Skip to content

Commit da96808

Browse files
author
Tim Middleton
authored
Add trivy scan (#62)
* Add trivy scan * update ci/cd * Bump version of Jackson
1 parent 5ac38be commit da96808

File tree

2 files changed

+65
-1
lines changed

2 files changed

+65
-1
lines changed

.github/workflows/build-trivy.yaml

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
#
2+
# Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
3+
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4+
#
5+
# This code is free software; you can redistribute it and/or modify it
6+
# under the terms of the GNU General Public License version 2 only, as
7+
# published by the Free Software Foundation. Oracle designates this
8+
# particular file as subject to the "Classpath" exception as provided
9+
# by Oracle in the LICENSE file that accompanied this code.
10+
#
11+
# This code is distributed in the hope that it will be useful, but WITHOUT
12+
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13+
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14+
# version 2 for more details (a copy is included in the LICENSE file that
15+
# accompanied this code).
16+
#
17+
# You should have received a copy of the GNU General Public License version
18+
# 2 along with this work; if not, write to the Free Software Foundation,
19+
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20+
#
21+
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22+
# or visit www.oracle.com if you need additional information or have any
23+
# questions.
24+
#
25+
26+
# ---------------------------------------------------------------------------
27+
# Coherence VisualVM Plugin Actions Scheduled Trivy Scan
28+
# ---------------------------------------------------------------------------
29+
name: Scheduled Trivy Scan
30+
31+
on:
32+
workflow_dispatch:
33+
push:
34+
branches:
35+
- '*'
36+
schedule:
37+
# Every day at midnight
38+
- cron: '0 0 * * *'
39+
40+
jobs:
41+
build:
42+
runs-on: ubuntu-latest
43+
44+
# Checkout the source, we need a depth of zero to fetch all of the history otherwise
45+
# the copyright check cannot work out the date of the files from Git.
46+
steps:
47+
- uses: actions/checkout@v3
48+
with:
49+
fetch-depth: 0
50+
51+
- name: Set up JDK
52+
uses: actions/setup-java@v3
53+
with:
54+
java-version: '11'
55+
distribution: 'zulu'
56+
57+
- name: Trivy Scan
58+
shell: bash
59+
run: |
60+
DIR=`mktemp -d`
61+
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ${DIR} v0.38.3
62+
${DIR}/trivy fs --exit-code 1 .
63+
64+

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@
6363
--add-opens=java.base/java.net=ALL-UNNAMED
6464
</failsafe.argLine>
6565
<groovy.version>3.0.12</groovy.version>
66-
<jackson.version>2.13.3</jackson.version>
66+
<jackson.version>2.13.5</jackson.version>
6767
<jackson.databind.version>${jackson.version}</jackson.databind.version>
6868
<java.version>1.8</java.version>
6969
<java.version.eight>1.8</java.version.eight>

0 commit comments

Comments
 (0)