From dfcc7019dcb0adecd89a6017e0905b1f0c188e61 Mon Sep 17 00:00:00 2001 From: Connel McGovern <100574906+mcgovc@users.noreply.github.com> Date: Fri, 2 Jun 2023 17:53:24 +0100 Subject: [PATCH 1/3] ES-562: Correct modules to scan for C4 OS Snyk scan nightly --- .ci/dev/nightly-regression/JenkinsfileSnykScan | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/dev/nightly-regression/JenkinsfileSnykScan b/.ci/dev/nightly-regression/JenkinsfileSnykScan index 564bb516a9..6c0f81d698 100644 --- a/.ci/dev/nightly-regression/JenkinsfileSnykScan +++ b/.ci/dev/nightly-regression/JenkinsfileSnykScan @@ -3,5 +3,5 @@ cordaSnykScanPipeline ( snykTokenId: 'c4-os-snyk-api-token-secret', // specify the Gradle submodules to scan and monitor on snyk Server - modulesToScan: ['node', 'capsule', 'bridge', 'bridgecapsule'] + modulesToScan: ['node', 'capsule'] ) From ac9f3c150fd9983bfbb8fe8097e233f1c801f7a1 Mon Sep 17 00:00:00 2001 From: Connel McGovern Date: Fri, 2 Jun 2023 17:53:24 +0100 Subject: [PATCH 2/3] Include 'ES' jira code in PR title check --- .github/workflows/check-pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check-pr-title.yml b/.github/workflows/check-pr-title.yml index a27b6c02e4..f99824a302 100644 --- a/.github/workflows/check-pr-title.yml +++ b/.github/workflows/check-pr-title.yml @@ -9,6 +9,6 @@ jobs: steps: - uses: morrisoncole/pr-lint-action@v1.4.1 with: - title-regex: '^((CORDA|AG|EG|ENT|INFRA|NAAS)-\d+|NOTICK)(.*)' + title-regex: '^((CORDA|AG|EG|ENT|INFRA|ES)-\d+|NOTICK)(.*)' on-failed-regex-comment: "PR title failed to match regex -> `%regex%`" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 596b51c2fd58b90a8a6e65d737a384edb286ea00 Mon Sep 17 00:00:00 2001 From: Connel McGovern Date: Tue, 6 Jun 2023 16:43:28 +0100 Subject: [PATCH 3/3] Removing bridge/bridgecapsule from main release branch CI pipeline --- .ci/dev/regression/Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/dev/regression/Jenkinsfile b/.ci/dev/regression/Jenkinsfile index 1ce7245e68..1c3b7ed64c 100644 --- a/.ci/dev/regression/Jenkinsfile +++ b/.ci/dev/regression/Jenkinsfile @@ -90,7 +90,7 @@ pipeline { steps { script { // Invoke Snyk for each Gradle sub project we wish to scan - def modulesToScan = ['node', 'capsule', 'bridge', 'bridgecapsule'] + def modulesToScan = ['node', 'capsule'] modulesToScan.each { module -> snykSecurityScan("${env.SNYK_API_KEY}", "--sub-project=$module --configuration-matching='^runtimeClasspath\$' --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'") }