From 6538668c043ac0e0813ce750565a1c28f4b76810 Mon Sep 17 00:00:00 2001 From: tanya732 <“sinha.tanya26@gmail.com”> Date: Wed, 30 Oct 2024 00:09:11 +0530 Subject: [PATCH] added rl-scanner modifications --- .github/workflows/release.yml | 5 +++-- .github/workflows/rl-secure.yml | 26 +++++++++++--------------- lib/build.gradle | 4 ++-- 3 files changed, 16 insertions(+), 19 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e470ad40..e34417d2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,7 @@ on: permissions: contents: write + id-token: write # This is required for requesting the JWT ### TODO: Replace instances of './.github/workflows/' w/ `auth0/dx-sdk-actions/workflows/` and append `@latest` after the common `dx-sdk-actions` repo is made public. ### TODO: Also remove `get-prerelease`, `get-release-notes`, `get-version`, `maven-publish`, `release-create`, and `tag-exists` actions from this repo's .github/actions folder once the repo is public. @@ -20,7 +21,7 @@ jobs: rl-scanner: uses: ./.github/workflows/rl-secure.yml with: - java-version: 8.0.382-tem + java-version: 11 artifact-name: 'java-jwt.jar' secrets: RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }} @@ -32,7 +33,7 @@ jobs: release: uses: ./.github/workflows/java-release.yml with: - java-version: 8.0.382-tem + java-version: 11.0.21-tem secrets: ossr-username: ${{ secrets.OSSR_USERNAME }} ossr-token: ${{ secrets.OSSR_TOKEN }} diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml index 114e2468..6d620fbb 100644 --- a/.github/workflows/rl-secure.yml +++ b/.github/workflows/rl-secure.yml @@ -24,8 +24,7 @@ on: required: true jobs: - rl-scanner: - name: Run Reversing Labs Scanner + checkout-build-scan-only: ### if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/')) runs-on: ubuntu-latest outputs: @@ -37,6 +36,12 @@ jobs: with: fetch-depth: 0 + - name: Set up Java + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: ${{ inputs.java-version }} + - name: Build with Gradle uses: gradle/gradle-build-action@a4cf152f482c7ca97ef56ead29bf08bcd953284c with: @@ -44,26 +49,17 @@ jobs: - name: Get Artifact Version id: get_version - run: echo "::set-output name=version::$(cat .version)" + uses: ./.github/actions/get-version - - name: List build/libs contents - run: ls -la build/libs - - - name: Output build artifact - id: output_build_artifact + - name: Create tgz build artifact run: | - echo "scanfile=$(pwd)/build/libs/java-jwt-${{ steps.get_version.outputs.version }}.jar" >> $GITHUB_OUTPUT - - name: Use scanfile - run: echo "The scanfile is ${{ steps.output_build_artifact.outputs.scanfile }}" - - - name: Echo version - run: echo "The version is ${{ steps.get_version.outputs.version }}" + tar -czvf ${{ inputs.artifact-name }} * - name: Run RL Scanner id: rl-scan-conclusion uses: ./.github/actions/rl-scanner with: - artifact-path: "$(pwd)/build/libs/java-jwt-${{ steps.get_version.outputs.version }}-SNAPSHOT.jar" + artifact-path: "$(pwd)/${{ inputs.artifact-name }}" version: "${{ steps.get_version.outputs.version }}" env: RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }} diff --git a/lib/build.gradle b/lib/build.gradle index aa134c32..bcd26ee9 100644 --- a/lib/build.gradle +++ b/lib/build.gradle @@ -35,7 +35,7 @@ def signingKey = findProperty('signingKey') def signingKeyPwd = findProperty('signingPassword') oss { - name "java jwt" + name "java-jwt" repository "java-jwt" organization "auth0" description "Java implementation of JSON Web Token (JWT)" @@ -64,7 +64,7 @@ signing { java { toolchain { - languageVersion = JavaLanguageVersion.of(11) + languageVersion = JavaLanguageVersion.of(8) } }