Skip to content

Sync and scan p4jenkins #2639

Sync and scan p4jenkins

Sync and scan p4jenkins #2639

Workflow file for this run

name: Sync and scan p4jenkins
on:
schedule:
- cron: '0 */2 * * *' # every 30 minutes
workflow_dispatch: # on button click
jobs:
sync:
runs-on: ubuntu-latest
steps:
- name: Sync p4jenking from upstream jenkins github
uses: tgymnich/[email protected]
with:
token: ${{ secrets.SYNC_TOKEN }}
owner: jenkinsci
base: master
head: master
repo: p4-plugin
scan:
needs: sync
runs-on: ubuntu-latest
if: always()
steps:
- name: Checkout source code
uses: actions/checkout@v2
- name: Login to docker hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Mend scan
run: |
ls ${{ github.workspace }}
docker pull perforce/ubuntu22-mend
docker run -v ${{ github.workspace }}:/scan \
perforce/ubuntu22-mend bash -c "java -jar /opt/white-source/wss-unified-agent.jar \
-noConfig true \
-d /scan \
-project p4jenkins-main \
-apiKey ${{ secrets.MEND_API_KEY }} \
-userKey ${{ secrets.MEND_USER_KEY }} \
-product p4jenkins \
-wss.url https://saas-eu.whitesourcesoftware.com/agent \
-resolveAllDependencies false \
-maven.resolveDependencies true \
-maven.runPreStep true"
- name: CVE scan
run: |
python3 ${{ github.workspace }}/build_tools/cve-finder.py \
-m p4jenkins \
-b main \
-j P4Jenkins \
-o ${{ secrets.MEND_API_KEY }} \
-k ${{ secrets.MEND_USER_KEY }} \
-u ${{ secrets.JIRA_USER }} \
-p ${{ secrets.JIRA_PASS }}