ph-ee-connector-channel-enrichment-code-78efcf11 #2734
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Workflows generated by the MVS plan | |
run-name: ${{fromJSON(github.event.inputs.client_payload).payload.job_title}} | |
on: | |
workflow_dispatch: | |
inputs: | |
client_payload: | |
description: The Client payload | |
required: true | |
permissions: | |
contents: read | |
id-token: write | |
jobs: | |
docker-scan: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'docker-scan' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-docker-scan' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: trivy | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-trivy-alpine:latest | |
enrich: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'enrich' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-enrichment-code' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: enrichment | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-enrichment-slim:latest | |
iac-misconfig-detection-kubernetes: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'iac-misconfig-detection-kubernetes' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-kubernetes-iac-misconfiguration-detection' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: kubescape | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-kubescape-slim:latest | |
remediation-pr: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'remediation-pr' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-remediation-pr' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: remediation-pr | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/open-remediation-pr-alpine:latest | |
secret-detection: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'secret-detection' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-secret-detection' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: gitleaks | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-gitleaks-alpine:latest | |
software-bill-of-materials: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-bill-of-materials' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sbom' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: syft | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-syft-alpine:latest | |
fail_if_cannot_checkout: false | |
software-component-analysis-elixir: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-elixir' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: osv-scanner | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-osv-scanner-alpine:latest | |
software-component-analysis-go: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-go' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: nancy | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-nancy-alpine:latest | |
software-component-analysis-gradle: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-gradle' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: jit-gradle | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-jit-gradle-scanner:latest | |
software-component-analysis-java: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-java' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: osv-scanner | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-osv-scanner-alpine:latest | |
software-component-analysis-js: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-js' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: npm-audit | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-npm-audit-slim:latest | |
software-component-analysis-php: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-php' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: osv-scanner | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-osv-scanner-alpine:latest | |
software-component-analysis-poetry: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-poetry' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: osv-scanner | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-osv-scanner-alpine:latest | |
software-component-analysis-python: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-python' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: osv-scanner | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-osv-scanner-alpine:latest | |
software-component-analysis-trivy-csharp: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-component-analysis-trivy-csharp' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sca' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: trivy-dotnet | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-trivy-dotnet-slim:latest | |
static-code-analysis-c-cpp: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-c-cpp' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-csharp: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-csharp' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-go: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-go' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: gosec | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-gosec-alpine:latest | |
static-code-analysis-java: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-java' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-js: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-js' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-kotlin: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-kotlin' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-php: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-php' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-python-semgrep: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-python-semgrep' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-ruby: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-ruby' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-rust: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-rust' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-scala: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-scala' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |
static-code-analysis-swift: | |
if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'static-code-analysis-swift' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sast' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 60 | |
steps: | |
- name: semgrep | |
uses: jitsecurity-controls/[email protected] | |
with: | |
security_control: registry.jit.io/control-semgrep-alpine:latest | |