OWASP Dependency-Check #269

Workflow file for this run

.github/workflows/dependency-check.yml at 7defb56

	name: OWASP Dependency-Check

	on:
	schedule:
	- cron: '0 16 /2 *' # Schedule for bi-daily run at midnight Singapore Time

	jobs:
	owasp-dependency-check:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout Repository with Token
	uses: actions/checkout@v4
	with:
	token: ${{ secrets.GH_PAT }}

	- name: Run OWASP Dependency-Check
	if: github.ref == 'refs/heads/main'
	id: owasp-check
	run: \|
	# Download and set up Dependency-Check
	curl -LO https://github.com/jeremylong/DependencyCheck/releases/download/v7.3.0/dependency-check-7.3.0-release.zip
	unzip dependency-check-7.3.0-release.zip
	chmod +x dependency-check/bin/dependency-check.sh

	# Run Dependency-Check and capture the JSON output to a file
	./dependency-check/bin/dependency-check.sh --project "Dependency Check Example" --scan . --out /tmp --format JSON

	# Move the JSON report to the 'github-actions' folder
	mv -f /tmp/dependency-check-report.json ${{ github.workspace }}/CICD-Tooling/github-actions/dependency-check-report.json
	env:
	MAVEN_OPTS: -Dmaven.repo.local=${{ runner.workspace }}/.m2/repository
	MVNW_HOME: ./mvnw

	- name: Commit Dependency Report
	if: github.ref == 'refs/heads/main'
	run: \|
	git config user.email ${{ secrets.GIT_USER_EMAIL }}
	git config user.name "Coolbreeze151"
	git pull
	git add ${{ github.workspace }}/DevOpsRoadmap/CICD-Tooling/github-actions/dependency-check-report.json
	git commit -m "Add Dependency-Check JSON report"
	git push origin HEAD:main

	- name: Upload Dependency-Check Report
	if: github.ref == 'refs/heads/main'
	uses: actions/upload-artifact@v3
	with:
	name: dependency-check-report
	path: ${{ github.workspace }}/DevOpsRoadmap/CICD-Tooling/github-actions/dependency-check-report.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OWASP Dependency-Check #269

Workflow file

OWASP Dependency-Check #269

Jobs

Run details

Workflow file for this run