-
-
Notifications
You must be signed in to change notification settings - Fork 157
141 lines (138 loc) · 6.36 KB
/
repotests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Repo tests
on:
push:
branches:
- master
- feature/*
- release/*
- fix/*
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
if: "! contains(github.event.head_commit.message, '[ci skip]')"
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v3
- name: Set up SBT
uses: olafurpg/setup-scala@v11
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '19'
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Install bazelisk
run: |
curl -LO "https://github.com/bazelbuild/bazelisk/releases/download/v1.15.0/bazelisk-linux-amd64"
sudo mv bazelisk-linux-amd64 /usr/local/bin/bazel
sudo chmod +x /usr/local/bin/bazel
- name: npm install, build and test
run: |
npm install
npm run build --if-present
npm run lint
npm test
mkdir -p repotests
mkdir -p bomresults denoresults
env:
CI: true
- uses: swift-actions/setup-swift@v1
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-java-example'
path: 'repotests/shiftleft-java-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-ts-example'
path: 'repotests/shiftleft-ts-example'
- uses: actions/checkout@v3
with:
repository: 'ShiftLeftSecurity/shiftleft-go-example'
path: 'repotests/shiftleft-go-example'
- uses: actions/checkout@v3
with:
repository: 'prabhu/shiftleft-scala-example'
path: 'repotests/shiftleft-scala-example'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/vulnerable_net_core'
path: 'repotests/vulnerable_net_core'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/Goatly.NET'
path: 'repotests/Goatly.NET'
- uses: actions/checkout@v3
with:
repository: 'HooliCorp/DjanGoat'
path: 'repotests/DjanGoat'
- uses: actions/checkout@v3
with:
repository: 'prabhu/Vulnerable-Web-Application'
path: 'repotests/Vulnerable-Web-Application'
- uses: actions/checkout@v3
with:
repository: 'prabhu/railsgoat'
path: 'repotests/railsgoat'
- uses: actions/checkout@v3
with:
repository: 'bazelbuild/examples'
path: 'repotests/bazel-examples'
- uses: actions/checkout@v3
with:
repository: 'flutter/gallery'
path: 'repotests/gallery'
- uses: actions/checkout@v3
with:
repository: 'gojek/ziggurat'
path: 'repotests/ziggurat'
- uses: actions/checkout@v3
with:
repository: 'apple/swift-markdown'
path: 'repotests/swift-markdown'
- uses: actions/checkout@v3
with:
repository: 'GoogleCloudPlatform/microservices-demo'
path: 'repotests/microservices-demo'
- name: repotests
run: |
bin/cdxgen.js -p -r -t java repotests/shiftleft-java-example -o bomresults/bom-java.json --generate-key-and-sign
SBOM_SIGN_ALGORITHM=RS512 SBOM_SIGN_PRIVATE_KEY=bomresults/private.key SBOM_SIGN_PUBLIC_KEY=bomresults/public.key bin/cdxgen.js -p -r -t github repotests/shiftleft-java-example -o bomresults/bom-github.json
FETCH_LICENSE=true bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example -o bomresults/bom-ts.json --validate
FETCH_LICENSE=1 bin/cdxgen.js -p -r -t js repotests/shiftleft-ts-example --required-only -o bomresults/bom-ts.json --validate
FETCH_LICENSE=false bin/cdxgen.js -p -r -t go repotests/shiftleft-go-example -o bomresults/bom-go.json --validate
FETCH_LICENSE=true bin/cdxgen.js -p -r -t csharp repotests/vulnerable_net_core -o bomresults/bom-csharp2.json --validate
FETCH_LICENSE=0 bin/cdxgen.js -p -r repotests/Goatly.NET -o bomresults/bom-csharp3.json --validate
FETCH_LICENSE=true bin/cdxgen.js -p -r -t python repotests/DjanGoat -o bomresults/bom-python.json --validate
bin/cdxgen.js -p -r -t php repotests/Vulnerable-Web-Application -o bomresults/bom-php.json --validate
bin/cdxgen.js -p -r -t ruby repotests/railsgoat -o bomresults/bom-ruby.json --validate
bin/cdxgen.js -p -r -t java repotests/bazel-examples/java-maven -o bomresults/bom-bazel.json --validate
bin/cdxgen.js -p -r -t dart repotests/gallery -o bomresults/bom-pub.json --validate
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t clojure repotests/ziggurat -o bomresults/bom-clj.json --validate
CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -r -t swift repotests/swift-markdown -o bomresults/bom-swift.json --validate
bin/cdxgen.js -r repotests/microservices-demo -o bomresults/bom-msd.json --validate
bin/cdxgen.js -r -t yaml-manifest repotests/microservices-demo -o bomresults/bom-yaml.json --validate
# mkdir -p jenkins
# wget https://updates.jenkins.io/download/plugins/sonar/2.14/sonar.hpi
# wget https://updates.jenkins.io/download/plugins/bouncycastle-api/2.26/bouncycastle-api.hpi
# wget https://updates.jenkins.io/download/plugins/jsch/0.1.55.61.va_e9ee26616e7/jsch.hpi
# wget https://updates.jenkins.io/download/plugins/momentjs/1.1.1/momentjs.hpi
# mv *.hpi jenkins
# CDXGEN_DEBUG_MODE=debug bin/cdxgen.js -p -r -t jenkins jenkins -o bomresults/bom-jenkins.json --validate
ls -ltr bomresults
- name: denotests
if: github.ref == 'refs/heads/master'
run: |
docker build -t ghcr.io/cyclonedx/cdxgen-deno -f Dockerfile-deno .
docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t java /app/repotests/shiftleft-java-example -o /app/denoresults/bom-java.json
docker run --rm -t -e "CDXGEN_DEBUG_MODE=debug" -v $(pwd):/app ghcr.io/cyclonedx/cdxgen-deno -p -r -t python /app/repotests/DjanGoat -o /app/denoresults/bom-python.json
ls -ltr denoresults
- uses: actions/upload-artifact@v1
with:
name: bomresults
path: bomresults