From fb3369aa405fa747aa4263bc9cf3310ae9f30854 Mon Sep 17 00:00:00 2001 From: e6-qwiet Date: Fri, 20 Dec 2024 11:05:42 -0600 Subject: [PATCH 1/2] Update qwiet-prezero-workflow.yml --- .github/workflows/qwiet-prezero-workflow.yml | 47 +++++++++++++------- 1 file changed, 30 insertions(+), 17 deletions(-) diff --git a/.github/workflows/qwiet-prezero-workflow.yml b/.github/workflows/qwiet-prezero-workflow.yml index fa6387dc..4ead7943 100644 --- a/.github/workflows/qwiet-prezero-workflow.yml +++ b/.github/workflows/qwiet-prezero-workflow.yml @@ -1,35 +1,48 @@ +<<<<<<< Updated upstream # This workflow integrates Qwiet preZero with GitHub # Visit https://docs.shiftleft.io for help name: Qwiet +======= +# This workflow integrates Qwiet preZero +name: QwietAFPRnBR +>>>>>>> Stashed changes on: pull_request: workflow_dispatch: - push: - # We recommend triggering a scan when merging to your default branch - # as a best practice, especially if you'd like to compare the results - # of two scans (e.g., a feature branch against the default branch) - branches: - - main - - master - + schedule: + # * is a special character in YAML so you have to quote this string + - cron: '0 11 * * 6' jobs: - ngsast-build: - runs-on: ubuntu-20.04 + NextGen-Static-Analysis: + runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 + + - name: Setup Java JDK v8 + uses: actions/setup-java@v3 + with: + distribution: zulu + java-version: 8 - - name: Download the Qwiet CLI and set permissions + - name: Download Qwiet CLI run: | curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl - # Qwiet requires Java 1.8 - - name: Set up Java - uses: actions/setup-java@v1.4.3 - with: - java-version: 1.8 + - name: Extract branch name + shell: bash + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + id: extract_branch +<<<<<<< Updated upstream - name: NextGen Static Analysis run: ${GITHUB_WORKSPACE}/sl analyze --app shiftleft-python-demo-GH --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} --python . +======= + - name: preZero NextGen Static Analysis + run: ${GITHUB_WORKSPACE}/sl analyze --strict --wait --verbose --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} +>>>>>>> Stashed changes env: SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }} + SHIFTLEFT_API_HOST: www.shiftleft.io + SHIFTLEFT_GRPC_TELEMETRY_HOST: telemetry.shiftleft.io:443 + SHIFTLEFT_GRPC_API_HOST: api.shiftleft.io:443 From 5cfff5322b0141092b877b78ff70c7cdca111c2e Mon Sep 17 00:00:00 2001 From: Eric Six Date: Fri, 20 Dec 2024 11:09:02 -0600 Subject: [PATCH 2/2] Update qwiet-prezero-workflow.yml --- .github/workflows/qwiet-prezero-workflow.yml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/.github/workflows/qwiet-prezero-workflow.yml b/.github/workflows/qwiet-prezero-workflow.yml index 4ead7943..a186db04 100644 --- a/.github/workflows/qwiet-prezero-workflow.yml +++ b/.github/workflows/qwiet-prezero-workflow.yml @@ -1,11 +1,6 @@ -<<<<<<< Updated upstream # This workflow integrates Qwiet preZero with GitHub # Visit https://docs.shiftleft.io for help name: Qwiet -======= -# This workflow integrates Qwiet preZero -name: QwietAFPRnBR ->>>>>>> Stashed changes on: pull_request: @@ -34,13 +29,9 @@ jobs: run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" id: extract_branch -<<<<<<< Updated upstream - - name: NextGen Static Analysis - run: ${GITHUB_WORKSPACE}/sl analyze --app shiftleft-python-demo-GH --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} --python . -======= - name: preZero NextGen Static Analysis run: ${GITHUB_WORKSPACE}/sl analyze --strict --wait --verbose --tag branch=${{ github.head_ref || steps.extract_branch.outputs.branch }} ->>>>>>> Stashed changes + env: SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }} SHIFTLEFT_API_HOST: www.shiftleft.io