Merge pull request #147 from skyflowapi/SK-1633-fix-security-vulnerabilities

skyflow-vivek · web-flow · commit 16f42afd1698 · 2024-12-19T18:57:11.000+05:30
SK-1633 Run Endor labs scan to identify security vulnerabilities
diff --git a/.github/workflows/endorlabsScan.yml b/.github/workflows/endorlabsScan.yml
@@ -0,0 +1,40 @@
+name: Endor Labs Scan Java Project
+
+on:
+  workflow_dispatch:
+    inputs:
+      java_version:
+        description: "The version of Java to be used for build"
+        default: "1.8"
+        required: true
+
+jobs:
+  clone-build-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: zulu
+          java-version: ${{ github.event.inputs.java_version }}
+
+      - name: Create env
+        id: create-env
+        run: |
+          touch .env
+          echo SKYFLOW_CREDENTIALS=${{ secrets.SKYFLOW_CREDENTIALS }} >> .env
+          echo TEST_EXPIRED_TOKEN=${{ secrets.TEST_EXPIRED_TOKEN }} >> .env
+          echo TEST_REUSABLE_TOKEN=${{ secrets.TEST_REUSABLE_TOKEN }} >> .env
+
+      - name: Compile Package
+        run: mvn clean install
+
+      - name: Endor Labs SCA Scan
+        uses: endorlabs/github-action@main
+        with:
+          namespace: "skyflow"
+          api: "https://api.endorlabs.com"
+          pr: false
+          enable_github_action_token: true
+          scan_dependencies: true
+          additional_args: "--as-default-branch --call-graph-languages=java"
