diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..37915856 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,44 @@ +name: 'AJs Template' +on: [push, pull_request] + +jobs: + branch-naming-rules: + runs-on: ubuntu-latest + steps: + #Assert Branch Naming Convention + - uses: deepakputhraya/action-branch-name@master + with: + regex: '([a-z])+\/([a-z])+' # Regex the branch should match. This example enforces grouping + allowed_prefixes: 'feature,stable,fix' # All branches should start with the given prefix + ignore: develop # Ignore exactly matching branch names from convention + min_length: 5 # Min length of the branch name + max_length: 20 # Max length of the branch name + #Sonarqube Section + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v1 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=ShireOrg_vulnado + #OWASP ZAP + - name: OWASP ZAP Full Scan + uses: zaproxy/action-full-scan@v0.2.0 + diff --git a/pom.xml b/pom.xml index e90d5213..46ccdaec 100644 --- a/pom.xml +++ b/pom.xml @@ -42,6 +42,6 @@ - JavaVulnerableLab + GregandAJJavaVulnerableLab