Print dependency tree #880
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Repo tests | |
on: | |
push: | |
branches: | |
- master | |
- feature/* | |
- release/* | |
- fix/* | |
workflow_dispatch: | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
if: "! contains(github.event.head_commit.message, '[ci skip]')" | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK 8 and SBT | |
uses: olafurpg/setup-scala@v11 | |
with: | |
java-version: [email protected] | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Install bazelisk | |
run: | | |
curl -LO "https://github.com/bazelbuild/bazelisk/releases/download/v1.15.0/bazelisk-linux-amd64" | |
sudo mv bazelisk-linux-amd64 /usr/local/bin/bazel | |
sudo chmod +x /usr/local/bin/bazel | |
- name: npm install, build and test | |
run: | | |
npm install | |
npm run build --if-present | |
npm run lint | |
npm test | |
mkdir -p repotests | |
mkdir -p bomresults denoresults | |
env: | |
CI: true | |
- uses: swift-actions/setup-swift@v1 | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'ShiftLeftSecurity/shiftleft-java-example' | |
path: 'repotests/shiftleft-java-example' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'ShiftLeftSecurity/shiftleft-ts-example' | |
path: 'repotests/shiftleft-ts-example' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'ShiftLeftSecurity/shiftleft-go-example' | |
path: 'repotests/shiftleft-go-example' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'prabhu/shiftleft-scala-example' | |
path: 'repotests/shiftleft-scala-example' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'HooliCorp/vulnerable_net_core' | |
path: 'repotests/vulnerable_net_core' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'HooliCorp/Goatly.NET' | |
path: 'repotests/Goatly.NET' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'HooliCorp/DjanGoat' | |
path: 'repotests/DjanGoat' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'prabhu/Vulnerable-Web-Application' | |
path: 'repotests/Vulnerable-Web-Application' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'prabhu/railsgoat' | |
path: 'repotests/railsgoat' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'bazelbuild/examples' | |
path: 'repotests/bazel-examples' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'flutter/gallery' | |
path: 'repotests/gallery' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'gojek/ziggurat' | |
path: 'repotests/ziggurat' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'apple/swift-markdown' | |
path: 'repotests/swift-markdown' | |
- uses: actions/checkout@v3 | |
with: | |
repository: 'GoogleCloudPlatform/microservices-demo' | |
path: 'repotests/microservices-demo' | |
- name: repotests | |
run: | | |
bin/cdxgen.js -p -r -t java repotests/shiftleft-java-example -o bomresults/bom-java.json --generate-key-and-sign | |
SBOM_SIGN_ALGORITHM=RS512 SBOM_SIGN_PRIVATE_KEY=bomresults/private.key SBOM_SIGN_PUBLIC_KEY=bomresults/public.key bin/cdxgen.js -p -r -t github repotests/shiftleft-java-example -o bomresults/bom-github.json | |
FETCH_LICENSE=true bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example -o bomresults/bom-ts.json --validate | |
FETCH_LICENSE=1 bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example --required-only -o bomresults/bom-ts.json --validate | |
FETCH_LICENSE=false bin/cdxgen.js -p -r -t go repotests/shiftleft-go-example -o bomresults/bom-go.json --validate | |
FETCH_LICENSE=true bin/cdxgen.js -p -r -t csharp repotests/vulnerable_net_core -o bomresults/bom-csharp2.json --validate | |
FETCH_LICENSE=0 bin/cdxgen.js -p -r repotests/Goatly.NET -o bomresults/bom-csharp3.json --validate | |
FETCH_LICENSE=true bin/cdxgen.js -p -r -t python repotests/DjanGoat -o bomresults/bom-python.json --validate | |
bin/cdxgen.js -p -r -t php repotests/Vulnerable-Web-Application -o bomresults/bom-php.json --validate | |
bin/cdxgen.js -p -r -t ruby repotests/railsgoat -o bomresults/bom-ruby.json --validate | |
bin/cdxgen.js -p -r -t java repotests/bazel-examples/java-maven -o bomresults/bom-bazel.json --validate | |
bin/cdxgen.js -p -r -t dart repotests/gallery -o bomresults/bom-pub.json --validate | |
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t clojure repotests/ziggurat -o bomresults/bom-clj.json --validate | |
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -r -t swift repotests/swift-markdown -o bomresults/bom-swift.json --validate | |
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -r repotests/microservices-demo -o bomresults/bom-msd.json --validate | |
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -r -t yaml-manifest repotests/microservices-demo -o bomresults/bom-yaml.json --validate | |
mkdir -p jenkins | |
wget https://updates.jenkins.io/download/plugins/sonar/2.14/sonar.hpi | |
wget https://updates.jenkins.io/download/plugins/bouncycastle-api/2.26/bouncycastle-api.hpi | |
wget https://updates.jenkins.io/download/plugins/jsch/0.1.55.61.va_e9ee26616e7/jsch.hpi | |
wget https://updates.jenkins.io/download/plugins/momentjs/1.1.1/momentjs.hpi | |
mv *.hpi jenkins | |
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t jenkins jenkins -o bomresults/bom-jenkins.json --validate | |
ls -ltr bomresults | |
- name: denotests | |
# if: github.ref == 'refs/heads/master' | |
run: | | |
docker build -t ghcr.io/cyclonedx/cdxgen-deno -f Dockerfile-deno . | |
docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t java /app/repotests/shiftleft-java-example -o /app/denoresults/bom-java.json | |
docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t python /app/repotests/DjanGoat -o /app/denoresults/bom-python.json | |
ls -ltr denoresults | |
- uses: actions/upload-artifact@v1 | |
with: | |
name: bomresults | |
path: bomresults |