Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include publish to maven local for the whitesource scan to mitigate build failures in the plugin repos. #3

Merged
merged 12 commits into from
Apr 22, 2021
Merged

Include publish to maven local for the whitesource scan to mitigate build failures in the plugin repos. #3

Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
f8ae030
scan alerting
sreekarjami Apr 21, 2021
68ae77c
scan alerting
sreekarjami Apr 21, 2021
9f41434
scan alerting
sreekarjami Apr 21, 2021
17a604a
scan all opensearch plugins
sreekarjami Apr 21, 2021
eddd419
scan all opensearch plugins
sreekarjami Apr 22, 2021
a5f77a0
scan all plugins
sreekarjami Apr 22, 2021
2373140
scan all repos
sreekarjami Apr 22, 2021
15cffa1
scan all repos
sreekarjami Apr 22, 2021
c114fbc
add step to publish to local maven
sreekarjami Apr 22, 2021
cef112b
add step to publish to local maven
sreekarjami Apr 22, 2021
6ba8325
add comments in the workflow
sreekarjami Apr 22, 2021
50836e3
add comments in the workflow
sreekarjami Apr 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion .github/workflows/check-vulnerability-whitesource.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
strategy:
fail-fast: false
matrix:
java: [11]
java: [14]
go-version: [1.14]
steps:
- uses: actions/checkout@v1
Expand All @@ -44,6 +44,13 @@ jobs:
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
- uses: actions/checkout@v1
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_MAVEN_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_MAVEN_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- name: Vulnerability Scan
id: vulnerability_scan
env:
Expand All @@ -62,6 +69,11 @@ jobs:
sudo yum install yarn -y
export PATH=$PATH:/opt/gradle/gradle-6.7/bin
gradle -v; mvn -v ; npm -v; yarn -v
# This step is needed to avoid build failures in few plugins
# No ETA on when this dependency can be removed
git clone https://github.com/opensearch-project/OpenSearch.git
cd OpenSearch
gradle publishToMavenLocal; cd ..
sreekarjami marked this conversation as resolved.
Show resolved Hide resolved
./wss-scan.sh
echo ::set-output name=mail_content::$(cat output.md)
cat whitesource/*/*
Expand Down