From b8107c3749205cd8e6b6044960b3671f3c9e3bb3 Mon Sep 17 00:00:00 2001
From: Edgar Ezequiel Gonzalez Rodriguez <edgaregonzalez@gmail.com>
Date: Tue, 17 Sep 2024 20:21:28 -0300
Subject: [PATCH 1/4] Integracion con sonarqube

---
 .github/workflows/build.yml | 27 +++++++++++++++++++++++++++
 sonar-project.properties    |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 .github/workflows/build.yml
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..1268e15
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,27 @@
+name: Build
+
+on:
+  push:
+    branches:
+      - main
+
+
+jobs:
+  build:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+    
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+      # If you wish to fail your job when the Quality Gate is red, uncomment the
+      # following lines. This would typically be used to fail a deployment.
+      # - uses: sonarsource/sonarqube-quality-gate-action@master
+      #   timeout-minutes: 5
+      #   env:
+      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
\ No newline at end of file
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000..b73e79f
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1 @@
+sonar.projectKey=educacionit
\ No newline at end of file

From 6ac0e92d2d69051f59cedd928cdc19d6678a059c Mon Sep 17 00:00:00 2001
From: Edgar Ezequiel Gonzalez Rodriguez <edgaregonzalez@gmail.com>
Date: Tue, 17 Sep 2024 20:26:27 -0300
Subject: [PATCH 2/4] Test scanner

---
 index.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/index.js b/index.js
index d40dc08..bfac64e 100644
--- a/index.js
+++ b/index.js
@@ -3,6 +3,8 @@ const app = express();
 
 app.get('/', (req, res) => {
     res.json({ message: 'Hello, world!' });
+    res.json({ message: 'Hello, world!' });
+    res.json({ message: 'Hello, world!' });
 });
 
 const port = process.env.PORT || 3000;

From c6e1fbdfa64e1d1a4c669cea40d52ffe51d31ef7 Mon Sep 17 00:00:00 2001
From: Edgar Ezequiel Gonzalez Rodriguez <edgaregonzalez@gmail.com>
Date: Tue, 17 Sep 2024 21:03:08 -0300
Subject: [PATCH 3/4] Test password

---
 index.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index bfac64e..0e499ce 100644
--- a/index.js
+++ b/index.js
@@ -2,7 +2,8 @@ const express = require('express');
 const app = express();
 
 app.get('/', (req, res) => {
-    res.json({ message: 'Hello, world!' });
+    const password = "123456456Abc";
+    res.json({ message: `${password }`});
     res.json({ message: 'Hello, world!' });
     res.json({ message: 'Hello, world!' });
 });

From d4184a08f0144036fc34abe1c61c0b10caed5341 Mon Sep 17 00:00:00 2001
From: Edgar Ezequiel Gonzalez Rodriguez <edgaregonzalez@gmail.com>
Date: Tue, 17 Sep 2024 21:11:25 -0300
Subject: [PATCH 4/4] remove vulnerable creds

---
 index.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/index.js b/index.js
index 0e499ce..bfac64e 100644
--- a/index.js
+++ b/index.js
@@ -2,8 +2,7 @@ const express = require('express');
 const app = express();
 
 app.get('/', (req, res) => {
-    const password = "123456456Abc";
-    res.json({ message: `${password }`});
+    res.json({ message: 'Hello, world!' });
     res.json({ message: 'Hello, world!' });
     res.json({ message: 'Hello, world!' });
 });