forked from cdefense/vulnerable-java-maven
-
Notifications
You must be signed in to change notification settings - Fork 0
31 lines (26 loc) · 1014 Bytes
/
sca_ci.yml
File metadata and controls
31 lines (26 loc) · 1014 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# This workflow will build a Java project with Maven
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java Maven SCA Scan
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
repository_dispatch:
jobs:
sca-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Build with Maven
run: mvn clean install
- name: Cloud Defense Scan
env:
SCA_SCAN_URL: https://cd-scanner.herokuapp.com/processAndSave
run: |
curl https://raw.githubusercontent.com/CloudDefenseAI/cd/master/latest/cd-latest-linux-x64.tar.gz > /tmp/cd-latest-linux-x64.tar.gz && tar -C /tmp -xzf /tmp/cd-latest-linux-x64.tar.gz && chmod +x /tmp/cdefense
/tmp/cdefense scan --lang=java --project-name=vulnerable-java-maven --api-key=${{ secrets.CD_API_KEY }}