codeowners + sec integrations #4

christosservosNCIN · 2023-11-06T09:18:59Z

This PR contains additions related to security tools/procedures that we need to implement:

Added CODEOWNERS file. Combined with the branch protection policy that will soon be implemented, this will make sure that code can be pushed to "main" branch of EUDIW repositories only after it is approved by 2 senior stakeholders (that belong to 'niscy-admin' team.
Added the latest updates on sonar.yml workflow. This workflow is designed to trigger SAST appropriately, according to the event type that initiated it.
Added gitleaks workflow to identify sensitive info inside the repository (hardcoded passwords/tokens etc)
Added gitleaks.toml (practically this is the 'rules' list that gitleaks uses to fulfill its purpose
Added dependencycheck workflow to check for vulnerabilities in 3rd party components (sometimes dependabot can miss certain dependencies so we add this for coverage also -between everything else-

codeowners + sec integrations

93bdac9

christosservosNCIN requested a review from mviennas November 6, 2023 09:19

tchatziperis added 2 commits November 20, 2023 12:12

update github actions. Added missing plugins

5c50ba1

add code coverage support

d32df94

tchatziperis requested review from vkanellopoulos and tchatziperis and removed request for mviennas November 20, 2023 10:55

vkanellopoulos approved these changes Nov 20, 2023

View reviewed changes

tchatziperis requested review from vkanellopoulos and removed request for tchatziperis November 20, 2023 10:55

tchatziperis merged commit 2a2879b into main Nov 20, 2023
11 checks passed

marinaioannou deleted the feature/securityintegrations branch February 22, 2024 09:57

Provide feedback