From 6649356202bfc031f4d39b9d75d23b72ee8e2f72 Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Wed, 14 Sep 2022 16:56:35 +0530
Subject: [PATCH 1/6] ShiftLeft Scan

---
 .github/workflows/ShiftLeft.yaml | 54 ++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 .github/workflows/ShiftLeft.yaml

diff --git a/.github/workflows/ShiftLeft.yaml b/.github/workflows/ShiftLeft.yaml
new file mode 100644
index 00000000..e005ee08
--- /dev/null
+++ b/.github/workflows/ShiftLeft.yaml
@@ -0,0 +1,54 @@
+---
+name: Shiftleft Scan
+on:
+  pull_request:
+    branches:
+    - master
+  workflow_dispatch:
+    inputs:
+      logLevel:
+        description: Log level
+jobs:
+  scanning:
+    env:
+      APP_ID: 6e4487e629008a3ff4483925941bfdfb650857d21469554eea9fd726d1170518
+      BRANCH_NAME: master
+      SCAN_ID: a33f2a026be63aeabe0fe2a21e9db4cd3d8a0d9019dbe65e4c8c97d44012404c
+      REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.qa.securin.io/resultapi\"\
+        ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.qa.securin.io/resultparserapi\"\
+        }')}}"
+    steps:
+    - name: Retrieve Token Info
+      id: auth_token
+      run: "respJson=$(curl --location --request GET 'https://slresultapi.qa.securin.io/resultapi/aws/ecr/token'\
+        \  --header 'Authorization: Bearer ${{secrets.CLI_ACCESS_TOKEN}}'  --data-raw\
+        \ ' ' )\necho \"::set-output name=authTokenJson::$respJson\""
+    - uses: actions/checkout@v2
+    - name: Build with Maven
+      run: mvn -q --batch-mode --update-snapshots verify
+    - name: Scan Initiated
+      id: sec_scan_init
+      run: "usrVal=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).user}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrPassword=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).password}}'\
+        \ | openssl enc -aes-256-cbc -d -base64 -A -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrPrxyUrl=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).proxyUrl}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrImgTag=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).imageTag}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \ndocker login --username  $usrVal --password $usrPassword $usrPrxyUrl\
+        \ \ndocker pull -q $usrImgTag \ndocker run -v ${{github.workspace}}:/src \
+        \ --volume ${{github.workspace}}:/workdir -v /var/run/docker.sock:/var/run/docker.sock\
+        \ $usrImgTag -access_tkn ${{secrets.CLI_ACCESS_TOKEN}} -app_id ${{ env.APP_ID\
+        \ }} -scan_id ${{ env.SCAN_ID }} -branch_name ${{ env.BRANCH_NAME }} -req_url_map\
+        \ ${{ env.REQ_URL_MAP }} event:${{ github.event_name }}  pr_number:${{ github.event.number\
+        \ }}"
+    - name: Upload SARIF file
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: "${{github.workspace}}/results/result.sarif"
+      if: hashFiles('**/result.sarif') !=''
+    - name: Evaluate build status
+      run: "cat ${{github.workspace}}/results/status.txt\nexit 1\n"
+      if: hashFiles('**/status.txt') !=''
+    runs-on: ubuntu-latest

From 3c9ccc6697653cd3245807f7603aeae1a6feeafd Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Wed, 14 Sep 2022 16:57:46 +0530
Subject: [PATCH 2/6] ShiftLeft Scan

---
 .github/workflows/ShiftLeft.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ShiftLeft.yaml b/.github/workflows/ShiftLeft.yaml
index e005ee08..4ff0af47 100644
--- a/.github/workflows/ShiftLeft.yaml
+++ b/.github/workflows/ShiftLeft.yaml
@@ -13,7 +13,7 @@ jobs:
     env:
       APP_ID: 6e4487e629008a3ff4483925941bfdfb650857d21469554eea9fd726d1170518
       BRANCH_NAME: master
-      SCAN_ID: a33f2a026be63aeabe0fe2a21e9db4cd3d8a0d9019dbe65e4c8c97d44012404c
+      SCAN_ID: 10f2ff17d7b9cf9d670cf57b8d7379dddf3f51a79ac99918fffa813b61ddc013
       REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.qa.securin.io/resultapi\"\
         ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.qa.securin.io/resultparserapi\"\
         }')}}"

From aef85c3d2df25650432ca2844587c1b95b35d168 Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Wed, 14 Sep 2022 17:54:05 +0530
Subject: [PATCH 3/6] ShiftLeft Scan

---
 .github/workflows/ShiftLeft.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ShiftLeft.yaml b/.github/workflows/ShiftLeft.yaml
index 4ff0af47..05af1bc0 100644
--- a/.github/workflows/ShiftLeft.yaml
+++ b/.github/workflows/ShiftLeft.yaml
@@ -13,7 +13,7 @@ jobs:
     env:
       APP_ID: 6e4487e629008a3ff4483925941bfdfb650857d21469554eea9fd726d1170518
       BRANCH_NAME: master
-      SCAN_ID: 10f2ff17d7b9cf9d670cf57b8d7379dddf3f51a79ac99918fffa813b61ddc013
+      SCAN_ID: 5b0440b78373d86b49b8bb902434b3feb21d7f2f96fceb828c483547979d9b1a
       REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.qa.securin.io/resultapi\"\
         ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.qa.securin.io/resultparserapi\"\
         }')}}"

From ac2f0fafe12343510594e97a68c45ceb6566fed5 Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Fri, 16 Sep 2022 12:27:13 +0530
Subject: [PATCH 4/6] ShiftLeft Scan

---
 .github/workflows/ShiftLeft.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ShiftLeft.yaml b/.github/workflows/ShiftLeft.yaml
index 05af1bc0..b440379b 100644
--- a/.github/workflows/ShiftLeft.yaml
+++ b/.github/workflows/ShiftLeft.yaml
@@ -13,7 +13,7 @@ jobs:
     env:
       APP_ID: 6e4487e629008a3ff4483925941bfdfb650857d21469554eea9fd726d1170518
       BRANCH_NAME: master
-      SCAN_ID: 5b0440b78373d86b49b8bb902434b3feb21d7f2f96fceb828c483547979d9b1a
+      SCAN_ID: 0055c5d3b322daed14087be14962d41cb54a545aa524308791506812fad8379d
       REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.qa.securin.io/resultapi\"\
         ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.qa.securin.io/resultparserapi\"\
         }')}}"

From 00ddfcb1b689ced33c215ddf0739898af58f01bb Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Tue, 15 Nov 2022 12:33:19 +0530
Subject: [PATCH 5/6] ShiftLeft Scan

---
 .github/workflows/ShiftLeft.yaml | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ShiftLeft.yaml b/.github/workflows/ShiftLeft.yaml
index b440379b..b84de4c2 100644
--- a/.github/workflows/ShiftLeft.yaml
+++ b/.github/workflows/ShiftLeft.yaml
@@ -13,7 +13,7 @@ jobs:
     env:
       APP_ID: 6e4487e629008a3ff4483925941bfdfb650857d21469554eea9fd726d1170518
       BRANCH_NAME: master
-      SCAN_ID: 0055c5d3b322daed14087be14962d41cb54a545aa524308791506812fad8379d
+      SCAN_ID: 8f5c726be7e4acb8f1b3260b880e7f7992524992b59cca9d4a75d130c35c52bb
       REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.qa.securin.io/resultapi\"\
         ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.qa.securin.io/resultparserapi\"\
         }')}}"
@@ -24,8 +24,6 @@ jobs:
         \  --header 'Authorization: Bearer ${{secrets.CLI_ACCESS_TOKEN}}'  --data-raw\
         \ ' ' )\necho \"::set-output name=authTokenJson::$respJson\""
     - uses: actions/checkout@v2
-    - name: Build with Maven
-      run: mvn -q --batch-mode --update-snapshots verify
     - name: Scan Initiated
       id: sec_scan_init
       run: "usrVal=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).user}}'\
@@ -41,8 +39,8 @@ jobs:
         \ --volume ${{github.workspace}}:/workdir -v /var/run/docker.sock:/var/run/docker.sock\
         \ $usrImgTag -access_tkn ${{secrets.CLI_ACCESS_TOKEN}} -app_id ${{ env.APP_ID\
         \ }} -scan_id ${{ env.SCAN_ID }} -branch_name ${{ env.BRANCH_NAME }} -req_url_map\
-        \ ${{ env.REQ_URL_MAP }} event:${{ github.event_name }}  pr_number:${{ github.event.number\
-        \ }}"
+        \ ${{ env.REQ_URL_MAP }} -tool_name github event:${{ github.event_name }}\
+        \  pr_number:${{ github.event.number }}"
     - name: Upload SARIF file
       uses: github/codeql-action/upload-sarif@v1
       with:

From 2bb497029d7a02fffc75d98ab3d2d537a66ec4a1 Mon Sep 17 00:00:00 2001
From: rameshg <gunnamramesh020@gmail.com>
Date: Tue, 2 Apr 2024 08:41:08 +0530
Subject: [PATCH 6/6] ShiftLeft Scan

---
 .github/workflows/Securin-aspm.yaml | 47 +++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 .github/workflows/Securin-aspm.yaml

diff --git a/.github/workflows/Securin-aspm.yaml b/.github/workflows/Securin-aspm.yaml
new file mode 100644
index 00000000..82a47739
--- /dev/null
+++ b/.github/workflows/Securin-aspm.yaml
@@ -0,0 +1,47 @@
+---
+name: Securin-ASPM
+on:
+  pull_request:
+    branches:
+    - master
+  workflow_dispatch:
+    inputs:
+      logLevel:
+        description: Log level
+jobs:
+  scanning:
+    env:
+      APP_ID: a804c36e5686bbe83060895305c0f92d718158a0d4f322994941ec2b02246014
+      BRANCH_NAME: master
+      SCAN_ID: a7add0302194143f5f10454d8310bb198bdb31f467d0fcbeb281f663cdafa5d0
+      REQ_URL_MAP: "${{toJSON('{\"SL_RESULT_API_HOST\":\"https://slresultapi.securin.io/resultapi\"\
+        ,\"SL_RESULTPARSER_API_HOST\":\"https://slresultparserapi.securin.io/resultparserapi\"\
+        }')}}"
+    steps:
+    - name: Retrieve Token Info
+      id: auth_token
+      run: "respJson=$(curl --location --request GET 'https://slresultapi.securin.io/resultapi/aws/ecr/token'\
+        \  --header 'X-ASPM-Auth-Key: ${{secrets.ORG_API_KEY}}'  --data-raw ' ' )\
+        \ \necho \"authTokenJson=$respJson\" >> $GITHUB_OUTPUT"
+    - uses: actions/checkout@v3
+    - name: Scan Initiated
+      id: sec_scan_init
+      run: "usrVal=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).user}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrPassword=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).password}}'\
+        \ | openssl enc -aes-256-cbc -d -base64 -A -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrPrxyUrl=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).proxyUrl}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \nusrImgTag=$(echo '${{fromJson(steps.auth_token.outputs.authTokenJson).imageTag}}'\
+        \ | openssl enc -aes-256-cbc -d -a -K ${{secrets.ENC_KEY}} -iv ${{secrets.ENC_IV}}\
+        \ ) \ndocker login --username  $usrVal --password $usrPassword $usrPrxyUrl\
+        \ \ndocker pull -q $usrImgTag \ndocker run -v ${{github.workspace}}:/src \
+        \ --volume ${{github.workspace}}:/workdir -v /var/run/docker.sock:/var/run/docker.sock\
+        \ $usrImgTag -api_key ${{secrets.ORG_API_KEY}} -wrkspc_id ${{secrets.WORKSPACE_ID}}\
+        \ -app_id ${{ env.APP_ID }} -scan_id ${{ env.SCAN_ID }} -branch_name ${{ env.BRANCH_NAME\
+        \ }} -req_url_map ${{ env.REQ_URL_MAP }} -tool_name github event:${{ github.event_name\
+        \ }}  pr_number:${{ github.event.number }} -upload_log true"
+    - name: Evaluate build status
+      run: "cat ${{github.workspace}}/results/status.txt\nexit 1\n"
+      if: hashFiles('**/status.txt') !=''
+    runs-on: ubuntu-latest