chore: add quality gates (#186)

* chore: add quality gates * chore: add java additional arguments * chore: quality gates * chore: add .snyk file to ignore licensing issues --------- Co-authored-by: Wayne Grant <wayne.grant@snyk.io> Co-authored-by: Bastian Doetsch <bastian.doetsch@snyk.io>
snyk · Jun 28, 2024 · b3c997b · b3c997b
1 parent 5441278
commit b3c997b
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 1 deletion.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -3,6 +3,19 @@ version: 2.1
 orbs:
   prodsec: snyk/prodsec-orb@1
 
+jobs:
+  security-scans:
+    resource_class: small
+    docker:
+      - image: cimg/openjdk:17.0
+    steps:
+      - checkout
+      - prodsec/security_scans:
+          mode: auto
+          open-source-scan-all-projects: false
+          open-source-additional-arguments: --maven-aggregate-project -- -pl '!tests'
+          iac-scan: disabled
+
 workflows:
   version: 2
   CICD:
@@ -11,5 +24,8 @@ workflows:
           name: Scan repository for secrets
           context:
             - snyk-bot-slack
-          channel: dx-local-alerts
+          channel: snyk-on-snyk-devex_ide
           trusted-branch: main
+
+      - security-scans:
+          context: devex_ide
diff --git a/.snyk b/.snyk
@@ -0,0 +1,10 @@
+version: v1.25.0
+ignore:
+  snyk:lic:maven:org.ow2.sat4j:org.ow2.sat4j.core:(EPL-1.0_OR_GPL-3.0):
+    - '*':
+        reason: We are using EPL
+        expires: 2025-08-18T00:00:00.000Z
+  snyk:lic:maven:org.ow2.sat4j:org.ow2.sat4j.pb:(EPL-1.0_OR_GPL-3.0):
+    - '*':
+        reason: We are using EPL
+        expires: 2025-08-18T00:00:00.000Z