@@ -8,75 +8,6 @@ permissions:
88 id-token : write # Required for OIDC
99
1010jobs :
11- azure-devops-pipelines :
12- name : Azure DevOps Pipelines
13- runs-on : ubuntu-latest
14- steps :
15- - name : Azure Login (OIDC)
16- uses : azure/login@v2
17- with :
18- client-id : ${{ secrets.BOOST_SCAN_RUNNER_ADO_CLIENT_ID }}
19- tenant-id : ${{ secrets.BOOST_SCAN_RUNNER_ADO_TENANT_ID }}
20- allow-no-subscriptions : true
21- - name : Get Azure DevOps Token
22- id : azure-token
23- run : |
24- token=$(az account get-access-token \
25- --resource 499b84ac-1321-427f-aa17-267ca6975798 \
26- --query accessToken -o tsv)
27- echo "token=$token" >> $GITHUB_OUTPUT
28- echo "::add-mask::$token"
29- name : Checkout scanner registry
30- uses : actions/checkout@v4
31- with :
32- fetch-depth : 0 # Need full history to detect changes
33- - name : Run Tests
34- uses : boostsecurityio/scan-test-action@b61411c3651a93be06e3f31490ff6a94e901ae00
35- with :
36- provider : azure-devops
37- provider-config : |
38- {
39- "token": "${{ steps.azure-token.outputs.token }}",
40- "organization": "BoostSecurity",
41- "project": "cicd-tools",
42- "pipeline_id": 1
43- }
44- registry-repo : " ${{ github.repository_owner }}/${{ github.event.repository.name }}"
45- base-ref : " ${{ github.base_ref }}"
46- fallback-scanners : " boostsecurityio/trivy-fs,boostsecurityio/trivy-image"
47- bitbucket-action :
48- name : Bitbucket Pipelines
49- runs-on : ubuntu-latest
50- steps :
51- - name : Generate Bitbucket OAuth Token
52- id : bitbucket-token
53- run : |
54- response=$(curl -s -X POST \
55- "https://bitbucket.org/site/oauth2/access_token" \
56- -u "${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_ID }}:${{ secrets.BOOST_SCAN_RUNNER_BITBUCKET_CLIENT_SECRET }}" \
57- -d "grant_type=client_credentials")
58-
59- token=$(echo "$response" | jq -r '.access_token')
60- echo "token=$token" >> $GITHUB_OUTPUT
61- echo "::add-mask::$token"
62- name : Checkout scanner registry
63- uses : actions/checkout@v4
64- with :
65- fetch-depth : 0 # Need full history to detect changes
66- - name : Run Tests
67- uses : boostsecurityio/scan-test-action@b61411c3651a93be06e3f31490ff6a94e901ae00
68- with :
69- provider : bitbucket
70- provider-config : |
71- {
72- "token": "${{ steps.bitbucket-token.outputs.token }}",
73- "workspace": "boostsecurityio",
74- "repo_slug": "scan-test-runner-bitbucket-pipelines"
75- }
76- registry-repo : " ${{ github.repository_owner }}/${{ github.event.repository.name }}"
77- base-ref : " ${{ github.base_ref }}"
78- fallback-scanners : " boostsecurityio/trivy-fs,boostsecurityio/trivy-image"
79-
8011 github-action :
8112 name : Github Actions
8213 runs-on : ubuntu-latest
@@ -108,25 +39,3 @@ jobs:
10839registry-repo : " ${{ github.repository_owner }}/${{ github.event.repository.name }}"
10940 base-ref : " ${{ github.base_ref }}"
11041 fallback-scanners : " boostsecurityio/trivy-fs,boostsecurityio/trivy-image"
111-
112- gitlab-ci :
113- name : Gitlab-CI
114- runs-on : ubuntu-latest
115- steps :
116- - name : Checkout scanner registry
117- uses : actions/checkout@v4
118- with :
119- fetch-depth : 0 # Need full history to detect changes
120- - name : Run Tests
121- uses : boostsecurityio/scan-test-action@b61411c3651a93be06e3f31490ff6a94e901ae00
122- with :
123- provider : gitlab-ci
124- provider-config : |
125- {
126- "trigger_token": "${{ secrets.BOOST_SCAN_RUNNER_GITLAB_TRIGGER_TOKEN }}",
127- "api_token": "${{ secrets.BOOST_SCAN_RUNNER_GITLAB_READ_TOKEN }}",
128- "project_id": "boostsecurityio/scan-test-runner-gitlab-ci"
129- }
130- registry-repo : " ${{ github.repository_owner }}/${{ github.event.repository.name }}"
131- base-ref : " ${{ github.base_ref }}"
132- fallback-scanners : " boostsecurityio/trivy-fs,boostsecurityio/trivy-image"
0 commit comments