From dcb5a0f20231ddb46a26cae8b86c3298abb3e0a4 Mon Sep 17 00:00:00 2001
From: dfeldick <dfeldick@axway.com>
Date: Thu, 4 Jan 2024 09:03:04 -0700
Subject: [PATCH 1/2] APIGOV-26840 - csr5

---
 .csr-profile.json  |  9 ++-------
 .gitlab-ci.yml     | 26 +-------------------------
 CODEOWNERS         |  1 -
 whitesource.config | 26 --------------------------
 4 files changed, 3 insertions(+), 59 deletions(-)
 delete mode 100644 whitesource.config

diff --git a/.csr-profile.json b/.csr-profile.json
index 49b6458..5991aa2 100644
--- a/.csr-profile.json
+++ b/.csr-profile.json
@@ -3,17 +3,12 @@
   "repo_url": "https://github.com/Axway/agents-mulesoft",
   "security_guide": "https://docs.axway.com/bundle/axway_resources/page/amplify_api_management_platform_security_white_paper.html",
   "requirements": {
-    "dependency-check": false,
     "fortify": true,
     "irius-risk": false,
-    "npm-audit": false,
     "pentest": false,
-    "retirejs": false,
     "twistlock": true,
-    "zap": false,
-    "yarn": false,
-    "gosec": false,
-    "whitesource": true,
+    "blackduck": true,
+    "third-party-policy-violation": false,
     "appspider": false,
     "insightvm": false
   },
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 08873b0..849e42a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -10,10 +10,6 @@ variables:
   FORTIFY_INCLUDE: "**/*.go"
   FORTIFY_EXCLUDE: "**/*_test.go"
 
-  # Whitesource
-  WS_PROJECT_ID: "agents-mulesoft"
-  WS_CONFIG_FILE: "whitesource.config"
-
   # Blackduck
   BLACKDUCK_PROJECT_NAME: "Amplify - APIC Mulesoft Agents"
 
@@ -36,7 +32,6 @@ include:
       - '/.gitlab-ci-fortify.yml'
       - "/.gitlab-ci-twistlock.yml"
       - "/.gitlab-ci-iriusrisk.yml"
-      - "/.gitlab-ci-whitesource.yml"
       - "/.gitlab-ci-blackduck.yml"
       - "/.gitlab-ci-csr.yml"
   - project: "apigov/beano_cicd"
@@ -99,20 +94,7 @@ twistlock-traceability:on-schedule:
     - export IMAGE_NAME=ghcr.io/axway/mulesoft_traceability_agent:${GIT_TAG_PREFIX}${LATEST_TAG}
     - docker pull ${IMAGE_NAME}
 
-whitesource:on-schedule:
-  extends: .whitesource
-  rules:
-    - !reference [.mirror-schedule-csr-rules, rules]
-  before_script:
-    - git config --global http.sslVerify false
-    - git config --global url."ssh://git@git.ecd.axway.org".insteadOf "https://git.ecd.axway.org"''
-    - git fetch
-    - *get-latest-tag
-    - echo "Checking out ${GIT_TAG_PREFIX}${LATEST_TAG}"
-    - git checkout ${GIT_TAG_PREFIX}${LATEST_TAG}
-
 blackduck:on-schedule:
-  extends: .blackduck
   rules:
     - !reference [.mirror-schedule-csr-rules, rules]
   before_script:
@@ -132,13 +114,7 @@ fetch-fortify:
   rules:
     - !reference [.mirror-branch-csr-rules, rules]
 
-whitesource:
-  rules:
-    - !reference [.mirror-branch-csr-rules, rules]
-  before_script:
-    - export GOWORK=off
-
-blackduck:
+blackduck-rapid:
   rules:
     - !reference [.mirror-branch-csr-rules, rules]
 
diff --git a/CODEOWNERS b/CODEOWNERS
index 55c09c8..36e88ba 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -6,7 +6,6 @@
  # .csr-profile.json requires SPOC approval for any modifications
 .csr-profile.json @dfeldick @jcollins-axway @vivekschauhan
 renovate.json @dfeldick
-whitesource.config @dfeldick
 
 #[CICD]
 # cicd-related files
diff --git a/whitesource.config b/whitesource.config
deleted file mode 100644
index 3e83429..0000000
--- a/whitesource.config
+++ /dev/null
@@ -1,26 +0,0 @@
-###############################################################
-# WhiteSource Unified-Agent configuration file
-###############################################################
-
-# Change the below URL to your WhiteSource server.
-# Use the 'WhiteSource Server URL' which can be retrieved
-# from your 'Profile' page on the 'Server URLs' panel.
-# Then, add the '/agent' path to it.
-wss.url=https://axway.whitesourcesoftware.com/agent
-
-########################################
-# Package Manager Dependency resolvers #
-########################################
-resolveAllDependencies=false
-go.collectDependenciesAtRuntime=false
-go.resolveDependencies=false
-go.modules.resolveDependencies=true
-
-###########################################################################################
-# Includes/Excludes Glob patterns - Please use only one exclude line and one include line #
-###########################################################################################
-includes=**/*.go go.mod
-
-excludes=**/*_test.go
-
-wss.url=https://axway.whitesourcesoftware.com/agent

From da4c750a7d0bbfaa2104c76d6e00927cc7334fa9 Mon Sep 17 00:00:00 2001
From: dfeldick <dfeldick@axway.com>
Date: Thu, 4 Jan 2024 09:24:14 -0700
Subject: [PATCH 2/2] APIGOV-26840 - csr5

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 849e42a..1f64e56 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,7 +27,7 @@ include:
       - "/gitlabci/restrictions.yml"
       - "/gitlabci/jobs.yml"
   - project: 'scurity/gitlabci'
-    ref: $SCURITY_V2
+    ref: $SCURITY_LATEST
     file:
       - '/.gitlab-ci-fortify.yml'
       - "/.gitlab-ci-twistlock.yml"