Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 0 additions & 71 deletions .github/actions/rl-scanner/action.yml

This file was deleted.

2 changes: 2 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,11 @@ jobs:
RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
SIGNAL_HANDLER_DOMAIN: ${{ secrets.SIGNAL_HANDLER_DOMAIN }}
PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
PRODSEC_PYTHON_TOOLS_REPO: ${{ secrets.PRODSEC_PYTHON_TOOLS_REPO }}
release:
uses: ./.github/workflows/java-release.yml
needs: rl-scanner
Expand Down
20 changes: 13 additions & 7 deletions .github/workflows/rl-scanner.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,22 @@ on:
required: true
SIGNAL_HANDLER_TOKEN:
required: true
SIGNAL_HANDLER_DOMAIN:
required: true
PRODSEC_TOOLS_USER:
required: true
PRODSEC_TOOLS_TOKEN:
required: true
PRODSEC_TOOLS_ARN:
required: true
PRODSEC_PYTHON_TOOLS_REPO:
required: true
jobs:
checkout-build-scan-only:
if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
runs-on: ubuntu-latest
outputs:
scan-status: ${{ steps.rl-scan-conclusion.outcome }}
scan-status: ${{ steps.rl-scan-conclusion.outputs.scan-status }}

steps:
- name: Checkout code
Expand All @@ -54,17 +58,19 @@ jobs:

- name: Run RL Scanner
id: rl-scan-conclusion
uses: ./.github/actions/rl-scanner
uses: auth0/devsecops-tooling/.github/actions/rl-scan@main
with:
artifact-path: "$(pwd)/${{ inputs.artifact-name }}"
version: "${{ steps.get_version.outputs.version }}"
env:
artifact-name: ${{ github.event.repository.name }}
artifact-path: "${{ github.workspace }}/${{ inputs.artifact-name }}"
version: ${{ steps.get_version.outputs.version }}
RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
SIGNAL_HANDLER_DOMAIN: ${{ secrets.SIGNAL_HANDLER_DOMAIN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
PRODSEC_PYTHON_TOOLS_REPO: ${{ secrets.PRODSEC_PYTHON_TOOLS_REPO }}

- name: Output scan result
run: echo "scan-status=${{ steps.rl-scan-conclusion.outcome }}" >> $GITHUB_ENV
run: echo "scan-status=${{ steps.rl-scan-conclusion.outputs.scan-status }}" >> $GITHUB_ENV
6 changes: 3 additions & 3 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ logger.lifecycle("Using version ${version} for ${name} group $group")
dependencies {
// Core dependencies
api 'com.squareup.okhttp3:okhttp:5.2.1'
api 'com.fasterxml.jackson.core:jackson-databind:2.21.2'
api 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.21.2'
api 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.21.2'
api 'com.fasterxml.jackson.core:jackson-databind:2.21.4'
api 'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.21.4'
api 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.21.4'

// Dependencies for legacy management code from auth0-real
implementation 'com.squareup.okhttp3:logging-interceptor:5.2.1'
Expand Down
Loading