From 505ec85e5bf882c6358bc7b3b78222cee504dfb1 Mon Sep 17 00:00:00 2001
From: "jit-ci-bandit[bot]"
 <96723746+jit-ci-bandit[bot]@users.noreply.github.com>
Date: Sun, 31 Dec 2023 18:16:20 +0000
Subject: [PATCH] Sync with plan

---
 .github/workflows/jit-security.yml | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/jit-security.yml b/.github/workflows/jit-security.yml
index 77ec3ea..fa27c08 100644
--- a/.github/workflows/jit-security.yml
+++ b/.github/workflows/jit-security.yml
@@ -1,5 +1,6 @@
 name: Workflows generated by the MVS plan
-'on':
+run-name: ${{fromJSON(github.event.inputs.client_payload).payload.job_title}}
+on:
   workflow_dispatch:
     inputs:
        client_payload:
@@ -12,22 +13,23 @@ permissions:
 
 jobs:
   enrich:
-    if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'enrich'
+    if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'enrich' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-enrichment-code'
     runs-on: ubuntu-20.04
     timeout-minutes: 20
     steps:
     - name: enrichment
       uses: jitsecurity-controls/jit-github-action@v4.0.6
       with:
-        security_control: registry.jit.io/control-enrichment-slim:latest
-
-  secret-detection:
-    if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'secret-detection'
+        security_control: registry.jit.io/control-enrichment-slim:main
+        
+  software-bill-of-materials:
+    if: fromJSON(github.event.inputs.client_payload).payload.workflow_job_name == 'software-bill-of-materials' && fromJSON(github.event.inputs.client_payload).payload.workflow_slug == 'workflow-sbom'
     runs-on: ubuntu-20.04
     timeout-minutes: 20
     steps:
-    - name: gitleaks
+    - name: syft-alpine:not-hardened
       uses: jitsecurity-controls/jit-github-action@v4.0.6
       with:
-        security_control: registry.jit.io/control-gitleaks-alpine:latest
-        security_control_output_file: /tmp/report.json
\ No newline at end of file
+        security_control: registry.jit.io/control-syft-alpine:not-hardened-main
+        fail_if_cannot_checkout: false
+        
\ No newline at end of file