Skip to content

Commit

Permalink
docs: update readme
Browse files Browse the repository at this point in the history
  • Loading branch information
gipo355 committed Jun 10, 2024
1 parent 0e14b46 commit b40ff10
Showing 1 changed file with 15 additions and 2 deletions.
17 changes: 15 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ test

### Github Actions

Must be buildable and pass all checks with `gradlew buildWaf`
Must be buildable and pass all checks with `gradlew buildWar`

Verifies the war is runnable with a health check http request on the container.

Expand All @@ -43,7 +43,9 @@ Verifies the war is runnable with a health check http request on the container.
- codeql
- dependency review
- dependabot security alerts
- snyk
- snyk open source
- snyk container
- snyk code

### Dynamic Application Security Testing (DAST)

Expand All @@ -59,6 +61,17 @@ Verifies the war is runnable with a health check http request on the container.
- wapiti
- others

### Sarif Reports

sarif reports can be uploaded to github with the `upload-sarif` action

they provide a standard format for static analysis tools, and can be used in github security tab
to have a better overview of the vulnerabilities and identify the tools that generated them

👷 In progress: sarif reports

Must convert manually zap, nmap, fix snyk

### Auto upload images

- dockerhub (gipo999/tomcat-webapp-boilerplate)
Expand Down

0 comments on commit b40ff10

Please sign in to comment.