Endor Labs Scan Java Project #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Endor Labs Scan Java Project | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| java_version: | |
| description: "The version of Java to be used for build" | |
| default: "1.8" | |
| required: true | |
| jobs: | |
| clone-build-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: zulu | |
| java-version: ${{ github.event.inputs.java_version }} | |
| gpg-private-key: ${{ secrets.GPG_KEY }} # Value of the GPG private key to import | |
| gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} # env variable for GPG private key passphrase | |
| - name: Create env | |
| id: create-env | |
| run: | | |
| touch .env | |
| echo SKYFLOW_CREDENTIALS=${{ secrets.SKYFLOW_CREDENTIALS }} >> .env | |
| echo TEST_EXPIRED_TOKEN=${{ secrets.TEST_EXPIRED_TOKEN }} >> .env | |
| echo TEST_REUSABLE_TOKEN=${{ secrets.TEST_REUSABLE_TOKEN }} >> .env | |
| - name: create-json | |
| id: create-json | |
| uses: jsdaniell/create-json@1.1.2 | |
| with: | |
| name: "credentials.json" | |
| json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }} | |
| - name: Compile Package | |
| run: mvn clean install | |
| - name: Endor Labs SCA Scan | |
| uses: endorlabs/github-action@main | |
| with: | |
| namespace: "skyflow" | |
| api: "https://api.endorlabs.com" | |
| pr: false | |
| enable_github_action_token: true | |
| scan_dependencies: true | |
| additional_args: "--as-default-branch --call-graph-languages=java" |