Skip to content

Commit

Permalink
spotless (#115)
Browse files Browse the repository at this point in the history
Co-authored-by: christosservosNCIN <[email protected]>
Co-authored-by: Babis Routis <[email protected]>
  • Loading branch information
3 people authored Mar 5, 2024
1 parent 0aabdab commit 6f214b7
Show file tree
Hide file tree
Showing 6 changed files with 2,293 additions and 0 deletions.
14 changes: 14 additions & 0 deletions .github/workflows/dependencycheck.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: SCA - Dependency Check Caller
on:
push:
branches-ignore:
- 'dependabot/*'
workflow_dispatch:

jobs:
SCA_caller:
uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sca_bt.yml@main
secrets:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
DOJO_URL: ${{ secrets.DOJO_URL }}
13 changes: 13 additions & 0 deletions .github/workflows/gitleaks.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
name: Secret Scanning - Gitleaks Caller
on:
push:
branches-ignore:
- 'dependabot/*'
workflow_dispatch:

jobs:
Secret_Scanning_caller:
uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/secretscanning.yml@main
secrets:
DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
DOJO_URL: ${{ secrets.DOJO_URL }}
16 changes: 16 additions & 0 deletions .github/workflows/sonar.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
name: SAST - SonarCloud (BT) Caller
on:
push:
branches-ignore:
- 'dependabot/*'
pull_request_target:
workflow_dispatch:

jobs:
SAST_caller:
uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sast_bt.yml@main
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
DOJO_URL: ${{ secrets.DOJO_URL }}
11 changes: 11 additions & 0 deletions build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
import org.owasp.dependencycheck.gradle.extension.DependencyCheckExtension
import org.springframework.boot.gradle.tasks.bundling.BootBuildImage
import kotlin.jvm.optionals.getOrNull

Expand All @@ -11,7 +12,10 @@ plugins {
alias(libs.plugins.kotlin.plugin.spring)
alias(libs.plugins.kotlin.plugin.serialization)
alias(libs.plugins.spotless)
alias(libs.plugins.sonarqube)
alias(libs.plugins.dependencycheck)
jacoco

}

repositories {
Expand Down Expand Up @@ -130,3 +134,10 @@ fun getVersionFromCatalog(lookup: String): String {
?.requiredVersion
?: throw GradleException("Version '$lookup' is not specified in the version catalog")
}

val nvdApiKey: String? = System.getenv("NVD_API_KEY") ?: properties["nvdApiKey"]?.toString()
val dependencyCheckExtension = extensions.findByType(DependencyCheckExtension::class.java)
dependencyCheckExtension?.apply {
formats = mutableListOf("XML", "HTML")
nvd.apiKey = nvdApiKey ?: ""
}
5 changes: 5 additions & 0 deletions gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,11 @@ presentationExchange = "0.2.0-SNAPSHOT"
ktlintVersion = "0.50.0"
bouncyCastle = "1.77"
arrow = "1.2.1"
sonarqube = "4.4.1.3373"
dependencycheck = "9.0.9"
jacoco = "0.8.11"


[libraries]
kotlinx-coroutines-test = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-test", version.ref = "coroutines" }
kotlinx-serialization-json = { module = "org.jetbrains.kotlinx:kotlinx-serialization-json", version.ref = "kotlinxSerialization" }
Expand All @@ -33,4 +36,6 @@ spotless = { id = "com.diffplug.spotless", version.ref = "spotless" }
kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" }
kotlin-plugin-spring = { id = "org.jetbrains.kotlin.plugin.spring", version.ref = "kotlin" }
kotlin-plugin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" }
dependencycheck = { id = "org.owasp.dependencycheck", version.ref = "dependencycheck" }
sonarqube = { id = "org.sonarqube", version.ref = "sonarqube" }

Loading

0 comments on commit 6f214b7

Please sign in to comment.