-
Notifications
You must be signed in to change notification settings - Fork 133
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
PRODSEC-1222 Whitesource for Github Integration (#240)
- Loading branch information
1 parent
0b45e30
commit f4737b9
Showing
4 changed files
with
137 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
|
||
name: whitesource-issue | ||
|
||
on: | ||
issues: | ||
types: [opened, reopened] | ||
|
||
concurrency: whitesource-issue | ||
|
||
jobs: | ||
whitesource: | ||
runs-on: ubuntu-latest | ||
if: ${{ github.event.issue.user.login == 'whitesource-for-github-com[bot]' }} | ||
steps: | ||
- name: checkout action | ||
uses: actions/checkout@v2 | ||
with: | ||
repository: snowflakedb/whitesource-actions | ||
token: ${{ secrets.WHITESOURCE_ACTION_TOKEN }} | ||
path: whitesource-actions | ||
|
||
- name: Jira Creation | ||
uses: ./whitesource-actions/whitesource-issue | ||
with: | ||
jira_token: ${{ secrets.JIRA_TOKEN_PUBLIC_REPO }} | ||
gh_token: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
name: whitesource | ||
on: | ||
pull_request: | ||
branches: | ||
- master | ||
jobs: | ||
whitesource: | ||
runs-on: ubuntu-latest | ||
if: ${{ github.event.pull_request.user.login == 'whitesource-for-github-com[bot]' }} | ||
steps: | ||
- name: checkout | ||
uses: actions/checkout@v2 | ||
with: | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
fetch-depth: 0 | ||
|
||
- name: checkout action | ||
uses: actions/checkout@v2 | ||
with: | ||
repository: snowflakedb/whitesource-actions | ||
token: ${{ secrets.WHITESOURCE_ACTION_TOKEN }} | ||
path: whitesource-actions | ||
|
||
- name: PR | ||
uses: ./whitesource-actions/whitesource-pr | ||
with: | ||
jira_token: ${{ secrets.JIRA_TOKEN_PUBLIC_REPO }} | ||
gh_token: ${{ secrets.GITHUB_TOKEN }} | ||
amend: false # true if you want the commit to be amended with the JIRA number |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{ | ||
"scanSettings": { | ||
"configMode": "LOCAL", | ||
"configExternalURL": "", | ||
"projectToken": "", | ||
"baseBranches": [] | ||
}, | ||
"checkRunSettings": { | ||
"vulnerableCheckRunConclusionLevel": "failure", | ||
"displayMode": "diff" | ||
}, | ||
"issueSettings": { | ||
"minSeverityLevel": "LOW" | ||
}, | ||
"remediateSettings": { | ||
"enableRenovate": false, | ||
"commitMessagePrefix": "SNOW-515713" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
#################################################################### | ||
# WhiteSource Unified-Agent generated configuration file | ||
#################################################################### | ||
######################################################## | ||
# GENERAL SCAN MODE: Files and Package Managers | ||
######################################################## | ||
|
||
resolveAllDependencies=false | ||
archiveExtractionDepth=7 | ||
followSymbolicLinks=true | ||
showProgressBar=false | ||
|
||
checkPolicies=true | ||
forceCheckAllDependencies=true | ||
forceUpdate=true | ||
forceUpdate.failBuildOnPolicyViolation=true | ||
#updateInventory=false | ||
|
||
npm.resolveDependencies=true | ||
npm.ignoreSourceFiles=true | ||
npm.includeDevDependencies=false | ||
npm.runPreStep=false | ||
npm.ignoreNpmLsErrors=true | ||
npm.ignoreScripts=true | ||
npm.yarnProject=false | ||
npm.accessToken= | ||
npm.identifyByNameAndVersion=false | ||
npm.yarn.frozenLockfile=false | ||
npm.resolveMainPackageJsonOnly=true | ||
npm.removeDuplicateDependencies=true | ||
npm.resolveAdditionalDependencies=false | ||
npm.failOnNpmLsErrors = false | ||
# npm.projectNameFromDependencyFile = true | ||
npm.resolveGlobalPackages=true | ||
npm.resolveLockFile=false | ||
|
||
#------------------------------------------------------------------------ | ||
#------------------------ Fill in the parameters ------------------------ | ||
#------------------------------------------------------------------------ | ||
|
||
apiKey= | ||
#Unique identifier of the organization. It can be retrieved from the 'Integrate' page in your WhiteSource account | ||
|
||
productName= | ||
#Name of the product to create or update | ||
|
||
projectName= | ||
#Name of the project to create or update | ||
|
||
wss.url= | ||
#URL to send the request to. Use the 'WhiteSource Server URL' which can be retrieved from your 'Profile' page on the 'Server URLs' panel. Then, add New configuration was created at the '/agent' path to it, | ||
#For example: "https://<domain>.whitesourcesoftware.com/agent". | ||
|
||
#projectTag= | ||
#Project tag, to refer to another project and apply the policies from there | ||
|
||
#projectToken= | ||
#Unique identifier of the project to update. It can be retrieved from the 'Integrate' page in your WhiteSource account | ||
|
||
#---------------- File name patterns to search ---------------- | ||
includes=**/*.m **/*.mm **/*.js **/*.json **/*.ts **/*.jsx **/*.tsx **/*.min.js | ||
|
||
excludes=**/*sources.jar **/*javadoc.jar |