Merge pull request #2 from emmanuel-knafo/main

brought lab 5

Author: emmanuel-knafo

.github/workflows/oss_pygoat-devsecops-advanced.yml

@@ -204,30 +204,30 @@ jobs:
     steps:
       - name: checkout
         uses: actions/checkout@v4.1.0
-      # - name: Gitleaks
-      #   continue-on-error: true
-      #   # You may pin to the exact commit or the version.
-      #   # uses: gitleaks/gitleaks-action@e6dab246340401bf53eec993b8f05aebe80ac636
-      #   uses: gitleaks/gitleaks-action@v2.3.4
-      #   env:
-      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      #     #GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.
-      # - name: Depcheck
-      #   uses: dependency-check/Dependency-Check_Action@main
-      #   id: Depcheck
-      #   with:
-      #     project: 'test'
-      #     path: '.'
-      #     format: 'HTML'
-      #     out: 'reports' # this is the default, no need to specify unless you wish to override it
-      #     args: >
-      #       --failOnCVSS 7
-      #       --enableRetired
-      # - name: Upload Test results
-      #   uses: actions/upload-artifact@master
-      #   with:
-      #      name: Depcheck report
-      #      path: ${{github.workspace}}/reports
+      - name: Gitleaks
+        continue-on-error: true
+        # You may pin to the exact commit or the version.
+        # uses: gitleaks/gitleaks-action@e6dab246340401bf53eec993b8f05aebe80ac636
+        uses: gitleaks/gitleaks-action@v2.3.4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          #GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.
+      - name: Depcheck
+        uses: dependency-check/Dependency-Check_Action@main
+        id: Depcheck
+        with:
+          project: 'test'
+          path: '.'
+          format: 'HTML'
+          out: 'reports' # this is the default, no need to specify unless you wish to override it
+          args: >
+            --failOnCVSS 7
+            --enableRetired
+      - name: Upload Test results
+        uses: actions/upload-artifact@master
+        with:
+           name: Depcheck report
+           path: ${{github.workspace}}/reports
   test-run_devopsshield_scan_linux:
     name: Run DevOps Shield Scan Linux
     needs:

labs/lab05.md

@@ -1,4 +1,4 @@
-# 5 - Custom actions
+# 5 - Holistic Compliance View with DevOps Shield UI
 In this lab you will create and use custom actions.
 > Duration: 15-20 minutes
 
@@ -9,9 +9,12 @@ References:
 - [GitHub Actions Toolkit](https://github.com/actions/toolkit)
 - [actions/github-script](https://github.com/actions/github-script)
 
-## 5.1 Use the github-script action to apply a label to an issue
+## 5.1 Run the Docker Container of DevOps Shield
 
-1. Open the workflow file [github-script.yml](/.github/workflows/github-script.yml)
+1. As per [DevOps Shield on DockerHub](https://hub.docker.com/r/devopsshield/devopsshield)
+```
+docker run -d -p 8080:8080 devopsshield/devopsshield
+```
 2. Edit the file and copy the following YAML content at the end of the file:
 ```YAML
   apply-label:

labs/lab06.md

@@ -24,9 +24,7 @@ References:
 - [ ] Module 1: Introduction to Defect Dojo
 - [ ] Module 2: Explore Your Kubernetes Cluster
 - [ ] Module 3: Running the Basic and Advanced DevSecOps Pipelines
-- [ ] Module 4: Workflow Templates
-- [ ] Module 5: Custom actions
-- [ ] Module 6: Self-hosted runners
-- [ ] Module 7: CI/CD
+- [ ] Module 4: Adding Additional DevSecOps Controls
+- [ ] Module 5: Holistic Compliance View with DevOps Shield UI
 ```
 7. Fetch upstream to get the latest changes from the upstream repository