diff --git a/fcli-core/fcli-common/src/main/java/com/fortify/cli/common/action/model/AbstractActionStepUpdateProperty.java b/fcli-core/fcli-common/src/main/java/com/fortify/cli/common/action/model/AbstractActionStepUpdateProperty.java index 5de51186c5..709e318404 100644 --- a/fcli-core/fcli-common/src/main/java/com/fortify/cli/common/action/model/AbstractActionStepUpdateProperty.java +++ b/fcli-core/fcli-common/src/main/java/com/fortify/cli/common/action/model/AbstractActionStepUpdateProperty.java @@ -34,7 +34,7 @@ public abstract class AbstractActionStepUpdateProperty extends AbstractActionSte @JsonProperty(required = false) private TemplateExpression value; @JsonPropertyDescription("Required if 'value' is not specified: Name of a value template to be evaluated, assigning or appending the outcome of the value template to the given set/append name.") - @JsonProperty(required = true) private String valueTemplate; + @JsonProperty(required = false) private String valueTemplate; public final void postLoad(Action action) { Action.checkNotBlank("set name", name, this); diff --git a/fcli-core/fcli-common/src/main/resources/com/fortify/cli/common/actions/zip/__sample__.yaml b/fcli-core/fcli-common/src/main/resources/com/fortify/cli/common/actions/zip/__sample__.yaml index ed06332014..5f91d1c5c1 100644 --- a/fcli-core/fcli-common/src/main/resources/com/fortify/cli/common/actions/zip/__sample__.yaml +++ b/fcli-core/fcli-common/src/main/resources/com/fortify/cli/common/actions/zip/__sample__.yaml @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # This action documents action syntax through comments for the various sections and # elements below. Many action properties accept Spring Expression Language (SpEL) # template expressions, combining regular text with SpEL expressions embedded between ${ and }. @@ -7,7 +13,6 @@ # This section defines action usage information, consisting of a usage header (shown # by the 'list' and 'help' commands) and a more detailed description (shown by the # 'help' command). -schemaVersion: '1.0' usage: header: Sample Action diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/bitbucket-sast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/bitbucket-sast-report.yaml index e77af25910..12ca671c71 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/bitbucket-sast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/bitbucket-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a BitBucket Code Insights report listing FoD SAST vulnerabilities. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/check-policy.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/check-policy.yaml index 6b96d68687..0fe1ba494a 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/check-policy.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/check-policy.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: (SAMPLE) Check security policy. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml index 42413eb3a8..9dbbb5d732 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-pr-comment.yaml @@ -1,8 +1,13 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, this template uses latest release state to generate PR decorations. # See corresponding .bak file is SSC module for an example of how to better # implement this, once FoD supports retrieving new/re-introduced/removed isses # for a particular scan id/PR number/commit id. -schemaVersion: '1.0' usage: header: (PREVIEW) Add GitHub Pull Request review comments. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-sast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-sast-report.yaml index 0f69a60109..5d11634276 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-sast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/github-sast-report.yaml @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, github-sast-report and sarif-sast-report actions are exactly the same, apart from the # following: # - Different usage information @@ -12,8 +18,6 @@ # when updating one, the other should also be updated. and ideally we should have functional tests # that compare the outputs of both actions. -schemaVersion: '1.0' - usage: header: Generate a GitHub Code Scanning report listing FoD SAST vulnerabilities. description: | diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-dast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-dast-report.yaml index 654e06b9f7..12bc91ee97 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-dast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-dast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab DAST report listing FoD DAST vulnerabilities. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-sast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-sast-report.yaml index aae9b67b3a..44c3e2d6be 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-sast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/gitlab-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab SAST report listing FoD SAST vulnerabilities. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml index e0c7c0ef6d..8a3b0b3d52 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/release-summary.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: (PREVIEW) Generate release summary. diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sarif-sast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sarif-sast-report.yaml index 8d7a4a45eb..f603324d46 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sarif-sast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sarif-sast-report.yaml @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, github-sast-report and sarif-sast-report actions are exactly the same, apart from the # following: # - Different usage information @@ -12,8 +18,6 @@ # when updating one, the other should also be updated. and ideally we should have functional tests # that compare the outputs of both actions. -schemaVersion: '1.0' - usage: header: Generate SARIF report listing SSC SAST vulnerabilities. description: | diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sonarqube-sast-report.yaml b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sonarqube-sast-report.yaml index 90cc9d1dee..596ad633ae 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sonarqube-sast-report.yaml +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/actions/zip/sonarqube-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a SonarQube External Issues report listing FoD SAST vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml index 9a250c6a0b..f1e785989d 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/appversion-summary.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: (PREVIEW) Generate application version summary. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml index c85b2245a4..e292e7e12d 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/bitbucket-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a BitBucket Code Insights report listing SSC SAST vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/check-policy.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/check-policy.yaml index ad553e461a..f310f53a0c 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/check-policy.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/check-policy.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: (SAMPLE) Check security policy. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml index 90985c69af..0c09bd37e5 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml @@ -1,7 +1,12 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, this template uses latest application state to generate PR decorations. # See corresponding .bak file for a better but incomplete (due to SSC limitations) # implementation based on artifact id. -schemaVersion: '1.0' usage: header: (PREVIEW) Add GitHub Pull Request review comments. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml.bak b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml.bak index 3ff8042f3b..2fd214cb73 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml.bak +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-pr-comment.yaml.bak @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # This template would ideally get the list of new, removed and re-introduced issues # based on a given artifact id/scan id/commit# (in scan label)/pr# (in scan label). # However, although current implementation works for new and removed issues by matching @@ -8,7 +14,6 @@ # As such, for now we provide a separate template that's based on current application # state, rather than trying to identify issues for a particular scan. Based on the # '.bak' extension of this file, it won't be included in fcli artifacts. -schemaVersion: '1.0' usage: header: Generate GitHub Pull Request decoration. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-sast-report.yaml index 637341486c..628c520e42 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-sast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/github-sast-report.yaml @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, github-sast-report and sarif-sast-report actions are exactly the same, apart from the # following: # - Different usage information @@ -12,8 +18,6 @@ # when updating one, the other should also be updated. and ideally we should have functional tests # that compare the outputs of both actions. -schemaVersion: '1.0' - usage: header: Generate a GitHub Code Scanning report listing SSC SAST vulnerabilities. description: | diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-dast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-dast-report.yaml index ba4fc6a276..92aeb8899d 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-dast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-dast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab DAST report listing SSC DAST vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-debricked-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-debricked-report.yaml index 54eb729b73..7b81ed3479 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-debricked-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-debricked-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab Dependency Scanning report listing SSC Debricked vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sast-report.yaml index de96986254..27645db3d8 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab SAST report listing SSC SAST vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sonatype-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sonatype-report.yaml index 3fad841f94..6fec6a4d41 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sonatype-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/gitlab-sonatype-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a GitLab Dependency Scanning report listing SSC Sonatype vulnerabilities. diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sarif-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sarif-sast-report.yaml index c5f29324e4..366627cc10 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sarif-sast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sarif-sast-report.yaml @@ -1,3 +1,9 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json +schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. + # For now, github-sast-report and sarif-sast-report actions are exactly the same, apart from the # following: # - Different usage information @@ -12,8 +18,6 @@ # when updating one, the other should also be updated. and ideally we should have functional tests # that compare the outputs of both actions. -schemaVersion: '1.0' - usage: header: Generate SARIF report listing SSC SAST vulnerabilities. description: | diff --git a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sonarqube-sast-report.yaml b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sonarqube-sast-report.yaml index 0340b5d647..81ea2cf56c 100644 --- a/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sonarqube-sast-report.yaml +++ b/fcli-core/fcli-ssc/src/main/resources/com/fortify/cli/ssc/actions/zip/sonarqube-sast-report.yaml @@ -1,4 +1,8 @@ +# yaml-language-server: $schema=https://fortify.github.io/fcli/schemas/action/fcli-action-schema-1.0.json schemaVersion: '1.0' +# The yaml-language-server line above tells most IDE's & YAML editors where to find +# the fcli action schema for validation & code completion. Please make sure that the +# referenced schema name matches the schemaVersion property above. usage: header: Generate a SonarQube External Issues report listing SSC SAST vulnerabilities. diff --git a/fcli-other/fcli-doc/src/main/java/com/fortify/cli/common/action/schema/generator/GenerateActionSchema.java b/fcli-other/fcli-doc/src/main/java/com/fortify/cli/common/action/schema/generator/GenerateActionSchema.java index 3a2b29c306..1df1013002 100644 --- a/fcli-other/fcli-doc/src/main/java/com/fortify/cli/common/action/schema/generator/GenerateActionSchema.java +++ b/fcli-other/fcli-doc/src/main/java/com/fortify/cli/common/action/schema/generator/GenerateActionSchema.java @@ -14,18 +14,27 @@ import java.nio.file.Files; import java.nio.file.Path; +import java.nio.file.StandardOpenOption; +import java.util.List; +import java.util.stream.Collectors; +import java.util.stream.Stream; +import com.fasterxml.classmate.ResolvedType; import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.node.ObjectNode; +import com.fasterxml.jackson.databind.node.TextNode; import com.fortify.cli.common.action.model.Action; import com.fortify.cli.common.action.model.SupportedSchemaVersion; import com.fortify.cli.common.spring.expression.wrapper.SimpleExpression; import com.fortify.cli.common.spring.expression.wrapper.TemplateExpression; import com.github.victools.jsonschema.generator.Option; import com.github.victools.jsonschema.generator.OptionPreset; +import com.github.victools.jsonschema.generator.SchemaGenerationContext; import com.github.victools.jsonschema.generator.SchemaGenerator; import com.github.victools.jsonschema.generator.SchemaGeneratorConfig; import com.github.victools.jsonschema.generator.SchemaGeneratorConfigBuilder; import com.github.victools.jsonschema.generator.SchemaVersion; +import com.github.victools.jsonschema.generator.SubtypeResolver; import com.github.victools.jsonschema.generator.impl.module.SimpleTypeModule; import com.github.victools.jsonschema.module.jackson.JacksonModule; import com.github.victools.jsonschema.module.jackson.JacksonOption; @@ -36,6 +45,14 @@ public static void main(String[] args) throws Exception { var outputPath = Path.of(args[0]); SchemaGeneratorConfigBuilder configBuilder = new SchemaGeneratorConfigBuilder(SchemaVersion.DRAFT_2020_12, OptionPreset.PLAIN_JSON); JacksonModule jacksonModule = new JacksonModule(JacksonOption.RESPECT_JSONPROPERTY_REQUIRED, JacksonOption.FLATTENED_ENUMS_FROM_JSONPROPERTY); + //configBuilder.forTypesInGeneral().withSubtypeResolver(new JsonNodeSubTypeResolver()); + /* + configBuilder.forTypesInGeneral().withCustomDefinitionProvider((javaType, context) -> + context.createDefinition(javaType) + .set("type", JsonHelper.getObjectMapper().createArrayNode() + .add("object").add("string")) + ); + */ SchemaGeneratorConfig config = configBuilder .with(jacksonModule) .with(Option.EXTRA_OPEN_API_FORMAT_VALUES) @@ -48,7 +65,23 @@ public static void main(String[] args) throws Exception { SchemaGenerator generator = new SchemaGenerator(config); JsonNode jsonSchema = generator.generateSchema(Action.class); Files.createDirectories(outputPath); - Files.writeString(outputPath.resolve(String.format("fcli-action-schema-%s.json", SupportedSchemaVersion.current.toString())), jsonSchema.toPrettyString()); - System.out.println(jsonSchema.toPrettyString()); + var outputFile = outputPath.resolve(String.format("fcli-action-schema-%s.json", SupportedSchemaVersion.current.toString())); + Files.writeString(outputFile, jsonSchema.toPrettyString(), StandardOpenOption.CREATE, StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING); + System.out.println("Fortify CLI action schema written to "+outputFile.toString()); } + /* + private static final class JsonNodeSubTypeResolver implements SubtypeResolver { + @Override + public List findSubtypes(ResolvedType declaredType, SchemaGenerationContext context) { + if ( declaredType.isInstanceOf(JsonNode.class) ) { + var typeContext = context.getTypeContext(); + return Stream.of(ObjectNode.class, TextNode.class) + .map(c->typeContext.resolveSubtype(declaredType, c)) + .collect(Collectors.toList()); + } + return null; + } + + } + */ }