From 283dae80ed832e24f0ec3197d96491afb15d5fc9 Mon Sep 17 00:00:00 2001 From: norbertogarcia-okta Date: Mon, 30 Jun 2025 11:14:50 +0200 Subject: [PATCH 1/4] Create test-gha.yaml --- .github/workflows/test-gha.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/test-gha.yaml diff --git a/.github/workflows/test-gha.yaml b/.github/workflows/test-gha.yaml new file mode 100644 index 0000000..c666e86 --- /dev/null +++ b/.github/workflows/test-gha.yaml @@ -0,0 +1,19 @@ +name: test sca scan gha + +on: + pull_request: + +jobs: + test-scan: + runs-on: ubuntu-latest + + steps: + - name: Checkout app code + uses: actions/checkout@v4 + + - name: SCA + uses: auth0/devsecops-tooling/.github/actions/sca-scan@main + with: + SIGNAL_HANDLER_DOMAIN: ${{ secrets.SIGNAL_HANDLER_DOMAIN }} + SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }} + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} From 54fb40610db271a5b9a2f8c00ba04e9862696632 Mon Sep 17 00:00:00 2001 From: norbertogarcia-okta Date: Mon, 30 Jun 2025 11:17:04 +0200 Subject: [PATCH 2/4] Create test-workflow.yml --- .github/workflows/test-workflow.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/workflows/test-workflow.yml diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml new file mode 100644 index 0000000..6b6023a --- /dev/null +++ b/.github/workflows/test-workflow.yml @@ -0,0 +1,11 @@ +name: test + +on: + pull_request: + +jobs: + snyk-cli: + uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main + with: + runner: ubuntu-latest + secrets: inherit From cd0105996cdfcd37a7a6e8a91409acc8782afeef Mon Sep 17 00:00:00 2001 From: norbertogarcia-okta Date: Mon, 30 Jun 2025 11:22:17 +0200 Subject: [PATCH 3/4] Create pom.xml --- pom.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 pom.xml diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..1584f85 --- /dev/null +++ b/pom.xml @@ -0,0 +1,51 @@ + + 4.0.0 + dependency-validation + scan-target + 0.0.1-SNAPSHOT + + + org.apache.httpcomponents + httpclient + 4.3.2 + jar + compile + + + org.apache.httpcomponents + httpclient-cache + 4.3.2 + jar + compile + + + org.apache.httpcomponents + httpmime + 4.3.2 + jar + compile + + + com.fasterxml.jackson.core + jackson-core + 2.4.0 + + + com.fasterxml.jackson.core + jackson-databind + 2.4.0 + + + + + + maven-compiler-plugin + 3.5.1 + + 1.7 + 1.7 + + + + + From e73e6b165dd8d278022c860ad09e0feac00068f8 Mon Sep 17 00:00:00 2001 From: norbertogarcia-okta Date: Mon, 30 Jun 2025 15:50:27 +0200 Subject: [PATCH 4/4] Update test-workflow.yml --- .github/workflows/test-workflow.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/test-workflow.yml b/.github/workflows/test-workflow.yml index 6b6023a..4cc93d5 100644 --- a/.github/workflows/test-workflow.yml +++ b/.github/workflows/test-workflow.yml @@ -6,6 +6,4 @@ on: jobs: snyk-cli: uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main - with: - runner: ubuntu-latest secrets: inherit