forked from ajithjunneti/insecure-bank
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathWorkflowTemplate.yml
78 lines (78 loc) · 1.72 KB
/
WorkflowTemplate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
---
connectors:
- connector_name: slack
fields:
channelidentifier: C015LGE7RRQ
bearertoken: <<SLACK_TOKEN>>
- connector_name: jira
fields:
issuetype: Bug
projectkey: STAR
assignee: test
url: <<JIRA_SERVER_URL>>
username: <<JIRA_USERNAME>>
authtoken: <<JIRA_AUTH_TOKEN>>
- connector_name: bitbucket
fields:
workspace_name: sig-devsecops
repository_name: insecure-bank
commit_id: <<BITBUCKET_COMMIT_ID>>
username: <<BITBUCKET_USERNAME>>
app_password: <<BITBUCKET_PASSWORD>>
- connector_name: github
fields:
file_path: workflowengine-results.sarif.json
owner_name: sig-devsecops
repository_name: insecure-bank
ref: refs/heads/master
commit_id: <<GITHUB_COMMIT_ID>>
username: <<GITHUB_USERNAME>>
accesstoken: <<GITHUB_ACCESS_TOKEN>>
---
buildbreaker:
- activityname: sast
status:
- new
- open
overallseverity:
-
categories:
- name: cross-site scripting
severity: high
- name: sql injection
severity: high
- activityname: dast
status:
- new
- triaged
overallseverity:
- high
categories:
- name: sql-injection
severity: medium
- activityname: sca
status:
- new
overallseverity:
- high
categories:
- name: cve-2015-2119
severity: medium
---
tool_information:
- tool_name: coverity
enabled: false
fields:
file_path: coverity-results.json
- tool_name: polaris
enabled: <<IS_SAST_ENABLED>>
fields:
project_name: sig-devsecops/insecure-bank
instance_url: <<POLARIS_SERVER_URL>>
auth_token: <<POLARIS_ACCESS_TOKEN>>
- tool_name: blackduck
enabled: <<IS_SCA_ENABLED>>
fields:
project_name: insecure-bank:1.0.1
instance_url: <<BLACKDUCK_SERVER_URL>>
auth_token: <<BLACKDUCK_ACCESS_TOKEN>>