Simplify dev workflow

Signed-off-by: John Kjell <[email protected]>
testifysec · Dec 9, 2024 · 4feecf9 · 4feecf9
1 parent 4f3922e
commit 4feecf9
Showing 1 changed file with 0 additions and 60 deletions.
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -29,21 +29,6 @@ jobs:
       attestations: "git github environment"
       command: go vet ./...
 
-  # --ignore DL3002    
-  lint:
-    uses: ./.github/workflows/witness.yml
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: lint
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
-      pre-command: |
-        curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
-        chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
-      artifact-upload-name: hadolint.sarif
-      artifact-upload-path: hadolint.sarif
-
   unit-test:
     needs: [ fmt, vet, lint ]
     uses: ./.github/workflows/witness.yml
@@ -55,19 +40,6 @@ jobs:
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
 
-  sast:
-    needs: [ fmt, vet, lint ]
-    uses: ./.github/workflows/witness.yml
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: sast
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
-      pre-command: python3 -m pip install semgrep==1.45.0
-      command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
-      artifact-upload-name: semgrep.sarif
-      artifact-upload-path: semgrep.sarif
-
   build:
     needs: [ unit-test, sast ]
     uses: ./.github/workflows/witness.yml
@@ -128,35 +100,3 @@ jobs:
 
     outputs:
       tags: ${{ steps.meta.outputs.tags }}
-
-  generate-sbom:
-    needs: build-image
-    uses: ./.github/workflows/witness.yml
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: generate-sbom 
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment sbom"
-      artifact-download: image.tar
-      pre-command: |
-        curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
-      command: |
-        syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
-      artifact-upload-name: sbom.cdx.json
-      artifact-upload-path: sbom.cdx.json
-
-  secret-scan:
-    needs: build-image
-    uses: ./.github/workflows/witness.yml
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: secret-scan
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
-      artifact-download: image.tar
-      pre-command: |
-        curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin
-      command: |
-        trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
-      artifact-upload-name: trufflehog.json
-      artifact-upload-path: trufflehog.json