chore: Fix *-export actions

fortify · Sep 26, 2023 · bc87b47 · bc87b47
1 parent a508e68
commit bc87b47
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 15 deletions.
diff --git a/fod-export/action.yml b/fod-export/action.yml
@@ -9,16 +9,14 @@ runs:
         export-path: false
         vuln-exporter: action-default
     - run: |
-        if [[ ${FOD_RELEASE} == ?(-)+([0-9]) ]]; then
-          RELEASE_OPT="--fod.release.id=${FOD_RELEASE}"
-        else
-          RELEASE_OPT="--fod.release.name=${FOD_RELEASE}"
-        fi
-        "${VULN_EXPORTER_CMD}" FoDToGitHub "--fod.baseUrl=${FOD_URL}" \
-          "--fod.tenant=${FOD_TENANT}" "--fod.user=${FOD_USER}" "--fod.password=${FOD_PASSWORD}" \
-          "--fod.clientID=${FOD_CLIENT_ID}" "--fod.clientSecret=${FOD_CLIENT_SECRET}" \
-          "${RELEASE_OPT}"
+        case ${FOD_RELEASE} in
+          ''|*[!0-9]*) echo '_RELEASE_OPT="--ssc.version.id=${FOD_RELEASE}"' >> $GITHUB_ENV ;;
+          *) echo '_RELEASE_OPT="--ssc.version.name=${FOD_RELEASE}"' >> $GITHUB_ENV ;;
+        esac
       shell: bash
+    - uses: fortify-ps/github-action/run@main
+      with:
+        cmd: '"${VULN_EXPORTER_CMD}" FoDToGitHub "--fod.baseUrl=${FOD_URL}" "--fod.tenant=${FOD_TENANT}" "--fod.user=${FOD_USER}" "--fod.password=${FOD_PASSWORD}" "--fod.clientID=${FOD_CLIENT_ID}" "--fod.clientSecret=${FOD_CLIENT_SECRET}" "${_RELEASE_OPT}"'
     # Uploaded the generated file containing Fortify vulnerabilities to GitHub.
     - uses: github/codeql-action/upload-sarif@v2
       with:

diff --git a/ssc-export/action.yml b/ssc-export/action.yml
@@ -10,14 +10,14 @@ runs:
         vuln-exporter: action-default
     - run: |
         case ${SSC_APPVERSION} in
-          ''|*[!0-9]*) _APPVERSION_OPT="--ssc.version.id=${SSC_APPVERSION}" ;;
-          *) _APPVERSION_OPT="--ssc.version.name=${SSC_APPVERSION}" ;;
+          ''|*[!0-9]*) echo '_APPVERSION_OPT="--ssc.version.id=${SSC_APPVERSION}"' >> $GITHUB_ENV ;;
+          *) echo '_APPVERSION_OPT="--ssc.version.name=${SSC_APPVERSION}"' >> $GITHUB_ENV ;;
         esac
-        "${VULN_EXPORTER_CMD}" SSCToGitHub "--ssc.baseUrl=${SSC_URL}" \
-          "--ssc.user=${SSC_USER}" "--ssc.password=${SSC_PASSWORD}" \
-          "--ssc.authToken=${SSC_TOKEN}" \
-          "${_APPVERSION_OPT}"
       shell: bash
+    - uses: fortify-ps/github-action/run@main
+      with:
+        cmd: '"${VULN_EXPORTER_CMD}" SSCToGitHub "--ssc.baseUrl=${SSC_URL}" "--ssc.user=${SSC_USER}" "--ssc.password=${SSC_PASSWORD}" "--ssc.authToken=${SSC_TOKEN}" "${_APPVERSION_OPT}"'
+
     # Uploaded the generated file containing Fortify vulnerabilities to GitHub.
     - uses: github/codeql-action/upload-sarif@v2
       with: