-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: Update docs, add internal action
- Loading branch information
Showing
26 changed files
with
261 additions
and
207 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,8 @@ | ||
**`FOD_URL`** | ||
Required: Fortify on Demand URL, for example https://ams.fortify.com | ||
**`FOD_URL`** - REQUIRED | ||
(REQUIRED) Fortify on Demand URL, for example https://ams.fortify.com | ||
|
||
**`FOD_CLIENT_ID` & `FOD_CLIENT_SECRET`** | ||
**`FOD_CLIENT_ID` & `FOD_CLIENT_SECRET`** - REQUIRED* | ||
Required when authenticating with an API key: FoD Client ID (API key) and Secret (API secret) | ||
|
||
**`FOD_TENANT`, `FOD_USER` & `FOD_PASSWORD`** | ||
**`FOD_TENANT`, `FOD_USER` & `FOD_PASSWORD`** - REQUIRED* | ||
Required when authenticating with user credentials: FoD tenant, user and password. It's recommended to use a Personal Access Token instead of an actual user password. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
{{include:env-fod-connection.md}} | ||
|
||
**`EXTRA_FOD_LOGIN_OPTS`** | ||
Optional: Extra FoD login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli fod session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-fod-session-login.html) | ||
**`EXTRA_FOD_LOGIN_OPTS`** - OPTIONAL | ||
Extra FoD login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli fod session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-fod-session-login.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
**`FOD_RELEASE`** | ||
Required: Fortify on Demand release to use with this action. This can be specified either as a numeric release id, `<app>:<release>` (for non-microservices applications) or `<app>:<microservice>:<release>` (for microservices applications). | ||
**`FOD_RELEASE`** - OPTIONAL | ||
Fortify on Demand release to use with this action. This can be specified either as a numeric release id, `<app-name>:<release-name>` (for non-microservices applications) or `<app-name>:<microservice-name>:<release-name>` (for microservices applications). Default value is [`${{ github.action_repository }}:${{ github.action_ref }}`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context), for example `myOrg/myRepo:myBranch`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
**`EXTRA_PACKAGE_OPTS`** | ||
Optional: By default, this action runs `scancentral package -o package.zip`. The `EXTRA_PACKAGE_OPTS` environment variable can be used to specify additional packaging options like `-bt none` to disable automatic build tool detection, or `-oss` to collect additional files for an open-source scan (FoD only). | ||
**`EXTRA_PACKAGE_OPTS`** - OPTIONAL | ||
By default, this action runs `scancentral package -o package.zip`. The `EXTRA_PACKAGE_OPTS` environment variable can be used to specify additional packaging options like `-oss` to collect additional files for an open-source scan (FoD only). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
{{include:env-ssc-connection.md}} | ||
|
||
**`SC_SAST_CLIENT_AUTH_TOKEN`** | ||
**`SC_SAST_CLIENT_AUTH_TOKEN`** - REQUIRED | ||
Required: ScanCentral SAST Client Authentication Token for authenticating with ScanCentral SAST Controller. | ||
|
||
**`EXTRA_SC_SAST_LOGIN_OPTS`** | ||
Optional: Extra ScanCentral SAST login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli sc-sast session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-sc-sast-session-login.html). | ||
**`EXTRA_SC_SAST_LOGIN_OPTS`** - OPTIONAL | ||
Extra ScanCentral SAST login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli sc-sast session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-sc-sast-session-login.html). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
**`SSC_APPVERSION`** | ||
Required: Fortify SSC application version to use with this action. This can be specified either as a numeric application version id, or by providing application and version name in the format `<app>:<release>`. | ||
**`SSC_APPVERSION`** - OPTIONAL | ||
Fortify SSC application version to use with this action. This can be specified either as a numeric application version id, or by providing application and version name in the format `<app-name>:<version-name>`. Default value is [`${{ github.action_repository }}:${{ github.action_ref }}`](https://docs.github.com/en/actions/learn-github-actions/contexts#github-context), for example `myOrg/myRepo:myBranch`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,8 @@ | ||
**`SSC_URL`** | ||
(Required) Fortify Software Security Center URL, for example https://ssc.customer.fortifyhosted.net/ | ||
**`SSC_URL`** - REQUIRED | ||
Fortify Software Security Center URL, for example https://ssc.customer.fortifyhosted.net/ | ||
|
||
**`SSC_TOKEN`** | ||
**`SSC_TOKEN`** - REQUIRED* | ||
Required when authenticating with an SSC token (recommended). Most actions should work fine with a `CIToken`. | ||
|
||
**`SSC_USER` & `SSC_PASSWORD`** | ||
**`SSC_USER` & `SSC_PASSWORD`** - REQUIRED* | ||
Required when authenticating with user credentials. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
{{include:env-ssc-connection.md}} | ||
|
||
**`EXTRA_SSC_LOGIN_OPTS`** | ||
Optional: Extra SSC login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli ssc session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-ssc-session-login.html). | ||
**`EXTRA_SSC_LOGIN_OPTS`** - OPTIONAL | ||
Extra SSC login options, for example for disabling SSL checks or changing connection time-outs; see [`fcli ssc session login` documentation]({{var:fcli-doc-base-url}}/manpage/fcli-ssc-session-login.html). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
**`DO_WAIT`** - OPTIONAL | ||
By default, this action will not wait until the scan has been completed. To have the workflow wait until the scan has been completed, set the `DO_WAIT` environment variable to `true`. Note that `DO_WAIT` is implied if `DO_EXPORT` is set to `true`; see below. | ||
|
||
**`DO_EXPORT`** - OPTIONAL | ||
If set to `true`, this action will export scan results to the GitHub Security Code Scanning dashboard. Note that this may require a [GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security) subscription, unless you're running this action on a public github.com repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
{{include:nocomments.env-fod-connection-sample.md}} | ||
EXTRA_FOD_LOGIN_OPTS: --socket-timeout=60s | ||
# EXTRA_FOD_LOGIN_OPTS: --socket-timeout=60s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
EXTRA_PACKAGE_OPTS: -oss -bt gradle | ||
# EXTRA_PACKAGE_OPTS: -oss |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
FOD_RELEASE: MyApp:MyRelease | ||
# FOD_RELEASE: MyApp:MyRelease |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
{{include:nocomments.env-fod-login-sample.md}} | ||
{{include:nocomments.env-fod-release-sample.md}} | ||
{{include:nocomments.env-fod-package-sample.md}} | ||
# DO_WAIT: true # Ignored due to DO_EXPORT below | ||
DO_EXPORT: true | ||
# DO_WAIT: true | ||
# DO_EXPORT: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
EXTRA_PACKAGE_OPTS: -bt mvn | ||
# EXTRA_PACKAGE_OPTS: -bf custom-pom.xml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,3 @@ | ||
{{include:nocomments.env-ssc-connection-sample.md}} | ||
SC_SAST_CLIENT_AUTH_TOKEN: ${{secrets.CLIENT_AUTH_TOKEN}} | ||
EXTRA_SC_SAST_LOGIN_OPTS: --socket-timeout=60s | ||
# EXTRA_SC_SAST_LOGIN_OPTS: --socket-timeout=60s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
{{include:nocomments.env-sc-sast-login-sample.md}} | ||
{{include:nocomments.env-ssc-appversion-sample.md}} | ||
{{include:nocomments.env-package-sample.md}} | ||
# DO_WAIT: true # Ignored due to DO_EXPORT below | ||
DO_EXPORT: true | ||
# DO_WAIT: true | ||
# DO_EXPORT: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
SSC_APPVERSION: MyApp:MyVersion | ||
# SSC_APPVERSION: MyApp:MyVersion |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
name: 'Set default values' | ||
description: 'Set default values for SSC environment variables like SSC_APPVERSION' | ||
author: 'Fortify' | ||
runs: | ||
using: composite | ||
steps: | ||
- if: ${{ !env.SSC_APPVERSION }} | ||
run: | | ||
export SSC_APPVERSION="${APP}:${V}" | ||
echo SSC_APPVERSION=$SSC_APPVERSION >> $GITHUB_ENV | ||
echo "Configured default value for SSC_APPVERSION: ${SSC_APPVERSION}" | ||
shell: bash | ||
env: | ||
APP: ${{ github.action_repository }} | ||
V: ${{ github.action_ref }} | ||
|
||
branding: | ||
icon: 'shield' | ||
color: 'blue' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.