diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml new file mode 100644 index 0000000..350286c --- /dev/null +++ b/.github/workflows/fossa.yml @@ -0,0 +1,30 @@ +name: Fossa + +on: + workflow_dispatch: + inputs: + branch: + type: string + required: false + default: main + +concurrency: + group: ${{ github.ref_name }}-fossa + cancel-in-progress: true + +permissions: + contents: read + +jobs: + scan: + name: Fossa + runs-on: ubuntu-24.04 + if: ${{ github.event.repository.fork == false }} + steps: + - name: Checkout Repository + uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 # v4.2.2 + + - name: Scan + uses: fossas/fossa-action@93a52ecf7c3ac7eb40f5de77fd69b1a19524de94 # v1.5.0 + with: + api-key: ${{ secrets.FOSSA_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml new file mode 100644 index 0000000..38fecbc --- /dev/null +++ b/.github/workflows/mend.yml @@ -0,0 +1,38 @@ +name: Mend + +on: + workflow_dispatch: + inputs: + branch: + type: string + required: false + default: main + +concurrency: + group: ${{ github.ref_name }}-mend + cancel-in-progress: true + +permissions: + contents: read + +jobs: + scan: + name: Mend + runs-on: ubuntu-24.04 + steps: + - name: Checkout Repository + uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 # v4.2.2 + with: + ref: ${{ inputs.branch && inputs.branch || github.ref }} + + - name: Download agent + run: curl -fsSLJO https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar + + - name: Verify JAR + run: jarsigner -verify wss-unified-agent.jar + + - name: Scan and upload + env: + PRODUCT_NAME: nginx_documentation_${{ inputs.branch && inputs.branch || github.ref_name }} + PROJECT_NAME: nic + run: java -jar wss-unified-agent.jar -noConfig true -wss.url ${{ secrets.WSS_URL }} -apiKey ${{ secrets.WS_APIKEY_NGINX }} -product ${{ secrets.WS_PRODUCT }} -project ${{ secrets.WS_PROJECT }} -d . \ No newline at end of file