Merge pull request #21 from xendit/TPI-5778/code-scanning

Code scanning
xendit · Jan 16, 2022 · 26986f4 · 26986f4
2 parents 8b7c505 + 4c11f24
commit 26986f4
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 0 deletions.
diff --git a/.buddy/sonar-scan.yml b/.buddy/sonar-scan.yml
@@ -0,0 +1,31 @@
+- pipeline: 'Static Application Security Testing'
+  trigger_mode: ON_EVERY_PUSH
+  ref_name: refs/pull/*
+  ref_type: WILDCARD
+  auto_clear_cache: true
+  fetch_all_ref: true
+  trigger_condition: ALWAYS
+  actions:
+    - action: 'Run SAST'
+      type: RUN_DOCKER_CONTAINER
+      trigger_condition: VAR_IS
+      trigger_variable_value: "master"
+      trigger_variable_key: "BUDDY_EXECUTION_PULL_REQUEST_BASE_BRANCH"
+      docker_image_name: xendit/sast
+      docker_image_tag: latest
+      integration_hash: 5e85761fc5f225000f97dd99
+      region: ap-southeast-1
+      inline_commands: run.sh
+      volume_mappings:
+        - '/:/usr/deploy'
+      variables:
+        - key: OWNER
+          value: store-channels
+    - action: "Send notification to channel"
+      type: "SLACK"
+      trigger_time: "ON_FAILURE"
+      content: "$BUDDY_PIPELINE_NAME execution failed. Please check details in Sonarqube"
+      blocks: "[{\"type\":\"section\",\"fields\":[{\"type\":\"mrkdwn\",\"text\":\"*Failed execution:* <$BUDDY_EXECUTION_URL|Execution #$BUDDY_EXECUTION_ID $BUDDY_EXECUTION_COMMENT>\"},{\"type\":\"mrkdwn\",\"text\":\"*Pipeline:* <$BUDDY_PIPELINE_URL|$BUDDY_PIPELINE_NAME>\"},{\"type\":\"mrkdwn\",\"text\":\"*Sonar Link:* <https://sonar.tidnex.com/project/issues?id=$BUDDY_PROJECT_NAME&resolved=false&types=VULNERABILITY&severities=BLOCKER|$BUDDY_PROJECT_NAME>\"},{\"type\":\"mrkdwn\",\"text\":\"*Project:* <$BUDDY_PROJECT_URL|$BUDDY_PROJECT_NAME>\"}]}]"
+      channel: "C01G4EK29QR"
+      trigger_condition: "ALWAYS"
+      integration_hash: "5ea6524a42eba4000eb35fbb"
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @xendit/store-channel-dev
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,24 @@
+<!-- Please include a summary/documentation/jira ticket of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. -->
+
+## Description
+
+`put the description of your PR here`
+
+## Type of change
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] Cosmetic change (text changing or color changing)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+
+## Checklist
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code (if necessary), particularly in hard-to-understand areas
+- [ ] My changes generate no new vulnerabilities
+- [ ] I have added tests that prove my fix is effective or that my feature works
+
+## Screenshot
+
+`put screenshot here if there are any ui changes`