diff --git a/.github/workflows/scan_repositories_for_licenses.yaml b/.github/workflows/scan_repositories_for_licenses.yaml deleted file mode 100644 index 259976c..0000000 --- a/.github/workflows/scan_repositories_for_licenses.yaml +++ /dev/null @@ -1,27 +0,0 @@ -name: '[Scancode]: Scan and report' -on: - workflow_dispatch: - schedule: - - cron: "0 0 1 * *" -jobs: - scan_and_report: - runs-on: ubuntu-latest - strategy: - matrix: - repositories: - - apify/apify-core - name: Scan and report - steps: - - uses: actions/checkout@v4 - with: - repository: ${{ matrix.repositories }} - token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} - - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - run: | - pip install scancode-toolkit - - run: | - scancode -clpeui -n 2 --json-pp scancode_report.json . - - run: | - curl -F file=@scancode_report.json -F "initial_comment=:bell: Hello, Scancode report for ${{ matrix.repositories }} repository. Use https://github.com/nexB/scancode-workbench for analysis." -F channels=C05E6DLQLG2 -H "Authorization: Bearer ${{ secrets.SLACK_APP_APIFY_REPORTER_TOKEN }}" https://slack.com/api/files.upload diff --git a/.github/workflows/scan_repositories_for_secret_leaks.yaml b/.github/workflows/scan_repositories_for_secret_leaks.yaml deleted file mode 100644 index af828de..0000000 --- a/.github/workflows/scan_repositories_for_secret_leaks.yaml +++ /dev/null @@ -1,36 +0,0 @@ -name: '[Gitleaks]: Scan and report' -on: - workflow_dispatch: - schedule: - - cron: "0 4 * * *" -jobs: - scan_and_report: - runs-on: ubuntu-latest - strategy: - matrix: - repositories: - - apify/apify-core - - apify/apify-infra - - apify/apify-worker - - apify/apify-lambdas - - apify/apify-conductor - - apify/apify-web - - apify/docs - - apify/apify-imgproxy - - apify/apify-proxy - - apify/apify-slack-app - - apify/apify-status-page-tests - name: Scan and report - steps: - - uses: actions/checkout@v4 - with: - repository: ${{ matrix.repositories }} - token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }} - - run: | - curl -sSL https://github.com/gitleaks/gitleaks/releases/download/v8.16.4/gitleaks_8.16.4_linux_x64.tar.gz | tar xz -C /tmp - /tmp/gitleaks --report-path report.json -v --no-color --redact detect > report.md - # Dont process report.json file further - rm report.json - - if: failure() - run: | - curl -F file=@report.md -F "initial_comment=:rotating_light: Hello, Gitleaks report :rotating_light: Affected repository: ${{ matrix.repositories }}" -F channels=C05E6DLQLG2 -H "Authorization: Bearer ${{ secrets.SLACK_APP_APIFY_REPORTER_TOKEN }}" https://slack.com/api/files.upload diff --git a/required_workflows/leaked_secrets_scan.yaml b/required_workflows/leaked_secrets_scan.yaml deleted file mode 100644 index cbad9ba..0000000 --- a/required_workflows/leaked_secrets_scan.yaml +++ /dev/null @@ -1,18 +0,0 @@ -name: gitleaks -on: - pull_request: - push: - workflow_dispatch: - -jobs: - scan: - name: gitleaks - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: gitleaks/gitleaks-action@v2.3.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}