Add GitHub workflows for build, dependency check, secret scanning, an…

…d SonarCloud analysis; update Package.resolved and add CODEOWNERS file
eu-digital-identity-wallet · Nov 17, 2024 · d9030e8 · d9030e8
1 parent fb7b7b3
commit d9030e8
Show file tree

Hide file tree

Showing 6 changed files with 73 additions and 4 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @eu-digital-identity-wallet/niscy-admins
diff --git a/.github/workflows/build-package.yml b/.github/workflows/build-package.yml
@@ -0,0 +1,22 @@
+---
+name: build-package
+on:
+  pull_request:
+    types: [opened, reopened]
+  push:
+    branches: ['main']
+    tags: [ v* ]
+jobs:
+  build:
+    runs-on: "macos-14"
+    steps:
+      - uses: maxim-lobanov/setup-xcode@v1
+        with:
+          xcode-version: '16.0'
+      - name: Get swift version
+        run: swift --version
+      - uses: actions/checkout@v4
+      - name: Build
+        run: swift build
+      - name: Run tests
+        run: swift test
diff --git a/.github/workflows/dependencycheck.yml b/.github/workflows/dependencycheck.yml
@@ -0,0 +1,15 @@
+name: SCA - Dependency-Check Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  workflow_dispatch:
+
+jobs:
+
+ SCA_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sca.yml@main
+      secrets:
+       NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
@@ -0,0 +1,14 @@
+name: Secret Scanning - Gitleaks Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  workflow_dispatch:
+
+jobs:
+
+  Secret_Scanning_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/secretscanning.yml@main
+      secrets:
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}
diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
@@ -0,0 +1,17 @@
+name: SAST - SonarCloud Caller
+on:
+  push:
+    branches-ignore:
+      - 'dependabot/**'
+  pull_request_target:
+  workflow_dispatch:
+
+jobs:
+
+   SAST_caller:
+      uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sast_action.yml@main
+      secrets:
+       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+       GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+       DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }}
+       DOJO_URL: ${{ secrets.DOJO_URL }}
diff --git a/Package.resolved b/Package.resolved
@@ -1,13 +1,13 @@
 {
-  "originHash" : "fae81f6b1e0612c6a226b698efc30c0371654cbc54cc06eb304e3d22aa1ceb49",
+  "originHash" : "67d6e755c4890cdfcb60930d0b952815385f42101d98ff3d40456723c03c6c74",
   "pins" : [
     {
       "identity" : "eudi-lib-ios-rqes-csc-swift",
       "kind" : "remoteSourceControl",
-      "location" : "https://github.com/niscy-eudiw/eudi-lib-ios-rqes-csc-swift.git",
+      "location" : "https://github.com/eu-digital-identity-wallet/eudi-lib-ios-rqes-csc-swift.git",
       "state" : {
-        "branch" : "update-auth-flow",
-        "revision" : "075987ef5f098e2ac866504ed8c55514fe4cb1b3"
+        "revision" : "d286db938dd6bddcd2aa22051e54211227cf5cba",
+        "version" : "0.0.1"
       }
     },
     {