diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index b807343..4695513 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -1,24 +1,55 @@ -name: cx +# This is a basic workflow to create GitHub Issues using the Checkmarx CxFlow GitHub Action. It runs on a pull-request to the main branch. +# +# The following GitHub Secrets must be first defined: +# - CHECKMARX_URL +# - CHECKMARX_USER +# - CHECKMARX_PASSWORD +# - CHECKMARX_CLIENT_SECRET +# - GH_TOKEN +# +# Update the 'team' field to reflect the team name used in Checkmarx. +# +# For full documentation,including a list of all inputs, please refer to the README https://github.com/checkmarx-ts/checkmarx-cxflow-github-action + +name: CxFlow-GitHub-Pull-Request + +# Controls when the action will run. Triggers the workflow on push or pull request events but only for the master branch on: pull_request: + types: [opened, reopened, synchronize] #Types specify which pull request events will trigger the workflow. For more events refer Github Actions documentation. branches: - - master -# push: + - master + - main + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel - this job is specifically configured to use the Checkmarx CxFlow Action jobs: - ast_scan: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on - Ubuntu is required as Docker is leveraged for the action runs-on: ubuntu-latest - name: Checkmarx scan run steps: - - name: Run scan - uses: CheckmarxDev/ast-github-action@more_engines - id: scan - with: - github_repo_token: ${{ secrets.GITHUB_TOKEN }} - ast_uri: ${{ secrets.AST_URI }} - ast_access_key_id: ${{ secrets.AST_ACCESS_KEY_ID }} - ast_access_key_secret: ${{ secrets.AST_ACCESS_KEY_SECRET }} - sca_user: ${{ secrets.SCA_USER }} - sca_password: ${{ secrets.SCA_PASSWORD }} - action_scan_complete_timeout_secs: 600 - high_results_threshold: 0 - medium_results_threshold: 10 + - uses: actions/checkout@v3 + - uses: actions/setup-python@v4 + with: + python-version: '3.x' # Version range or exact version of a Python version to use, using SemVer's version range syntax + architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - run: python my_script.py + - uses: actions/checkout@v2 + - name: Checkmarx CxFlow Action + uses: checkmarx-ts/checkmarx-cxflow-github-action@v1.1 + with: + project: ${{ secrets.CHECKMARX_PROJECT }} + team: /CxServer + checkmarx_url: ${{ secrets.CHECKMARX_URL }} # To be stored in GitHub Secrets. + checkmarx_username: ${{ secrets.CHECKMARX_USERNAME }} # To be stored in GitHub Secrets. + checkmarx_password: ${{ secrets.CHECKMARX_PASSWORD }} # To be stored in GitHub Secrets. + checkmarx_client_secret: ${{ secrets.CHECKMARX_CLIENT_SECRET }} # To be stored in GitHub Secrets. + sca_tenant: ${{ secrets.SCA_TENANT }} + sca_username: ${{ secrets.SCA_USERNAME }} + sca_password: ${{ secrets.SCA_PASSWORD }} + incremental: false + break_build: false + scanners: sca, sast + bug_tracker: GITHUBPULL + params: --namespace=${{ github.repository_owner }} --repo-name=${{ github.event.repository.name }} --branch=${{ github.head_ref }} --merge-id=${{ github.event.number }} diff --git a/README.md b/README.md index 80e96b0..a8a1589 100644 --- a/README.md +++ b/README.md @@ -2,12 +2,12 @@ This is a "Vulnerable" Web Application developed by Cyber Security and Privacy Foundation(www.cysecurity.org). This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code.123 -**The full course content is now available on Github for free:** +***The full course content is now available on Github for free:*** https://github.com/CSPF-Founder/JavaSecurityCourse - -**The full course on Hacking and Securing Web Java Programs is available in** +**Test +***The full course on Hacking and Securing Web Java Programs is available in*** https://www.udemy.com/hacking-securing-java-web-programming/