Skip to content

Commit

Permalink
PRODSEC-1222 Whitesource for Github Integration (#240)
Browse files Browse the repository at this point in the history
  • Loading branch information
sfc-gh-jfan authored Dec 8, 2021
1 parent 0b45e30 commit f4737b9
Show file tree
Hide file tree
Showing 4 changed files with 137 additions and 0 deletions.
26 changes: 26 additions & 0 deletions .github/workflows/whitesource-issue.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@

name: whitesource-issue

on:
issues:
types: [opened, reopened]

concurrency: whitesource-issue

jobs:
whitesource:
runs-on: ubuntu-latest
if: ${{ github.event.issue.user.login == 'whitesource-for-github-com[bot]' }}
steps:
- name: checkout action
uses: actions/checkout@v2
with:
repository: snowflakedb/whitesource-actions
token: ${{ secrets.WHITESOURCE_ACTION_TOKEN }}
path: whitesource-actions

- name: Jira Creation
uses: ./whitesource-actions/whitesource-issue
with:
jira_token: ${{ secrets.JIRA_TOKEN_PUBLIC_REPO }}
gh_token: ${{ secrets.GITHUB_TOKEN }}
29 changes: 29 additions & 0 deletions .github/workflows/whitesource.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: whitesource
on:
pull_request:
branches:
- master
jobs:
whitesource:
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.user.login == 'whitesource-for-github-com[bot]' }}
steps:
- name: checkout
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0

- name: checkout action
uses: actions/checkout@v2
with:
repository: snowflakedb/whitesource-actions
token: ${{ secrets.WHITESOURCE_ACTION_TOKEN }}
path: whitesource-actions

- name: PR
uses: ./whitesource-actions/whitesource-pr
with:
jira_token: ${{ secrets.JIRA_TOKEN_PUBLIC_REPO }}
gh_token: ${{ secrets.GITHUB_TOKEN }}
amend: false # true if you want the commit to be amended with the JIRA number
19 changes: 19 additions & 0 deletions .whitesource
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
{
"scanSettings": {
"configMode": "LOCAL",
"configExternalURL": "",
"projectToken": "",
"baseBranches": []
},
"checkRunSettings": {
"vulnerableCheckRunConclusionLevel": "failure",
"displayMode": "diff"
},
"issueSettings": {
"minSeverityLevel": "LOW"
},
"remediateSettings": {
"enableRenovate": false,
"commitMessagePrefix": "SNOW-515713"
}
}
63 changes: 63 additions & 0 deletions whitesource.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
####################################################################
# WhiteSource Unified-Agent generated configuration file
####################################################################
########################################################
# GENERAL SCAN MODE: Files and Package Managers
########################################################

resolveAllDependencies=false
archiveExtractionDepth=7
followSymbolicLinks=true
showProgressBar=false

checkPolicies=true
forceCheckAllDependencies=true
forceUpdate=true
forceUpdate.failBuildOnPolicyViolation=true
#updateInventory=false

npm.resolveDependencies=true
npm.ignoreSourceFiles=true
npm.includeDevDependencies=false
npm.runPreStep=false
npm.ignoreNpmLsErrors=true
npm.ignoreScripts=true
npm.yarnProject=false
npm.accessToken=
npm.identifyByNameAndVersion=false
npm.yarn.frozenLockfile=false
npm.resolveMainPackageJsonOnly=true
npm.removeDuplicateDependencies=true
npm.resolveAdditionalDependencies=false
npm.failOnNpmLsErrors = false
# npm.projectNameFromDependencyFile = true
npm.resolveGlobalPackages=true
npm.resolveLockFile=false

#------------------------------------------------------------------------
#------------------------ Fill in the parameters ------------------------
#------------------------------------------------------------------------

apiKey=
#Unique identifier of the organization. It can be retrieved from the 'Integrate' page in your WhiteSource account

productName=
#Name of the product to create or update

projectName=
#Name of the project to create or update

wss.url=
#URL to send the request to. Use the 'WhiteSource Server URL' which can be retrieved from your 'Profile' page on the 'Server URLs' panel. Then, add New configuration was created at the '/agent' path to it,
#For example: "https://<domain>.whitesourcesoftware.com/agent".

#projectTag=
#Project tag, to refer to another project and apply the policies from there

#projectToken=
#Unique identifier of the project to update. It can be retrieved from the 'Integrate' page in your WhiteSource account

#---------------- File name patterns to search ----------------
includes=**/*.m **/*.mm **/*.js **/*.json **/*.ts **/*.jsx **/*.tsx **/*.min.js

excludes=**/*sources.jar **/*javadoc.jar

0 comments on commit f4737b9

Please sign in to comment.