diff --git a/fcli-core/fcli-app/src/main/java/com/fortify/cli/app/runner/util/FortifyCLIStaticInitializer.java b/fcli-core/fcli-app/src/main/java/com/fortify/cli/app/runner/util/FortifyCLIStaticInitializer.java index 4ce141ba18..5368326623 100644 --- a/fcli-core/fcli-app/src/main/java/com/fortify/cli/app/runner/util/FortifyCLIStaticInitializer.java +++ b/fcli-core/fcli-app/src/main/java/com/fortify/cli/app/runner/util/FortifyCLIStaticInitializer.java @@ -22,6 +22,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import com.fortify.cli.common.action.helper.ActionSchemaVersionHelper; import com.fortify.cli.common.http.ssl.truststore.helper.TrustStoreConfigDescriptor; import com.fortify.cli.common.http.ssl.truststore.helper.TrustStoreConfigHelper; import com.fortify.cli.common.i18n.helper.LanguageHelper; @@ -83,7 +84,7 @@ private void initializeSSCProperties() { } private void initializeActionProperties() { - System.setProperty("fcli.action.supportedSchemaVersions", "TODO"); + System.setProperty("fcli.action.supportedSchemaVersions", ActionSchemaVersionHelper.getSupportedSchemaVersions().stream().collect(Collectors.joining(", "))); } private void initializeTrustStore() { diff --git a/fcli-other/fcli-doc/src/docs/asciidoc/versioned/index.adoc b/fcli-other/fcli-doc/src/docs/asciidoc/versioned/index.adoc index 65a48a855c..767ecfb986 100644 --- a/fcli-other/fcli-doc/src/docs/asciidoc/versioned/index.adoc +++ b/fcli-other/fcli-doc/src/docs/asciidoc/versioned/index.adoc @@ -470,11 +470,11 @@ Note: variable-related syntax and behavior was changed in fcli version 2.0.0. If == Actions -Various fcli modules support managing and running multi-purpose actions through the `fcli action *` commands. For now, actions are supported for FoD and SSC modules, but we can easily add support on ScanCentral SAST & DAST modules if there's any demand. Actions are defined in action YAML files that describe action parameters and steps to be executed. These steps currently focus on executing and processing series of REST requests against FoD, SSC, or third-party systems. Future versions may provide additional functionality, like additional processing logic, or running a workflow of fcli commands. +Various fcli modules support managing and running multi-purpose actions through the `fcli action *` commands. For now, actions are supported for FoD and SSC modules, but we can easily add support on ScanCentral SAST & DAST modules if there's any demand. Actions are defined in action YAML files that describe action parameters and steps to be executed. These steps currently focus on executing and processing series of REST requests or fcli commands against FoD, SSC, or third-party systems. Future versions may provide additional functionality, like additional processing logic or the ability to run sequences of fcli and other commands. Fcli ships with many built-in actions but custom actions are also supported. For now, custom actions are considered `PREVIEW` functionality, primarily because action YAML syntax may change between fcli versions, i.e., an action that successfully runs on fcli 2.4.0 may fail to run on fcli 2.5.0, or vice versa. We plan on stabilizing the action YAML syntax over the next couple of fcli releases, and also implement proper version checks to prevent older fcli versions from attempting to run action YAML files designed for newer fcli versions. -The `+fcli action get __sample__+` command outputs sample action YAML contents, listing all supported action YAML elements together with a description. Of course, if you want to modify the behavior or output of any of the built-in actions, you can use the same `get` command to view action YAML contents and customize as needed. +The `+fcli action get __sample__+` command outputs sample action YAML contents, listing many of the supported action YAML elements together with a description. Of course, if you want to modify the behavior or output of any of the built-in actions, you can use the same `get` command to view action YAML contents and customize as needed. Current built-in actions mostly focus on providing vulnerability export capabilities similar to link:https://github.com/fortify/FortifyVulnerabilityExporter[FortifyVulnerabilityExporter], allowing us to eventually deprecate FortifyVulnerabilityExporter. Fcli also provides some new actions though, for example for generating GitHub Pull Request decorations. Over time, we'll be adding more built-in actions.