-
Notifications
You must be signed in to change notification settings - Fork 160
executable file
·35 lines (33 loc) · 1.11 KB
/
security-scan.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
name: Security Scan
on:
push:
branches:
- 'develop'
- 'release-**'
env:
BUILD_OPTS: ""
MAVEN_OPTS: "-Xmx4096m"
jobs:
# Documentation: https://jeremylong.github.io/DependencyCheck/dependency-check-maven/index.html
owasp-dependency-check:
name: Owasp Dependency Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4 # Checks out a copy of the repository on the ubuntu-latest machine
- uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: 11
cache: 'maven'
- uses: actions/setup-node@v4 # Installs Node and NPM
with:
node-version: 16
- name: Install Swagger CLI # Installs Swagger CLI to bundle OpenAPI files
run: 'npm install -g @apidevtools/swagger-cli'
- uses: actions/cache@v4 # Cache local Maven repository to reuse dependencies
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- run: mvn -B ${BUILD_OPTS} -DskipTests -Psecurity-scan verify