-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
26 changed files
with
302 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,19 @@ | ||
This action packages application source code to be scanned using [ScanCentral Client]({{var:sc-client-doc-base-url}}#A_Clients.htm). | ||
This action packages application source code using [ScanCentral Client]({{var:sc-client-doc-base-url}}#A_Clients.htm). The output package is saved as `package.zip`. | ||
|
||
### Action environment variable inputs | ||
|
||
{{include:env-package.md}} | ||
{{include:env-package.md}} | ||
|
||
### Sample usage | ||
|
||
The sample workflow below demonstrates how to configure the action for running a SAST scan on FoD. | ||
|
||
```yaml | ||
steps: | ||
- name: Check out source code | ||
uses: actions/checkout@v4 | ||
- name: Package source code | ||
uses: fortify/github-action/package@{{var:action-major-version}} | ||
env: | ||
{{include:nocomments.env-package-sample.md}} | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
**`FOD_URL`** | ||
Required: Fortify on Demand URL, for example https://ams.fortify.com | ||
|
||
**`FOD_CLIENT_ID` & `FOD_CLIENT_SECRET`** | ||
Required when authenticating with an API key: FoD Client ID (API key) and Secret (API secret) | ||
|
||
**`FOD_TENANT`, `FOD_USER` & `FOD_PASSWORD`** | ||
Required when authenticating with user credentials: FoD tenant, user and password. It's recommended to use a Personal Access Token instead of an actual user password. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,4 @@ | ||
**`FOD_URL`** | ||
Required: Fortify on Demand URL, for example https://ams.fortify.com | ||
|
||
**`FOD_CLIENT_ID` & `FOD_CLIENT_SECRET`** | ||
Required when authenticating with an API key: FoD Client ID (API key) and Secret (API secret) | ||
|
||
**`FOD_TENANT`, `FOD_USER` & `FOD_PASSWORD`** | ||
Required when authenticating with user credentials: FoD tenant, user and password. It's recommended to use a Personal Access Token instead of an actual user password. | ||
{{include:env-fod-connection.md}} | ||
|
||
**`EXTRA_FOD_LOGIN_OPTS`** | ||
Optional: Extra FoD login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli fod session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-fod-session-login.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
FOD_URL: https://ams.fortify.com | ||
FOD_TENANT: ${{secrets.FOD_TENANT}} | ||
FOD_USER: ${{secrets.FOD_USER}} | ||
FOD_PASSWORD: ${{secrets.FOD_PAT}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
{{include:nocomments.env-fod-connection-sample.md}} | ||
EXTRA_FOD_LOGIN_OPTS: --socket-timeout=60s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
EXTRA_PACKAGE_OPTS: -oss -bt gradle |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
FOD_RELEASE: MyApp:MyRelease |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
{{include:nocomments.env-fod-login-sample.md}} | ||
{{include:nocomments.env-fod-release-sample.md}} | ||
{{include:nocomments.env-fod-package-sample.md}} | ||
# DO_WAIT: true # Ignored due to DO_EXPORT below | ||
DO_EXPORT: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
EXTRA_PACKAGE_OPTS: -bt mvn |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
{{include:nocomments.env-ssc-connection-sample.md}} | ||
SC_SAST_CLIENT_AUTH_TOKEN: ${{secrets.CLIENT_AUTH_TOKEN}} | ||
EXTRA_SC_SAST_LOGIN_OPTS: --socket-timeout=60s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
{{include:nocomments.env-sc-sast-login-sample.md}} | ||
{{include:nocomments.env-ssc-appversion-sample.md}} | ||
{{include:nocomments.env-package-sample.md}} | ||
# DO_WAIT: true # Ignored due to DO_EXPORT below | ||
DO_EXPORT: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
SSC_APPVERSION: MyApp:MyVersion |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
SSC_URL: ${{secrets.SSC_URL}} | ||
SSC_TOKEN: ${{secrets.SSC_TOKEN}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.