From 2c401340707bab0a090aed8b92a0eb45dde76f60 Mon Sep 17 00:00:00 2001
From: Matheus Ribeiro Lima
 <57918064+matheusribeirozup@users.noreply.github.com>
Date: Fri, 6 Aug 2021 15:19:58 -0300
Subject: [PATCH] fix: horusec validation (#3)

Signed-off-by: Matheus Ribeiro <matheus.ribeiro@zup.com.br>
---
 .github/workflows/horusec-pr.yml | 34 ++++++++++++++++----------------
 horusec-config.json              |  8 ++++++++
 2 files changed, 25 insertions(+), 17 deletions(-)
 create mode 100644 horusec-config.json

diff --git a/.github/workflows/horusec-pr.yml b/.github/workflows/horusec-pr.yml
index 63b984e..75324ae 100644
--- a/.github/workflows/horusec-pr.yml
+++ b/.github/workflows/horusec-pr.yml
@@ -1,17 +1,17 @@
 #
-  # Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
-  #
-  # Licensed under the Apache License, Version 2.0 (the "License");
-  # you may not use this file except in compliance with the License.
-  # You may obtain a copy of the License at
-  #
-  #  http://www.apache.org/licenses/LICENSE-2.0
-  #
-  # Unless required by applicable law or agreed to in writing, software
-  # distributed under the License is distributed on an "AS IS" BASIS,
-  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  # See the License for the specific language governing permissions and
-  # limitations under the License.
+# Copyright 2020 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
 #
 
 name: Horusec Validation
@@ -29,7 +29,7 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v2
-        
+
       - name: Read secrets from AWS Secrets Manager into environment variables
         uses: abhilash1in/aws-secrets-manager-action@v1.0.1
         with:
@@ -39,10 +39,10 @@ jobs:
           secrets: |
               beagle/core/security
           parse-json: true
-          
+
       - name: Running Horusec
         env:
           HORUSEC_CLI_REPOSITORY_AUTHORIZATION: ${{ env.BEAGLE_CORE_SECURITY_HORUSEC_CLI_REPOSITORY_AUTHORIZATION }}
         run: |
-          curl -fsSL https://horusec.io/bin/install.sh | bash
-          horusec start -p ./ --ignore="**/sample/**,**/.gradle/**,**/Gemfile.lock" -a "$HORUSEC_CLI_REPOSITORY_AUTHORIZATION" -n "${GITHUB_REPOSITORY}_${GITHUB_REF##*/}" -e true -u "https://api-horusec.zup.com.br" -G true
+          curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/master/deployments/scripts/install.sh | bash -s latest
+          horusec start -p="./" -e="true"
diff --git a/horusec-config.json b/horusec-config.json
new file mode 100644
index 0000000..d8bce47
--- /dev/null
+++ b/horusec-config.json
@@ -0,0 +1,8 @@
+{
+    "horusecCliFilesOrPathsToIgnore": [
+        "**/sample/**",
+        "**/.gradle/**",
+        "**/Gemfile.lock",
+        "**/gradlew.bat"
+    ]
+}