forked from veracode/veracode-pipeline-scan-results-to-sarif
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yml
61 lines (61 loc) · 2.28 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# action.yml
name: 'Veracode Static Analysis Pipeline Scan and SARIF import'
description: 'Initiate a Veracode Static Analysis Pipeline Scan and convert the results file to a valid SARIF file'
inputs:
scan-type:
description: 'The scan type for which a SARIF report needs to be generated can be either a pipeline scan or a policy scan'
required: true
default: 'pipeline'
results-json:
description: 'The location of the JSON result file for the policy or pipeline'
required: true
default: 'filtered_results.json'
pipeline-results-json: # id of input
description: 'location of the pipeline json result file'
required: true
default: 'results.json'
output-results-sarif: # id of input
description: 'the path to the SARIF file as an output of the transformation'
required: true
default: 'veracode-results.sarif'
source-base-path-1:
description: 'a path prefix conversion before publish in the SARIF file'
required: false
default: ''
source-base-path-2:
description: 'a path prefix conversion before publish in the SARIF file'
required: false
default: ''
source-base-path-3:
description: 'a path prefix conversion before publish in the SARIF file'
required: false
default: ''
finding-rule-level:
description: 'The conversion rule of Veracode findings to GitHub level'
required: true
default: '4:3:0'
repo_owner:
description: 'The account owner of the repository. The name is not case sensitive.'
required: false
repo_name:
description: 'The name of the repository without the .git extension. The name is not case sensitive.'
required: false
githubToken:
description: 'GitHub token is a secure token that allows the workflow to interact with the GitHub API and perform actions on behalf of the repository or user'
required: true
default: ${{ github.token }}
ref:
description: 'The full Git reference'
required: true
default: ${{ github.ref }}
commitSHA:
description: 'The SHA of the commit to which the analysis you are uploading relates.'
required: true
default: ${{ github.sha }}
noupload:
description: 'Do not upload the SARIF file to the GitHub repository'
required: false
default: 'false'
runs:
using: 'node20'
main: 'dist/index.js'