Skip to content

Commit

Permalink
Merge branch 'master' into dependabot/github_actions/microsoft/setup-…
Browse files Browse the repository at this point in the history
…msbuild-2.0.0
  • Loading branch information
arvindkrishnakumar-okta authored Dec 20, 2024
2 parents 5578276 + 7ee30e0 commit cf9e225
Showing 6 changed files with 83 additions and 22 deletions.
61 changes: 56 additions & 5 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,15 +1,66 @@
version: 2.1

orbs:
general-platform-helpers: okta/[email protected]
general-platform-helpers: okta/[email protected]
python: circleci/[email protected]
aws-cli: circleci/[email protected]

jobs:

reversing-labs:
docker:
- image: cimg/openjdk:17.0.7
steps:
- checkout

- run:
name: Install Python
command: |
sudo apt-get update
sudo apt-get install -y python3 python3-pip
sudo pip install --upgrade pip
- run:
name: Download Reverse Labs Scanner
command: |
curl https://dso-resources.oktasecurity.com/scanner \
-H "x-api-key: $DSO_RLSECURE_TOKEN" \
--output rl_wrapper-0.0.2+35ababa-py3-none-any.whl
# Install the wrapper that was downloaded
- run:
name: Install RL Wrapper
command: |
pip install ./rl_wrapper-0.0.2+35ababa-py3-none-any.whl
# Setup the AWS profile
- aws-cli/setup:
profile_name: default
role_arn: $AWS_ARN
region: us-east-1
# Get the credentials and save to env
- run: >-
eval "$(aws configure export-credentials --profile default --format env)" 2> /dev/null
# Run the wrapper, do not change anything here
- run:
name: Run Reversing Labs Wrapper Scanner
command: |
rl-wrapper \
--artifact ${CIRCLE_WORKING_DIRECTORY/#\~/$HOME} \
--name $CIRCLE_PROJECT_REPONAME\
--version $CIRCLE_SHA1\
--repository $CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME \
--commit $CIRCLE_SHA1 \
--build-env "circleci" \
--suppress_output
workflows:
# See OKTA-624620
semgrep:
jobs:
- general-platform-helpers/job-semgrep-prepare:
name: semgrep-prepare
- general-platform-helpers/job-semgrep-scan:
name: "Scan with Semgrep"
requires:
- semgrep-prepare
context:
- static-analysis

"Malware Scanner":
jobs:
- reversing-labs:
context:
- static-analysis
4 changes: 2 additions & 2 deletions .github/workflows/graalvm.yml
Original file line number Diff line number Diff line change
@@ -72,7 +72,7 @@ jobs:

steps:
- uses: actions/checkout@v4
- uses: ilammy/msvc-dev-cmd@v1.12.1
- uses: ilammy/msvc-dev-cmd@v1.13.0
- uses: microsoft/[email protected]

- name: Set up GraalVM
@@ -84,7 +84,7 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: Configure Pagefile
uses: al-cheb/configure-pagefile-action@v1.3
uses: al-cheb/configure-pagefile-action@v1.4

- name: Setup Pagefile
run: |
6 changes: 3 additions & 3 deletions cli/pom.xml
Original file line number Diff line number Diff line change
@@ -131,7 +131,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.11.0</version>
<version>3.13.0</version>
<configuration>
<verbose>true</verbose>
<annotationProcessorPaths>
@@ -231,7 +231,7 @@
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>3.3.0</version>
<version>3.5.0</version>
<executions>
<execution>
<id>attach-artifacts</id>
@@ -257,7 +257,7 @@
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>3.2.0</version>
<version>3.2.5</version>
<configuration>
<mainClass>com.okta.cli.OktaCli</mainClass>
</configuration>
8 changes: 4 additions & 4 deletions common/pom.xml
Original file line number Diff line number Diff line change
@@ -66,12 +66,12 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>1.25.0</version>
<version>1.26.0</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-interpolation</artifactId>
<version>1.26</version>
<version>1.27</version>
</dependency>

<dependency>
@@ -92,7 +92,7 @@
<dependency>
<groupId>com.google.jimfs</groupId>
<artifactId>jimfs</artifactId>
<version>1.2</version>
<version>1.3.0</version>
<scope>test</scope>
</dependency>
</dependencies>
@@ -112,4 +112,4 @@
</plugins>
</build>

</project>
</project>
2 changes: 1 addition & 1 deletion integration-tests/pom.xml
Original file line number Diff line number Diff line change
@@ -90,7 +90,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>3.2.3</version>
<version>3.2.5</version>
<executions>
<!-- We should be able to run coverage using something like this, but we need to resolve a user home issue first -->
<execution>
24 changes: 17 additions & 7 deletions pom.xml
Original file line number Diff line number Diff line change
@@ -50,7 +50,7 @@
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

<okta.sdk.version>8.2.5</okta.sdk.version>
<slf4j.version>2.0.9</slf4j.version>
<slf4j.version>2.0.11</slf4j.version>
</properties>

<modules>
@@ -66,7 +66,7 @@
<dependency>
<groupId>com.fasterxml.jackson</groupId>
<artifactId>jackson-bom</artifactId>
<version>2.16.0</version>
<version>2.17.0</version>
<scope>import</scope>
<type>pom</type>
</dependency>
@@ -94,10 +94,15 @@
<artifactId>snakeyaml</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>32.1.3-jre</version>
<version>33.1.0-jre</version>
</dependency>
<dependency>
<groupId>org.graalvm.sdk</groupId>
@@ -122,13 +127,18 @@
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
<version>7.8.0</version>
<version>7.10.2</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.16.0</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.14.0</version>
</dependency>
</dependencies>
</dependencyManagement>

@@ -160,7 +170,7 @@
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>9.0.7</version>
<version>9.1.0</version>
<configuration>
<cveUrlModified>https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-modified.json.gz</cveUrlModified>
<cveUrlBase>https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-%d.json.gz</cveUrlBase>
@@ -184,7 +194,7 @@
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>4.8.2.0</version>
<version>4.8.4.0</version>
<configuration>
<effort>Max</effort>
<threshold>Low</threshold>
@@ -222,7 +232,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.11.0</version>
<version>3.13.0</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>

0 comments on commit cf9e225

Please sign in to comment.