From b3c997bcf008584e630029998b608a2f50d17c1e Mon Sep 17 00:00:00 2001
From: Cristina Vaida <cristina.vaida@snyk.io>
Date: Fri, 28 Jun 2024 18:30:32 +0300
Subject: [PATCH] chore: add quality gates (#186)

* chore: add quality gates

* chore: add java additional arguments

* chore: quality gates

* chore: add .snyk file to ignore licensing issues

---------

Co-authored-by: Wayne Grant <wayne.grant@snyk.io>
Co-authored-by: Bastian Doetsch <bastian.doetsch@snyk.io>
---
 .circleci/config.yml | 18 +++++++++++++++++-
 .snyk                | 10 ++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 .snyk

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 3fcfa42..dabdc89 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -3,6 +3,19 @@ version: 2.1
 orbs:
   prodsec: snyk/prodsec-orb@1
 
+jobs:
+  security-scans:
+    resource_class: small
+    docker:
+      - image: cimg/openjdk:17.0
+    steps:
+      - checkout
+      - prodsec/security_scans:
+          mode: auto
+          open-source-scan-all-projects: false
+          open-source-additional-arguments: --maven-aggregate-project -- -pl '!tests'
+          iac-scan: disabled
+
 workflows:
   version: 2
   CICD:
@@ -11,5 +24,8 @@ workflows:
           name: Scan repository for secrets
           context:
             - snyk-bot-slack
-          channel: dx-local-alerts
+          channel: snyk-on-snyk-devex_ide
           trusted-branch: main
+
+      - security-scans:
+          context: devex_ide
diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..ac0abcf
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,10 @@
+version: v1.25.0
+ignore:
+  snyk:lic:maven:org.ow2.sat4j:org.ow2.sat4j.core:(EPL-1.0_OR_GPL-3.0):
+    - '*':
+        reason: We are using EPL
+        expires: 2025-08-18T00:00:00.000Z
+  snyk:lic:maven:org.ow2.sat4j:org.ow2.sat4j.pb:(EPL-1.0_OR_GPL-3.0):
+    - '*':
+        reason: We are using EPL
+        expires: 2025-08-18T00:00:00.000Z
\ No newline at end of file