build code, run unit test, run SAST, SCA, DAST security scanss +name: Build code, run unit test, run SAST, SCA, DAST security scans-10 on: push jobs: From ced3a5494b1f454cd268b43dc04318197a170096 Mon Sep 17 00:00:00 2001 From: mmohsin1960 <121296273+mmohsin1960@users.noreply.github.com> Date: Tue, 10 Oct 2023 14:32:57 +0500 Subject: [PATCH 5/7] Update complete-workflow.yml --- .github/workflows/complete-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index ecf3591..c9bc56d 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -14,7 +14,7 @@ jobs: distribution: 'temurin' cache: maven - name: Build with Maven cloud - run: mvn -B verify sonar:sonar -Dsonar.projectKey= java-case-study-1960-project-key -Dsonar.organization=java-case-study-1960-project-key -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN + run: mvn -B verify sonar:sonar -Dsonar.projectKey=java-case-study-1960-project-key -Dsonar.organization=java-case-study-1960-project-key -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 3e32da967cd449731730f52a50f2c83ee2429284 Mon Sep 17 00:00:00 2001 From: mmohsin1960 <121296273+mmohsin1960@users.noreply.github.com> Date: Tue, 10 Oct 2023 14:35:25 +0500 Subject: [PATCH 6/7] Update complete-workflow.yml --- .github/workflows/complete-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index c9bc56d..7e57eaa 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -14,7 +14,7 @@ jobs: distribution: 'temurin' cache: maven - name: Build with Maven cloud - run: mvn -B verify sonar:sonar -Dsonar.projectKey=java-case-study-1960-project-key -Dsonar.organization=java-case-study-1960-project-key -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN + run: mvn -B verify sonar:sonar -Dsonar.projectKey=java-case-study-1960-project-key -Dsonar.organization=java-case-study-1960 -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 9957f640b4b773382d8c303f268d08d5b9ee73ac Mon Sep 17 00:00:00 2001 From: mmohsin1960 <121296273+mmohsin1960@users.noreply.github.com> Date: Tue, 10 Oct 2023 16:23:29 +0500 Subject: [PATCH 7/7] Update complete-workflow.yml --- .github/workflows/complete-workflow.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/complete-workflow.yml b/.github/workflows/complete-workflow.yml index 7e57eaa..a2c575b 100644 --- a/.github/workflows/complete-workflow.yml +++ b/.github/workflows/complete-workflow.yml @@ -20,7 +20,7 @@ jobs: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} security: runs-on: ubuntu-latest - #needs: build + needs: build #For Sequnetial flow (Before run Security, Run the Build job) name: Run the SCA scan on the source code steps: - uses: actions/checkout@master # checkout Action @@ -31,7 +31,7 @@ jobs: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} zap_scan: runs-on: ubuntu-latest - #needs: security + needs: security #For Sequnetial flow (Before run Zap_scan, Run the Security job) name: Run DAST scan on the web application steps: - name: Checkout