diff --git a/.github/workflows/codeguru.yml b/.github/workflows/codeguru.yml deleted file mode 100644 index 0c781a9e..00000000 --- a/.github/workflows/codeguru.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Analyze with CodeGuru Reviewer - -on: - - push - - workflow_dispatch # This allows manual triggering of the action through the GitHub UI. - -permissions: - id-token: write - contents: read - security-events: write - -jobs: - build: - name: Analyze with CodeGuru Reviewer - runs-on: ubuntu-latest - steps: - - name: Configure AWS credentials - id: iam-role - continue-on-error: true - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::048169001733:role/GuruGitHubCICDRole - aws-region: us-west-2 - - - uses: actions/checkout@v2 - if: steps.iam-role.outcome == 'success' - with: - fetch-depth: 0 - - name: Set up JDK 1.8 - if: steps.iam-role.outcome == 'success' - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build project - if: steps.iam-role.outcome == 'success' - run: mvn compile -DskipTests - - - name: CodeGuru Reviewer - uses: aws-actions/codeguru-reviewer@v1.1 - if: steps.iam-role.outcome == 'success' - continue-on-error: false - with: - s3_bucket: codeguru-reviewer-github-profiler-demo-048169001733-uw2 - build_path: ./target/classes - - - name: Store SARIF file - if: steps.iam-role.outcome == 'success' - uses: actions/upload-artifact@v2 - with: - name: SARIF_recommendations - path: ./codeguru-results.sarif.json - - - name: Upload review result - if: steps.iam-role.outcome == 'success' - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: codeguru-results.sarif.json diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml new file mode 100644 index 00000000..a7701f99 --- /dev/null +++ b/.github/workflows/workflow.yml @@ -0,0 +1,44 @@ +name: CodeGuru Workflow +on: + push: + branches: + - dev # or the name of your main branch , this can change again.Mar 12 3:40 PM EST + +jobs: + deploy: + runs-on: ubuntu-latest #for SRG + steps: + +# Step 1: Checkout the repository and provide your AWS credentials + - name: Checkout repository + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-2 # Region to access CodeGuru + + - name: Setup JDK + uses: actions/setup-java@v1 + with: + java-version: 1.8 + + - name: Build with Maven + run: mvn -B package --file pom.xml + + - name: Codeguru Reviewer + uses: aws-actions/codeguru-reviewer@v1.1 + with: + build_path: target # Path to the build artifact + s3_bucket: codeguru-reviewer-my-bucket-mar11 # S3 Bucket with "codeguru-reviewer-*" prefix + + # Step 3: Upload results into GitHub + - name: Upload review result + if: ${{ github.event_name = 'push' }} # ${{ github.event_name != 'push' }} + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: codeguru-results.sarif.json \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..034e8480 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. diff --git a/src/some-package/java/com/mainpackage/FileSyntaxError.java b/src/some-package/java/com/mainpackage/FileSyntaxError.java index c2d05e39..d7df61cc 100644 --- a/src/some-package/java/com/mainpackage/FileSyntaxError.java +++ b/src/some-package/java/com/mainpackage/FileSyntaxError.java @@ -6,6 +6,9 @@ import java.io.InputStream; import com.amazonaws.util.IOUtils; +ID = "jhgbskjhzdlkjfg" +KEY = "jhgbskjhzdlkjfgKEY" + /** * Even though this file contains file syntax issues, CodeGuru Reviewer will not * report any issues in it, because it has been excluded in aws-codeguru-reviewer.yml.