yolo

.github/workflows/container-test.yml

@@ -0,0 +1,60 @@
+name: Test Container Scans
+
+on:
+  workflow_dispatch:
+    inputs:
+      api:
+        description: "Enter the target Endor Labs API"
+        required: true
+        type: choice
+        default: https://api.endorlabs.com
+        options:
+        - https://api.staging.endorlabs.com
+        - https://api.endorlabs.com
+      tenant_name:
+        description: "Enter your Endor Labs namespace?"
+        required: true
+        type: string
+
+jobs:
+  release:
+    name: Build and Sign
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Build JAR
+        run: mvn clean install -Dskiptests=true
+
+
+      - name: Endor Labs Scan
+        uses: endorlabs/github-action@main
+        with:
+          namespace: ${{ github.event.inputs.tenant_name }}
+          api: ${{ github.event.inputs.api }}
+          scan_summary_output_type: "table"
+          pr: "false"
+          enable_github_action_token: "true"
+          scan_dependencies: "true"
+          scan_secrets: "true"
+          scan_git_logs: "true"
+
+      - name: Create container
+        run: docker build -t app-java-demo:latest .
+
+      - name: Endor Labs Scan
+        uses: endorlabs/github-action@main
+        with:
+          namespace: ${{ github.event.inputs.tenant_name }}
+          api: ${{ github.event.inputs.api }}
+          scan_summary_output_type: "table"
+          pr: "false"
+          enable_github_action_token: "true"
+          scan_dependencies: "false"
+          scan_container: "true"
+          image: "app-java-demo:latest"

.github/workflows/release.yml

@@ -2,15 +2,28 @@ name: Release Workflow
 
 on:
   workflow_dispatch:
-  push: 
-
+    inputs:
+      api:
+        description: "Enter the target Endor Labs API"
+        required: true
+        type: choice
+        default: https://api.endorlabs.com
+        options:
+        - https://api.staging.endorlabs.com
+        - https://api.endorlabs.com
+      tenant_name:
+        description: "Enter your Endor Labs namespace?"
+        required: true
+        type: string
+
 jobs:
   release:
     name: Build and Sign
     runs-on: ubuntu-latest
     permissions:
       id-token: write
       contents: read
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
@@ -20,10 +33,10 @@ jobs:
 
 
       - name: Endor Labs Scan
-        uses: endorlabs/github-action@containers
+        uses: endorlabs/github-action@main
         with:
-          namespace: "demo"
-          api: https://api.staging.endorlabs.com
+          namespace: ${{ github.event.inputs.tenant_name }}
+          api: ${{ github.event.inputs.api }}
           scan_summary_output_type: "table"
           pr: "false"
           enable_github_action_token: "true"
@@ -32,7 +45,7 @@ jobs:
           scan_git_logs: "true"
 
       - name: Create container
-        run: docker build -t jscott932/app-java-demo:latest .
+        run: docker build -t app-java-demo:local .
 
       - name: Get Image Digest to Sign
         run: |

Dockerfile

@@ -18,8 +18,7 @@ WORKDIR /app
 
 # Copy the built artifact from the build stage
 COPY --from=build /app/target/endor-java-webapp-demo.jar .
-COPY --from=build /app/target/dependency dependency/
-
+COPY --from=build /app/target/endor-java-webapp-demo-jar-with-dependencies.jar .
 # Expose any necessary ports
 EXPOSE 443