forked from david-code-lab/ast-github-action
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathaction.yml
More file actions
86 lines (84 loc) · 2.52 KB
/
action.yml
File metadata and controls
86 lines (84 loc) · 2.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: 'Checkmarx AST CLI Action'
description: 'Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST solution.'
author: 'Checkmarx Technical Services'
inputs:
base_uri:
required: true
description: 'Provide the AST portal URL'
default: 'http://demo.ast-cloud.com'
cx_client_id:
required: false
description: 'Client ID for AST portal authentication'
default: ''
cx_secret:
required: false
description: 'Secret key for AST portal authentication'
default: ''
cx_token:
required: false
description: 'Token for AST portal authentication'
default: ''
scan_types:
required: false
description: 'Scan types to perform on AST'
default: sast
project_name:
required: false
default: ${{ github.repository }} # default repo name
description: 'Select a Checkmarx Project Name'
preset_name:
required: false
default: Checkmarx Default # default repo name
description: 'Checkmarx scan preset value'
github_token:
required: false
default: ${{ github.token }}
description: 'GitHub API Token'
archive_source:
required: false
default: ''
description: 'Source for the Zip file'
source_directory:
required: false
default: '.'
description: 'Source for the project directory'
filter:
required: false
default: '*'
description: 'Project scan filters for AST'
additional_params:
required: false
default: ''
description: 'Additional parameters for AST scan'
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.base_uri }}
- ${{ inputs.cx_client_id }}
- ${{ inputs.cx_secret }}
- ${{ inputs.cx_token }}
- ${{ inputs.github_token }}
- ${{ inputs.scan_types }}
- ${{ inputs.project_name }}
- ${{ inputs.archive_source }}
- ${{ inputs.source_directory }}
- ${{ inputs.additional_params }}
- ${{ inputs.filter }}
- ${{ inputs.preset_name }}
env:
CX_BASE_URI: "${{ inputs.base_uri }}"
CX_AST_ACCESS_KEY_ID: ${{ inputs.cx_client_id }}
CX_AST_ACCESS_KEY_SECRET: ${{ inputs.cx_secret }}
CX_TOKEN: ${{ inputs.cx_token }}
GITHUB_TOKEN: ${{ inputs.github_token }}
SCAN_TYPES: ${{ inputs.scan_types }}
PROJECT_NAME: ${{ inputs.project_name }}
ARCHIVE_SOURCE: ${{ inputs.archive_source }}
SOURCE_DIRECTORY: ${{ inputs.source_directory }}
ADDITIONAL_PARAMS: ${{ inputs.additional_params }}
FILTER: ${{ inputs.filter }}
PRESET_NAME: ${{ inputs.preset_name }}
branding:
icon: 'check'
color: 'green'