From 271acfe877239e1674f7fde88782a0b6659f9182 Mon Sep 17 00:00:00 2001
From: Jorge Costa <jorge.costa@trimble.com>
Date: Tue, 3 Sep 2024 13:42:49 +0300
Subject: [PATCH] add mend scans

---
 .github/workflows/mend.yml | 44 ++++++++++++++++++++++++++++++++++++++
 whitesource.config-tekla   | 34 +++++++++++++++++++++++++++++
 2 files changed, 78 insertions(+)
 create mode 100644 .github/workflows/mend.yml
 create mode 100644 whitesource.config-tekla

diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml
new file mode 100644
index 0000000..bd64c85
--- /dev/null
+++ b/.github/workflows/mend.yml
@@ -0,0 +1,44 @@
+name: Mend Analysis
+
+on:
+  push:
+    branches: [ "master" ]
+
+
+jobs:
+  build:
+    name: Run Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 1.11
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 8.0.x
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+          
+         
+      - name: Install Mend Analyser
+        env:
+          GITHUB_API_TOKEN: ${{ secrets.ORG_TOOLS_ACCESS_TOKEN }}  
+        run: |
+          mkdir ~/.trimbletools --parents
+          cd ~/.trimbletools
+          wget https://github.com/jmecosta/jmecosta/releases/download/1.0.3/download.sh
+          wget https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar
+          chmod +x download.sh
+          ./download.sh TrimbleSolutionsCorporation BatMiscTools 1.0.0 TrimbleMendWrapper.zip TrimbleMendWrapper
+          cd $OLDPATH
+      - name: Restore
+        run: dotnet restore --verbosity detailed
+      - name: Build
+        run: dotnet build
+      - name: Analyze
+        run: |
+          ~/.trimbletools/TrimbleMendWrapper/TrimbleMendWrapper -j ~/.trimbletools/wss-unified-agent.jar -d . -c whitesource.config-tekla -o ${{secrets.MEND_ORG_TOKEN}} -p ${{secrets.MEND_PRODUCT_TOKEN}} --additionalagentargs "/project:TeklaEnvService-${{ github.ref_name }}"
+
diff --git a/whitesource.config-tekla b/whitesource.config-tekla
new file mode 100644
index 0000000..4f05656
--- /dev/null
+++ b/whitesource.config-tekla
@@ -0,0 +1,34 @@
+####################################################################
+# WhiteSource configuration file
+####################################################################
+checkPolicies=false
+forceCheckAllDependencies=false
+offline=false
+ 
+apiKey=<OrganisationApiKeyValue>
+
+productName=
+productVersion=
+productToken=<productTokenValue>
+
+projectName=Tekla.Examples:MultiTeklaStructuresMonitor
+projectVersion=
+
+##########################################################################################
+# Includes/Excludes Glob patterns - PLEASE USE ONLY ONE EXCLUDE LINE AND ONE INCLUDE LINE
+##########################################################################################
+# Want to know about GLOB patterns that are used in the includes + excludes?
+# See https://en.wikipedia.org/wiki/Glob_(programming)
+# Want to test your glob patterns? See http://www.globtester.com/
+#########################################################################################
+#includes=**/*.c **/*.cc **/*.cp **/*.cpp **/*.cxx **/*.c++ **/*.h **/*.hpp **/*.hxx
+#includes=**/*.m **/*.mm  **/*.js **/*.php
+#includes=**/*.jar
+#includes=**/*.gem **/*.rb
+includes=**/*.dll **/*.cs **/*.c#  **/*.csharp 
+#includes=**/*.tgz **/*.deb **/*.gzip **/*.rpm **/*.tar.bz2 
+#includes=**/*.zip **/*.tar.gz **/*.egg **/*.whl **/*.py
+#excludes=**/*sources.jar **/*javadoc.jar
+excludes=**/*Tests.csproj  **/packages/**
+case.sensitive.glob=false
+followSymbolicLink=true