ibm-skills-network · reevejd · Apr 4, 2024 · Mar 25, 2024 · Apr 4, 2024 · Apr 4, 2024
@@ -0,0 +1,38 @@
+name: Contrast SAST Scan
+
+on:
+  workflow_dispatch:
+
+jobs:
+  sast-scan:
+    runs-on: ubuntu-latest
+    name: Run Contrast SAST Scan
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v2
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: Run Contrast SAST Scan
+        uses: ./
+        with:
+          contrast-api-url: ${{ vars.CONTRAST_API_URL }}
+          jfrog-token: ${{ secrets.JFROG_TOKEN }}
+          contrast-api-agent-version: ${{ vars.CONTRAST_AGENT_VERSION }}
+          contrast-api-user-name: ${{ secrets.CONTRAST_API_USER_NAME }}
+          contrast-api-api-key: ${{ secrets.CONTRAST_API_API_KEY }}
+          contrast-api-service-key: ${{ secrets.CONTRAST_API_SERVICE_KEY }}
+          contrast-api-organization: ${{ secrets.CONTRAST_API_ORGANIZATION }}
+          contrast-api-auth-token: ${{ secrets.CONTRAST_AUTH_TOKEN }}
+          contrast-api-resource-group: ${{ vars.CONTRAST_RESOURCE_GROUP }}
+
+      # - name: Upload SAST Scan Results
+      #   uses: actions/upload-artifact@v2
+      #   with:
+      #     name: sast-scan-results
+      #     path: path/to/scan-results #Update this path
@@ -1,3 +1,37 @@
-# Repository CODEOWNERS
+* @ibm-skills-network/security
 
-* @actions/actions-oss-maintainers
+yarn.lock
+package.json
+
+
+#### Organization Synced Configuration Below ####
+# If you want to add to the below, please do so in the security-compliance-automation repo and sync the file to every repo
+
+# Python
+requirements.txt
+pipfile.toml
+pipfile.lock
+pyproject.toml
+poetry.lock
+setup.py
+setup.cfg
+environment.yml
+
+# JavaScript
+package.json
+package-lock.json
+yarn.lock
+pnpm-lock.yaml
+
+# Go
+go.mod
+go.sum
+
+# Ruby
+Gemfile
+Gemfile.lock
+
+# Elixer, Erlang
+mix.exs
+mix.lock
+rebar.config
@@ -5,7 +5,7 @@
 import * as main from '../src/main'
 
 // Mock the action's entrypoint
-const runMock = jest.spyOn(main, 'run').mockImplementation()
+const runMock = jest.spyOn(main, 'runSastScan').mockImplementation()
 
 describe('index', () => {
   it('calls run when imported', async () => {

@@ -6,84 +6,5 @@
  * variables following the pattern `INPUT_<INPUT_NAME>`.
  */
 
-import * as core from '@actions/core'
-import * as main from '../src/main'
 
-// Mock the action's main function
-const runMock = jest.spyOn(main, 'run')
-
-// Other utilities
-const timeRegex = /^\d{2}:\d{2}:\d{2}/
-
-// Mock the GitHub Actions core library
-let debugMock: jest.SpiedFunction<typeof core.debug>
-let errorMock: jest.SpiedFunction<typeof core.error>
-let getInputMock: jest.SpiedFunction<typeof core.getInput>
-let setFailedMock: jest.SpiedFunction<typeof core.setFailed>
-let setOutputMock: jest.SpiedFunction<typeof core.setOutput>
-
-describe('action', () => {
-  beforeEach(() => {
-    jest.clearAllMocks()
-
-    debugMock = jest.spyOn(core, 'debug').mockImplementation()
-    errorMock = jest.spyOn(core, 'error').mockImplementation()
-    getInputMock = jest.spyOn(core, 'getInput').mockImplementation()
-    setFailedMock = jest.spyOn(core, 'setFailed').mockImplementation()
-    setOutputMock = jest.spyOn(core, 'setOutput').mockImplementation()
-  })
-
-  it('sets the time output', async () => {
-    // Set the action's inputs as return values from core.getInput()
-    getInputMock.mockImplementation(name => {
-      switch (name) {
-        case 'milliseconds':
-          return '500'
-        default:
-          return ''
-      }
-    })
-
-    await main.run()
-    expect(runMock).toHaveReturned()
-
-    // Verify that all of the core library functions were called correctly
-    expect(debugMock).toHaveBeenNthCalledWith(1, 'Waiting 500 milliseconds ...')
-    expect(debugMock).toHaveBeenNthCalledWith(
-      2,
-      expect.stringMatching(timeRegex)
-    )
-    expect(debugMock).toHaveBeenNthCalledWith(
-      3,
-      expect.stringMatching(timeRegex)
-    )
-    expect(setOutputMock).toHaveBeenNthCalledWith(
-      1,
-      'time',
-      expect.stringMatching(timeRegex)
-    )
-    expect(errorMock).not.toHaveBeenCalled()
-  })
-
-  it('sets a failed status', async () => {
-    // Set the action's inputs as return values from core.getInput()
-    getInputMock.mockImplementation(name => {
-      switch (name) {
-        case 'milliseconds':
-          return 'this is not a number'
-        default:
-          return ''
-      }
-    })
-
-    await main.run()
-    expect(runMock).toHaveReturned()
-
-    // Verify that all of the core library functions were called correctly
-    expect(setFailedMock).toHaveBeenNthCalledWith(
-      1,
-      'milliseconds not a number'
-    )
-    expect(errorMock).not.toHaveBeenCalled()
-  })
-})
+// TODO