diff --git a/CHANGELOG.md b/CHANGELOG.md index 6eb86e8..22675e4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Changelog +## [1.2.1](https://github.com/fortify/github-action/compare/v1.2.0...v1.2.1) (2024-03-05) + + +### Bug Fixes + +* Fix ScanCentral SAST documentation link to point to right version ([3b5cd8b](https://github.com/fortify/github-action/commit/3b5cd8bc279d25264d4afbc9a66f9b26144e68f9)) +* Update internal fcli version to honor GitHub proxy settings ([3b5cd8b](https://github.com/fortify/github-action/commit/3b5cd8bc279d25264d4afbc9a66f9b26144e68f9)) + ## [1.2.0](https://github.com/fortify/github-action/compare/v1.1.0...v1.2.0) (2024-02-05) diff --git a/action.yml b/action.yml index 8c2be30..0fd6921 100644 --- a/action.yml +++ b/action.yml @@ -9,9 +9,9 @@ inputs: runs: using: composite steps: - - uses: fortify/github-action/fod-sast-scan@main + - uses: fortify/github-action/fod-sast-scan@v1.2.1 if: inputs['sast-scan']=='true' && env.FOD_URL - - uses: fortify/github-action/sc-sast-scan@main + - uses: fortify/github-action/sc-sast-scan@v1.2.1 if: inputs['sast-scan']=='true' && env.SSC_URL branding: diff --git a/fod-export/action.yml b/fod-export/action.yml index 7a5c6c7..85bc272 100644 --- a/fod-export/action.yml +++ b/fod-export/action.yml @@ -4,8 +4,8 @@ author: 'Fortify' runs: using: composite steps: - - uses: fortify/github-action/internal/set-fod-var-defaults@main - - uses: fortify/github-action/setup@main + - uses: fortify/github-action/internal/set-fod-var-defaults@v1.2.1 + - uses: fortify/github-action/setup@v1.2.1 with: export-path: false vuln-exporter: action-default @@ -15,7 +15,7 @@ runs: *) echo '_RELEASE_OPT="--fod.release.id=${FOD_RELEASE}"' >> $GITHUB_ENV ;; esac shell: bash - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${VULN_EXPORTER_CMD}" FoDToGitHub "--fod.baseUrl=${FOD_URL}" "--fod.tenant=${FOD_TENANT}" "--fod.user=${FOD_USER}" "--fod.password=${FOD_PASSWORD}" "--fod.clientID=${FOD_CLIENT_ID}" "--fod.clientSecret=${FOD_CLIENT_SECRET}" "${_RELEASE_OPT}"' # Uploaded the generated file containing Fortify vulnerabilities to GitHub. diff --git a/fod-sast-scan/action.yml b/fod-sast-scan/action.yml index 8c8307a..f1a3e09 100644 --- a/fod-sast-scan/action.yml +++ b/fod-sast-scan/action.yml @@ -4,23 +4,23 @@ author: 'Fortify' runs: using: composite steps: - - uses: fortify/github-action/internal/set-fod-var-defaults@main - - uses: fortify/github-action/setup@main + - uses: fortify/github-action/internal/set-fod-var-defaults@v1.2.1 + - uses: fortify/github-action/setup@v1.2.1 with: export-path: false fcli: action-default - - uses: fortify/github-action/internal/fod-login@main - - uses: fortify/github-action/package@main - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/fod-login@v1.2.1 + - uses: fortify/github-action/package@v1.2.1 + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" fod sast-scan start --rel "${FOD_RELEASE}" -f package.zip --store fod_scan ${EXTRA_FOD_SAST_SCAN_OPTS}' - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 if: env.DO_WAIT == 'true' || env.DO_EXPORT == 'true' with: cmd: '"${FCLI_CMD}" fod sast-scan wait-for ::fod_scan::' - - uses: fortify/github-action/internal/fod-logout@main + - uses: fortify/github-action/internal/fod-logout@v1.2.1 - if: env.DO_EXPORT == 'true' - uses: fortify/github-action/fod-export@main + uses: fortify/github-action/fod-export@v1.2.1 branding: icon: 'shield' diff --git a/internal/fod-login/action.yml b/internal/fod-login/action.yml index ab8e0a8..7e87c88 100644 --- a/internal/fod-login/action.yml +++ b/internal/fod-login/action.yml @@ -18,7 +18,7 @@ runs: fi shell: bash # Run fcli login command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" fod session login ${_FOD_LOGIN_OPTS}' # Clean up temporary environment variables diff --git a/internal/fod-logout/action.yml b/internal/fod-logout/action.yml index 2b87059..7b46dfe 100644 --- a/internal/fod-logout/action.yml +++ b/internal/fod-logout/action.yml @@ -5,7 +5,7 @@ runs: using: composite steps: # Run fcli logout command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" fod session logout' branding: diff --git a/internal/sc-sast-login/action.yml b/internal/sc-sast-login/action.yml index f6b440e..17ffedf 100644 --- a/internal/sc-sast-login/action.yml +++ b/internal/sc-sast-login/action.yml @@ -21,7 +21,7 @@ runs: echo '_SC_SAST_LOGIN_OPTS=--ssc-url "${SSC_URL}" -t "${SSC_TOKEN}" -c "${SC_SAST_TOKEN}" ${EXTRA_SC_SAST_LOGIN_OPTS}' >> $GITHUB_ENV shell: bash # Run fcli login command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" sc-sast session login ${_SC_SAST_LOGIN_OPTS}' # Clean up temporary environment variables diff --git a/internal/sc-sast-logout/action.yml b/internal/sc-sast-logout/action.yml index 3121a6d..de2b91e 100644 --- a/internal/sc-sast-logout/action.yml +++ b/internal/sc-sast-logout/action.yml @@ -5,7 +5,7 @@ runs: using: composite steps: # Run fcli logout command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: # TODO If we add functionality for generating a CIToken in the sc-sast-login # action, we should clean it up here. diff --git a/internal/ssc-login/action.yml b/internal/ssc-login/action.yml index c1717ca..8de3a23 100644 --- a/internal/ssc-login/action.yml +++ b/internal/ssc-login/action.yml @@ -18,7 +18,7 @@ runs: fi shell: bash # Run fcli login command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" ssc session login ${_SSC_LOGIN_OPTS}' # Clean up temporary environment variables diff --git a/internal/ssc-logout/action.yml b/internal/ssc-logout/action.yml index fbd09ac..02efe2e 100644 --- a/internal/ssc-logout/action.yml +++ b/internal/ssc-logout/action.yml @@ -18,7 +18,7 @@ runs: fi shell: bash # Run fcli login command; note that the calling action/workflow is responsible for installing fcli - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" ssc session logout ${_SSC_LOGOUT_OPTS}' # Clean up temporary environment variables diff --git a/package/action.yml b/package/action.yml index 650c749..8519ece 100644 --- a/package/action.yml +++ b/package/action.yml @@ -4,11 +4,11 @@ author: 'Fortify' runs: using: composite steps: - - uses: fortify/github-action/setup@main + - uses: fortify/github-action/setup@v1.2.1 with: export-path: false sc-client: action-default - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${SC_CLIENT_CMD}" package ${EXTRA_PACKAGE_OPTS} -o package.zip' branding: diff --git a/sc-sast-scan/action.yml b/sc-sast-scan/action.yml index e2ff05b..947c9d3 100644 --- a/sc-sast-scan/action.yml +++ b/sc-sast-scan/action.yml @@ -4,22 +4,22 @@ author: 'Fortify' runs: using: composite steps: - - uses: fortify/github-action/setup@main + - uses: fortify/github-action/setup@v1.2.1 with: export-path: false fcli: action-default - - uses: fortify/github-action/internal/sc-sast-login@main - - uses: fortify/github-action/package@main - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/sc-sast-login@v1.2.1 + - uses: fortify/github-action/package@v1.2.1 + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${FCLI_CMD}" sc-sast scan start --publish-to "${SSC_APPVERSION}" -p package.zip -v "${SC_SAST_SENSOR_VERSION}" --store sc_sast_scan ${EXTRA_SC_SAST_SCAN_OPTS}' - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 if: env.DO_WAIT == 'true' || env.DO_EXPORT == 'true' with: cmd: '"${FCLI_CMD}" sc-sast scan wait-for ::sc_sast_scan::' - - uses: fortify/github-action/internal/sc-sast-logout@main + - uses: fortify/github-action/internal/sc-sast-logout@v1.2.1 - if: env.DO_EXPORT == 'true' - uses: fortify/github-action/ssc-export@main + uses: fortify/github-action/ssc-export@v1.2.1 branding: icon: 'shield' diff --git a/ssc-export/action.yml b/ssc-export/action.yml index 582ca39..4f3051c 100644 --- a/ssc-export/action.yml +++ b/ssc-export/action.yml @@ -4,7 +4,7 @@ author: 'Fortify' runs: using: composite steps: - - uses: fortify/github-action/setup@main + - uses: fortify/github-action/setup@v1.2.1 with: export-path: false vuln-exporter: action-default @@ -14,7 +14,7 @@ runs: *) echo '_APPVERSION_OPT="--ssc.version.id=${SSC_APPVERSION}"' >> $GITHUB_ENV ;; esac shell: bash - - uses: fortify/github-action/internal/run@main + - uses: fortify/github-action/internal/run@v1.2.1 with: cmd: '"${VULN_EXPORTER_CMD}" SSCToGitHub "--ssc.baseUrl=${SSC_URL}" "--ssc.user=${SSC_USER}" "--ssc.password=${SSC_PASSWORD}" "--ssc.authToken=${SSC_TOKEN}" "${_APPVERSION_OPT}"' - run: | diff --git a/version.txt b/version.txt index 26aaba0..6085e94 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -1.2.0 +1.2.1