From 9a77ad9a588ab663e3ccfdd646f615b66ca25430 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 11 Oct 2023 16:08:27 +0530
Subject: [PATCH 01/19] Update pom.xml
---
pom.xml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/pom.xml b/pom.xml
index 3512c335..13032975 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,6 +15,9 @@
Demo project for Spring Boot
1.8
+ sdpktest
+ https://sonarcloud.io
+
From 04c5e3282b0e10a39657df96449432983097a109 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 12:21:59 +0530
Subject: [PATCH 02/19] Update DevopsIntegrationApplication.java
---
src/main/java/com/javatechie/DevopsIntegrationApplication.java | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/main/java/com/javatechie/DevopsIntegrationApplication.java b/src/main/java/com/javatechie/DevopsIntegrationApplication.java
index 32e26a16..f819e654 100644
--- a/src/main/java/com/javatechie/DevopsIntegrationApplication.java
+++ b/src/main/java/com/javatechie/DevopsIntegrationApplication.java
@@ -1,10 +1,9 @@
package com.javatechie;
-
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
-
+//testing
@SpringBootApplication
@RestController
public class DevopsIntegrationApplication {
From c19fa00b303fb8b791350af06f14969788095c3d Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 12:34:13 +0530
Subject: [PATCH 03/19] Create gitleaks.yml
---
.github/workflows/gitleaks.yml | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
create mode 100644 .github/workflows/gitleaks.yml
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
new file mode 100644
index 00000000..aec07fec
--- /dev/null
+++ b/.github/workflows/gitleaks.yml
@@ -0,0 +1,28 @@
+name: GitLeaks Scan
+
+on:
+ push:
+ branches:
+ - main # Modify this to match your repository's main branch
+ pull_request:
+ branches: [ "main" ]
+
+jobs:
+ gitleaks:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v2
+
+ - name: Install GitLeaks
+ run: |
+ wget -q -O gitleaks.tar.gz https://github.com/gitleaks/gitleaks/releases/download/v8.18.0/gitleaks_8.18.0_linux_x64.tar.gz
+ ls -l
+ tar -xzvf gitleaks.tar.gz
+ chmod +x gitleaks
+ sudo mv gitleaks /usr/local/bin/
+
+ - name: Run GitLeaks
+ run: |
+ gitleaks detect --redact
From 567182b60b53f0872b4370029f0abecc299f8466 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 12:34:58 +0530
Subject: [PATCH 04/19] Create maven.yml
---
.github/workflows/maven.yml | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
create mode 100644 .github/workflows/maven.yml
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
new file mode 100644
index 00000000..17e027bd
--- /dev/null
+++ b/.github/workflows/maven.yml
@@ -0,0 +1,35 @@
+# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Java CI with Maven
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ branches: [ "main" ]
+
+jobs:
+ build:
+
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ java-version: '17'
+ distribution: 'temurin'
+ cache: maven
+ - name: Build with Maven
+ run: mvn -B package --file pom.xml
+
+ # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
+ #- name: Update dependency graph
+ # uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
From 61659b5d176b6a6f4b76f1467db7e587569c0bb8 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 12:50:09 +0530
Subject: [PATCH 05/19] Update maven.yml
---
.github/workflows/maven.yml | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 17e027bd..e679f852 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -6,7 +6,7 @@
# separate terms of service, privacy policy, and support
# documentation.
-name: Java CI with Maven
+name: Maven and Depedency checker
on:
push:
@@ -29,6 +29,20 @@ jobs:
cache: maven
- name: Build with Maven
run: mvn -B package --file pom.xml
+
+ - name: Download OWASP Dependency-Check
+ run: curl -O https://dl.bintray.com/jeremy-long/owasp/dependency-check-6.3.0-release.zip && unzip -qq dependency-check-6.3.0-release.zip
+
+ - name: Run OWASP Dependency-Check
+ run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Your Project Name" --out ./report
+
+ - name: Upload OWASP Dependency-Check Report
+ uses: actions/upload-artifact@v2
+ with:
+ name: dependency-check-report
+ path: ./report
+
+
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
#- name: Update dependency graph
From 03ed834d4ce4d2ff221101b8686ba5c37953ac7c Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 13:07:02 +0530
Subject: [PATCH 06/19] Update maven.yml
---
.github/workflows/maven.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index e679f852..0d4ea248 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -31,10 +31,10 @@ jobs:
run: mvn -B package --file pom.xml
- name: Download OWASP Dependency-Check
- run: curl -O https://dl.bintray.com/jeremy-long/owasp/dependency-check-6.3.0-release.zip && unzip -qq dependency-check-6.3.0-release.zip
+ run: curl -O https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip && unzip -qq dependency-check-8.4.0-release.zip
- name: Run OWASP Dependency-Check
- run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Your Project Name" --out ./report
+ run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
- name: Upload OWASP Dependency-Check Report
uses: actions/upload-artifact@v2
From 91abf870c936011367914563abc518a12b80e0f0 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 13:11:48 +0530
Subject: [PATCH 07/19] Update maven.yml
From 85ff56c20d268d75ca641b123130075e386f3cc9 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 13:16:32 +0530
Subject: [PATCH 08/19] Update maven.yml
---
.github/workflows/maven.yml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 0d4ea248..fc6134bd 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -31,7 +31,10 @@ jobs:
run: mvn -B package --file pom.xml
- name: Download OWASP Dependency-Check
- run: curl -O https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip && unzip -qq dependency-check-8.4.0-release.zip
+ run: |
+ wget -q -O dependency-check-8.4.0-release.zip https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip
+ ls -l
+ unzip -qq dependency-check-8.4.0-release.zip
- name: Run OWASP Dependency-Check
run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
From 291a91db15bcbd0e96d08541fef4267ac456e3f0 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 13:42:25 +0530
Subject: [PATCH 09/19] Update maven.yml
---
.github/workflows/maven.yml | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index fc6134bd..863b18fa 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -6,7 +6,7 @@
# separate terms of service, privacy policy, and support
# documentation.
-name: Maven and Depedency checker
+name: Maven and SCA_SAST scan with DC and FindSecBug
on:
push:
@@ -45,7 +45,17 @@ jobs:
name: dependency-check-report
path: ./report
+ - name: Download FindSecBugs
+ run: wget -q https://github.com/find-sec-bugs/find-sec-bugs/releases/download/version-1.11.0/findsecbugs-cli.jar
+ - name: Run FindSecBugs
+ run: java -jar findsecbugs-cli.jar -progress -output findsecbugs-results.html -html -jvmArgs -Xmx2G -Duser.language=en target/*.jar
+
+ - name: Upload FindSecBugs Report
+ uses: actions/upload-artifact@v2
+ with:
+ name: findsecbugs-report
+ path: findsecbugs-results.html
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
#- name: Update dependency graph
From a3038a14c5772ee62cd6b09637f8481d85bff843 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 13:58:14 +0530
Subject: [PATCH 10/19] Update maven.yml
---
.github/workflows/maven.yml | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 863b18fa..26e5bd0d 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -30,26 +30,28 @@ jobs:
- name: Build with Maven
run: mvn -B package --file pom.xml
- - name: Download OWASP Dependency-Check
- run: |
- wget -q -O dependency-check-8.4.0-release.zip https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip
- ls -l
- unzip -qq dependency-check-8.4.0-release.zip
+# - name: Download OWASP Dependency-Check
+# run: |
+# wget -q -O dependency-check-8.4.0-release.zip https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip
+# ls -l
+# unzip -qq dependency-check-8.4.0-release.zip
- - name: Run OWASP Dependency-Check
- run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
+# - name: Run OWASP Dependency-Check
+# run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
- - name: Upload OWASP Dependency-Check Report
- uses: actions/upload-artifact@v2
- with:
- name: dependency-check-report
- path: ./report
+# - name: Upload OWASP Dependency-Check Report
+# uses: actions/upload-artifact@v2
+# with:
+# name: dependency-check-report
+# path: ./report
- name: Download FindSecBugs
- run: wget -q https://github.com/find-sec-bugs/find-sec-bugs/releases/download/version-1.11.0/findsecbugs-cli.jar
+ run: |
+ wget -q -O findsecbugs-cli-1.12.0.zip https://github.com/find-sec-bugs/find-sec-bugs/releases/download/version-1.12.0/findsecbugs-cli-1.12.0.zip
+ unzip -qq findsecbugs-cli-1.12.0.zip
- name: Run FindSecBugs
- run: java -jar findsecbugs-cli.jar -progress -output findsecbugs-results.html -html -jvmArgs -Xmx2G -Duser.language=en target/*.jar
+ run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -jvmArgs -Xmx2G -Duser.language=en target/*.jar
- name: Upload FindSecBugs Report
uses: actions/upload-artifact@v2
From c997da4d1b592c1958217d7ece06eb3315ecc3fc Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:02:22 +0530
Subject: [PATCH 11/19] Update maven.yml
---
.github/workflows/maven.yml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 26e5bd0d..5084ff90 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -49,6 +49,8 @@ jobs:
run: |
wget -q -O findsecbugs-cli-1.12.0.zip https://github.com/find-sec-bugs/find-sec-bugs/releases/download/version-1.12.0/findsecbugs-cli-1.12.0.zip
unzip -qq findsecbugs-cli-1.12.0.zip
+ ls -l
+ chmod 755 findsecbugs.sh
- name: Run FindSecBugs
run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -jvmArgs -Xmx2G -Duser.language=en target/*.jar
From a7e587e48ac55cb1f65191ce0d8c6fba5e14f9e5 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:07:12 +0530
Subject: [PATCH 12/19] Update maven.yml
---
.github/workflows/maven.yml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 5084ff90..890ee65f 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -49,11 +49,13 @@ jobs:
run: |
wget -q -O findsecbugs-cli-1.12.0.zip https://github.com/find-sec-bugs/find-sec-bugs/releases/download/version-1.12.0/findsecbugs-cli-1.12.0.zip
unzip -qq findsecbugs-cli-1.12.0.zip
- ls -l
chmod 755 findsecbugs.sh
+ chmod +x findsecbugs.sh
+ ls -l
+ ./findsecbugs.sh -help
- name: Run FindSecBugs
- run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -jvmArgs -Xmx2G -Duser.language=en target/*.jar
+ run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -Duser.language=en target/*.jar
- name: Upload FindSecBugs Report
uses: actions/upload-artifact@v2
From c50da2bedd1b5af6c8729da0a4cb3bec0fce6566 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:10:22 +0530
Subject: [PATCH 13/19] Update maven.yml
---
.github/workflows/maven.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 890ee65f..92a431ad 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -52,7 +52,7 @@ jobs:
chmod 755 findsecbugs.sh
chmod +x findsecbugs.sh
ls -l
- ./findsecbugs.sh -help
+
- name: Run FindSecBugs
run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -Duser.language=en target/*.jar
From 1b651101124041f696e9eb843810d7732bbb957a Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:13:28 +0530
Subject: [PATCH 14/19] Update maven.yml
---
.github/workflows/maven.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 92a431ad..9bb86128 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -55,7 +55,7 @@ jobs:
- name: Run FindSecBugs
- run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html -Duser.language=en target/*.jar
+ run: ./findsecbugs.sh -progress -output findsecbugs-results.html -html target/*.jar
- name: Upload FindSecBugs Report
uses: actions/upload-artifact@v2
From 716a893905d38c7b24a37472a73d45061a1e30c6 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:28:04 +0530
Subject: [PATCH 15/19] Update maven.yml
---
.github/workflows/maven.yml | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 9bb86128..a4a8bf09 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -15,7 +15,7 @@ on:
branches: [ "main" ]
jobs:
- build:
+ BuildWithGitHubActions:
runs-on: ubuntu-latest
@@ -30,20 +30,20 @@ jobs:
- name: Build with Maven
run: mvn -B package --file pom.xml
-# - name: Download OWASP Dependency-Check
-# run: |
-# wget -q -O dependency-check-8.4.0-release.zip https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip
-# ls -l
-# unzip -qq dependency-check-8.4.0-release.zip
+ - name: Download OWASP Dependency-Check
+ run: |
+ wget -q -O dependency-check-8.4.0-release.zip https://github.com/jeremylong/DependencyCheck/releases/download/v8.4.0/dependency-check-8.4.0-release.zip
+ ls -l
+ unzip -qq dependency-check-8.4.0-release.zip
-# - name: Run OWASP Dependency-Check
-# run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
+ - name: Run OWASP Dependency-Check
+ run: ./dependency-check/bin/dependency-check.sh --scan ./ --format HTML --project "Dependencychecker_DevOpsTest" --out ./report
-# - name: Upload OWASP Dependency-Check Report
-# uses: actions/upload-artifact@v2
-# with:
-# name: dependency-check-report
-# path: ./report
+ - name: Upload OWASP Dependency-Check Report
+ uses: actions/upload-artifact@v2
+ with:
+ name: dependency-check-report
+ path: ./report
- name: Download FindSecBugs
run: |
From dd32f2dc54ad0f0684fe76929c62171ff7a9a30d Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 18 Oct 2023 14:58:39 +0530
Subject: [PATCH 16/19] Update gitleaks.yml
---
.github/workflows/gitleaks.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
index aec07fec..168b46b3 100644
--- a/.github/workflows/gitleaks.yml
+++ b/.github/workflows/gitleaks.yml
@@ -1,5 +1,5 @@
name: GitLeaks Scan
-
+# testing sample DevOps with Git workflow
on:
push:
branches:
From 92f77ae9acc21bd5f96f8aa7881f9eba3119888a Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 25 Oct 2023 10:53:54 +0530
Subject: [PATCH 17/19] Create test2.java
---
test2.java | 1 +
1 file changed, 1 insertion(+)
create mode 100644 test2.java
diff --git a/test2.java b/test2.java
new file mode 100644
index 00000000..a6068d8b
--- /dev/null
+++ b/test2.java
@@ -0,0 +1 @@
+// testing
From b11d1f2cfaa696a43cee8c6555e5132d8212f847 Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Tue, 31 Oct 2023 14:49:23 +0530
Subject: [PATCH 18/19] Update Dockerfile
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index 250aaff1..8f55f6af 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
FROM openjdk:8
EXPOSE 8080
ADD target/devops-integration.jar devops-integration.jar
-ENTRYPOINT ["java","-jar","/devops-integration.jar"]
\ No newline at end of file
+ENTRYPOINT ["java","-jar","/devops-integration.jar"]
From 70b7939940dc157dbb333648b6e806bcb78b5d6c Mon Sep 17 00:00:00 2001
From: sdpktest <120395558+sdpktest@users.noreply.github.com>
Date: Wed, 8 Nov 2023 14:24:51 +0530
Subject: [PATCH 19/19] Update Jenkinsfile
---
Jenkinsfile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index ae953c63..36d2d58c 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,4 +1,4 @@
-pipeline {
+pipeline {
agent any
tools{
maven 'maven_3_5_0'
@@ -36,4 +36,4 @@ pipeline {
}
}
}
-}
\ No newline at end of file
+}