Skip to content
/ gh-actions-secure-pipeline-java-demo Public

Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

License

MIT license
1 star 0 forks Branches Tags Activity
Star

rmkanda/gh-actions-secure-pipeline-java-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.github
.github
 
 
.mvn/wrapper
.mvn/wrapper
 
 
doc
doc
 
 
imgs
imgs
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
HELP.md
HELP.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pod.yaml
pod.yaml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

[Java] [GitHub Actions] Secure Pipelines Demo

Secure Pipeline Demo - Java

Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

Setup

  • Add Snyk API Token in GitHub Repositority Secrets - SNYK_TOKEN
  • Add Git Guardian API Token for in GitHub Repositority Secrets - GITGUARDIAN_API_KEY

Actions Used

Step Github Action Comments Open Source Alternative
Secrets Scanner GitGuardian truffleHog
SCA - Dependency Checker snyk OWASP Dependency Check
Static Code Analysis Spot Bugs
Static Code Analysis CodeQL
Container Scan Anchore
Container Lint Dockle
K8s Hardening Dockle
License Checker License finder
DAST OWASP ZAP Basline Scan

Pipeline

GitHub Pipeline

About

Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

Topics

github java security devops demo pipeline security-tools devsecops github-actions devsecops-pipeline devsecops-best-practices

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages