Merge pull request #7390 from corda/connelm/ES-562/snyk-submodules-to-scan48

ES-562: Correct modules to scan for C4 OS Snyk scan nightly
This commit is contained in:
Adel El-Beik 2023-06-06 17:36:09 +01:00 committed by GitHub
commit 746e16bca0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions

View File

@ -3,5 +3,5 @@
cordaSnykScanPipeline ( cordaSnykScanPipeline (
snykTokenId: 'c4-os-snyk-api-token-secret', snykTokenId: 'c4-os-snyk-api-token-secret',
// specify the Gradle submodules to scan and monitor on snyk Server // specify the Gradle submodules to scan and monitor on snyk Server
modulesToScan: ['node', 'capsule', 'bridge', 'bridgecapsule'] modulesToScan: ['node', 'capsule']
) )

View File

@ -90,7 +90,7 @@ pipeline {
steps { steps {
script { script {
// Invoke Snyk for each Gradle sub project we wish to scan // Invoke Snyk for each Gradle sub project we wish to scan
def modulesToScan = ['node', 'capsule', 'bridge', 'bridgecapsule'] def modulesToScan = ['node', 'capsule']
modulesToScan.each { module -> modulesToScan.each { module ->
snykSecurityScan("${env.SNYK_API_KEY}", "--sub-project=$module --configuration-matching='^runtimeClasspath\$' --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'") snykSecurityScan("${env.SNYK_API_KEY}", "--sub-project=$module --configuration-matching='^runtimeClasspath\$' --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'")
} }

View File

@ -9,6 +9,6 @@ jobs:
steps: steps:
- uses: morrisoncole/pr-lint-action@v1.4.1 - uses: morrisoncole/pr-lint-action@v1.4.1
with: with:
title-regex: '^((CORDA|AG|EG|ENT|INFRA|NAAS)-\d+|NOTICK)(.*)' title-regex: '^((CORDA|AG|EG|ENT|INFRA|ES)-\d+|NOTICK)(.*)'
on-failed-regex-comment: "PR title failed to match regex -> `%regex%`" on-failed-regex-comment: "PR title failed to match regex -> `%regex%`"
repo-token: "${{ secrets.GITHUB_TOKEN }}" repo-token: "${{ secrets.GITHUB_TOKEN }}"