From f5a4098f1ea271f34a54dfd3e63f36605172b437 Mon Sep 17 00:00:00 2001
From: Steven <Steavy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 15:33:56 +0100
Subject: [PATCH 1/6] Update integration.yml

---
 .github/workflows/integration.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index a36890f..9043b7e 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration
 
 on:
   push:
-    branches: [ steven-demo-start ]
+    branches: [ sast-demo-start ]
   pull_request:
     branches: [ development, main ]
     types: [opened, synchronize, reopened]   

From 8013367803a45c9429e34d1357cd5a1fab013a7e Mon Sep 17 00:00:00 2001
From: Steven <Steavy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 15:35:27 +0100
Subject: [PATCH 2/6] Update integration.yml

---
 .github/workflows/integration.yml | 44 +++++++++++++++----------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 9043b7e..4aa5c80 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -27,30 +27,30 @@ jobs:
     - run: npm i
     - run: npm run build
 
-  sonarcloud:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-      with:
+#  sonarcloud:
+  #  runs-on: ubuntu-latest
+  #  steps:
+   # - uses: actions/checkout@v2
+    #  with:
         # Disabling shallow clone is recommended for improving relevancy of reporting
-        fetch-depth: 0
-    - name: SonarCloud Scan
-      uses: sonarsource/sonarcloud-github-action@master
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_DEMO }}
+    #    fetch-depth: 0
+   # - name: SonarCloud Scan
+    #  uses: sonarsource/sonarcloud-github-action@master
+    #  env:
+    #    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    #    SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_DEMO }}
 
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@master
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/node@master
-        continue-on-error: false
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: monitor
+#  security:
+ #   runs-on: ubuntu-latest
+ #   steps:
+ #     - uses: actions/checkout@master
+   #   - name: Run Snyk to check for vulnerabilities
+  #      uses: snyk/actions/node@master
+   #     continue-on-error: false
+   #     env:
+   #       SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+    #    with:
+   #       command: monitor
 
   unit-tests:
 

From e80261d766e3fefa79221a97731e3b76f84ca389 Mon Sep 17 00:00:00 2001
From: Steven <Steavy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 15:37:14 +0100
Subject: [PATCH 3/6] Update release.yml

---
 .github/workflows/release.yml | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e6d1a28..fd69c84 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -13,4 +13,31 @@ jobs:
     - uses: actions/checkout@v3
     - run: docker build . -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
     - run: echo "${{secrets.DOCKERHUB_PASSWORD}}" | docker login -u ${{secrets.DOCKERHUB_USERNAME}} --password-stdin
-    - run: docker push ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
\ No newline at end of file
+    - run: docker push ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
+ 
+
+ # snyk_image_scanning:    
+  
+  #  runs-on: ubuntu-latest
+
+  #  steps:
+  #  - uses: actions/checkout@v2
+  #  - name: Build the Docker image
+ #     run: docker build -t ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app .
+ #   - name: Run Snyk to check Docker image for vulnerabilities
+ #     # Snyk can be used to break the build when it detects vulnerabilities.
+#      # In this case we want to upload the issues to GitHub Code Scanning
+#      continue-on-error: true
+#      uses: snyk/actions/docker@master
+#      env:
+#        # In order to use the Snyk Action you will need to have a Snyk API token.
+#        # More details in https://github.com/snyk/actions#getting-your-snyk-token
+#        # or you can signup for free at https://snyk.io/login
+#        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+#      with:
+#        image: ${{secrets.DOCKERHUB_USERNAME}}/nest-demo-app
+#        args: --file=Dockerfile --exclude-base-image-vulns  
+#    - name: Upload Snyk report as sarif 📦
+#      uses: github/codeql-action/upload-sarif@v2
+#      with:
+#        sarif_file: snyk.sarif

From 32626c3595ed86cdcb3241e5c15a75c9a3686d3f Mon Sep 17 00:00:00 2001
From: Steven <Steavy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 15:40:20 +0100
Subject: [PATCH 4/6] Update app.service.ts

---
 src/app.service.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/app.service.ts b/src/app.service.ts
index 2102a58..bc6922d 100644
--- a/src/app.service.ts
+++ b/src/app.service.ts
@@ -5,4 +5,8 @@ export class AppService {
   getHello(): string {
     return 'Hello World New Docker Image!';
   }
+   /**
+  * // TODO: Make SAST scanning
+  * use the .github folder files to fix this
+  */
 }

From 2ebaf52b857427890dc57bfb0fc9dbd85068f7c9 Mon Sep 17 00:00:00 2001
From: Steven <Steavy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 15:40:58 +0100
Subject: [PATCH 5/6] Update integration.yml

---
 .github/workflows/integration.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 4aa5c80..538dd1c 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -2,7 +2,7 @@ name: Integration
 
 on:
   push:
-    branches: [ sast-demo-start ]
+    branches: [ sast-start ]
   pull_request:
     branches: [ development, main ]
     types: [opened, synchronize, reopened]   

From 0fe89774f6c7e6847a252a833fb08ba185aae4b6 Mon Sep 17 00:00:00 2001
From: petersnick <peters.n@gmail.com>
Date: Wed, 27 Mar 2024 18:25:58 +0100
Subject: [PATCH 6/6] Update integration.yml

---
 .github/workflows/integration.yml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 538dd1c..75c707f 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -27,18 +27,18 @@ jobs:
     - run: npm i
     - run: npm run build
 
-#  sonarcloud:
-  #  runs-on: ubuntu-latest
-  #  steps:
-   # - uses: actions/checkout@v2
-    #  with:
-        # Disabling shallow clone is recommended for improving relevancy of reporting
-    #    fetch-depth: 0
-   # - name: SonarCloud Scan
-    #  uses: sonarsource/sonarcloud-github-action@master
-    #  env:
-    #    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-    #    SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_DEMO }}
+sonarcloud:
+   runs-on: ubuntu-latest
+   steps:
+   - uses: actions/checkout@v2
+     with:
+       # Disabling shallow clone is recommended for improving relevancy of reporting
+       fetch-depth: 0
+   - name: SonarCloud Scan
+     uses: sonarsource/sonarcloud-github-action@master
+     env:
+       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+       SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_DEMO }}
 
 #  security:
  #   runs-on: ubuntu-latest
@@ -52,7 +52,7 @@ jobs:
     #    with:
    #       command: monitor
 
-  unit-tests:
+ unit-tests:
 
     runs-on: ubuntu-latest