java-maven_sca_scan_test #141

	# This is a basic workflow to help you get started with Actions

	name: Java Maven SAST CI

	# Controls when the action will run. Triggers the workflow on push or pull request
	# events but only for the master branch
	on:
	push:
	branches: [ master ]
	pull_request:
	branches: [ master ]
	repository_dispatch:

	# A workflow run is made up of one or more jobs that can run sequentially or in parallel
	jobs:
	# This workflow contains a single job called "build"
	build:
	# The type of runner that the job will run on
	runs-on: ubuntu-latest
	container:
	image: cdefense/sast-scan
	options: -v /__w/vulnerable-java-maven/vulnerable-java-maven/target:/app -e "WORKSPACE=/__w/vulnerable-java-maven/vulnerable-java-maven/target"

	# Steps represent a sequence of tasks that will be executed as part of the job
	steps:
	# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
	- uses: actions/checkout@v2

	- name: Set up JDK 1.8
	uses: actions/setup-java@v1
	with:
	java-version: 1.8

	# Build with Maven
	- name: Build with Maven
	run: \|
	echo $JAVA_HOME
	java -version
	mvn clean install

	# Run SAST scan
	- name: SAST Scan
	env:
	SAST_SCAN_URL: https://cd-scanner.herokuapp.com/scan/sast
	run: python3 /usr/local/src/scan --src /__w/vulnerable-java-maven/vulnerable-java-maven/target --type java --app_name vulnerable-java-maven --api-key ${{ secrets.CD_API_KEY }}

Provide feedback