diff --git a/.github/workflows/issues-jira.yml b/.github/workflows/issues-jira.yml
new file mode 100644
index 0000000..7bf0469
--- /dev/null
+++ b/.github/workflows/issues-jira.yml
@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+ issues:
+ types: [opened]
+
+jobs:
+ issue-jira:
+ runs-on: ubuntu-latest
+ steps:
+
+ - name: Login to Jira
+ uses: atlassian/gajira-login@master
+ env:
+ JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+ JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+ JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+ - name: Create Jira Issue
+ id: create_jira
+ uses: atlassian/gajira-create@master
+ with:
+ project: ${{ secrets.JIRA_PROJECT }}
+ issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+ summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+ description: |
+ *GitHub Issue:* ${{ github.event.issue.html_url }}
+
+ *Description:*
+ ${{ github.event.issue.body }}
+ fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"
\ No newline at end of file
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
deleted file mode 100644
index 250abc7..0000000
--- a/.github/workflows/jira.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
- pull_request:
- types: [opened]
-jobs:
- security-jira:
- if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-') || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: Login into JIRA
- uses: atlassian/gajira-login@master
- env:
- JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
- JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
- JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
- - name: Create a JIRA Issue
- id: create
- uses: atlassian/gajira-create@master
- with:
- project: ${{ secrets.JIRA_PROJECT }}
- issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
- summary: |
- Snyk | Vulnerability | ${{ github.event.repository.name }} | ${{ github.event.pull_request.title }}
- description: |
- PR: ${{ github.event.pull_request.html_url }}
-
- fields: "${{ secrets.JIRA_FIELDS }}"
- - name: Transition issue
- uses: atlassian/gajira-transition@v3
- with:
- issue: ${{ steps.create.outputs.issue }}
- transition: ${{ secrets.JIRA_TRANSITION }}
diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
new file mode 100644
index 0000000..13bd362
--- /dev/null
+++ b/.github/workflows/policy-scan.yml
@@ -0,0 +1,27 @@
+name: Checks the security policy and configurations
+on:
+ pull_request:
+ types: [opened, synchronize, reopened]
+jobs:
+ security-policy:
+ if: github.event.repository.visibility == 'public'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - uses: actions/checkout@master
+ - name: Checks for SECURITY.md policy file
+ run: |
+ if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+ security-license:
+ if: github.event.repository.visibility == 'public'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - uses: actions/checkout@master
+ - name: Checks for License file
+ run: |
+ if ! [[ -f "LICENSE" || -f "License.txt" || -f "LICENSE.md" ]]; then exit 1; fi
\ No newline at end of file
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
deleted file mode 100644
index 3b9521a..0000000
--- a/.github/workflows/sast-scan.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
- pull_request:
- types: [opened, synchronize, reopened]
-jobs:
- security-sast:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: Semgrep Scan
- run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
\ No newline at end of file