Added veracode executed attestation to frontend

.github/workflows/build-frontend.yml

@@ -78,6 +78,19 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: Run veracode scan
+        # We have not set up veracode, we just use some saved result files
+        run: cp testfiles/veracode-scan-errors-1.json static-scan-frontend.json
+
+      - name: Create veracode summary
+        run: ./scripts/create-veracode-summary-file.sh static-scan-frontend.json static-scan-summary-frontend.json
+
+      - name: Attest veracode executed
+        if: ${{ github.ref == 'refs/heads/main' }}
+        uses: ./.github/actions/kosli-attest-veracode-executed
+        with:
+          veracode-summary-file: static-scan-summary-frontend.json
+
 
   assert-artifacts:
     name: Assert artifacts

apps/backend/backend-content.txt

@@ -1,4 +1,4 @@
 This is just a file to test out that changes to back-end source code
 can trigger a build, reporting to Kosli
 
-counter=4
+counter=5

apps/backend/kosli-template.yml

@@ -1,9 +1,9 @@
 version: 1
 trail:
     attestations:
-#        - name: veracode-scan
-#          type: '*'
         - name: pull-request
           type: pull_request
+        - name: veracode-executed
+          type: custom:veracode-executed
     artifacts:
         - name: backend

apps/frontend/frontend-content.txt

@@ -1,4 +1,4 @@
 This is just a file to test out that changes to front-end source code
 can trigger a build, reporting to Kosli
 
-counter=3
+counter=4

apps/frontend/kosli-template.yml

@@ -1,9 +1,9 @@
 version: 1
 trail:
     attestations:
-#        - name: veracode-scan
-#          type: '*'
         - name: pull-request
           type: pull_request
+        - name: veracode-executed
+          type: custom:veracode-executed
     artifacts:
         - name: frontend