From 633759876ad2c151ebd497bd78eb9a049fd88a9b Mon Sep 17 00:00:00 2001
From: skyflow-vivek <vivek.jain@skyflow.com>
Date: Thu, 19 Dec 2024 12:18:39 +0530
Subject: [PATCH] SK-1633 Run endorlabs scan to identify security
 vulnerabilities

---
 .github/workflows/endorlabsScan.yml | 40 +++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 .github/workflows/endorlabsScan.yml

diff --git a/.github/workflows/endorlabsScan.yml b/.github/workflows/endorlabsScan.yml
new file mode 100644
index 00000000..f31a47d0
--- /dev/null
+++ b/.github/workflows/endorlabsScan.yml
@@ -0,0 +1,40 @@
+name: Endor Labs Scan Java Project
+
+on:
+  workflow_dispatch:
+    inputs:
+      java_version:
+        description: "The version of Java to be used for build"
+        default: "1.8"
+        required: true
+
+jobs:
+  clone-build-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: zulu
+          java-version: ${{ github.event.inputs.java_version }}
+
+      - name: Create env
+        id: create-env
+        run: |
+          touch .env
+          echo SKYFLOW_CREDENTIALS=${{ secrets.SKYFLOW_CREDENTIALS }} >> .env
+          echo TEST_EXPIRED_TOKEN=${{ secrets.TEST_EXPIRED_TOKEN }} >> .env
+          echo TEST_REUSABLE_TOKEN=${{ secrets.TEST_REUSABLE_TOKEN }} >> .env
+
+      - name: Compile Package
+        run: mvn clean install
+
+      - name: Endor Labs SCA Scan
+        uses: endorlabs/github-action@main
+        with:
+          namespace: "skyflow"
+          api: "https://api.endorlabs.com"
+          pr: false
+          enable_github_action_token: true
+          scan_dependencies: true
+          additional_args: "--as-default-branch --call-graph-languages=java"