-
Notifications
You must be signed in to change notification settings - Fork 24
/
action.yml
83 lines (81 loc) · 2.51 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
name: 'Checkmarx AST Github Action'
description: 'Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST solution.'
author: 'Checkmarx'
inputs:
base_uri:
required: true
description: 'Provide the AST portal URL'
cx_tenant:
required: true
description: 'Provide the Tenant for AST portal URL'
cx_client_id:
required: true
description: 'Client ID for AST portal authentication'
cx_client_secret:
required: true
description: 'Secret key for AST portal authentication'
project_name:
required: false
default: ${{ github.repository }} # default repo name
description: 'Select a Checkmarx Project Name'
branch:
required: false
default: ${{ github.head_ref || github.ref }} # default branch name
description: 'Branch name'
github_token:
required: false
default: ${{ github.token }}
description: 'GitHub API Token'
additional_params:
required: false
default: ''
description: 'Additional parameters for AST scan'
repo_name:
required: false
default: ${{ github.event.repository.name }}
description: "Repository name for PR decoration"
namespace:
required: false
default: ${{ github.repository_owner }}
description: "Organization name to create the Pr comment"
pr_number:
required: false
default: ${{ github.event.number }}
description: "Pr Number of the pull request that needs the decoration"
outputs:
cxcli:
description: output from cli
cxScanID:
description: scan ID output from cli
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.base_uri }}
- ${{ inputs.cx_tenant }}
- ${{ inputs.cx_client_id }}
- ${{ inputs.cx_client_secret }}
- ${{ inputs.github_token }}
- ${{ inputs.project_name }}
- ${{ inputs.additional_params }}
- ${{ inputs.repo_name }}
- ${{ inputs.namespace }}
- ${{ inputs.pr_number }}
entrypoint: '/app/entrypoint.sh'
post-if: cancelled()
post-entrypoint: '/app/cleanup.sh'
env:
CX_BASE_URI: "${{ inputs.base_uri }}"
CX_TENANT: ${{ inputs.cx_tenant }}
CX_CLIENT_ID: ${{ inputs.cx_client_id }}
CX_CLIENT_SECRET: ${{ inputs.cx_client_secret }}
GITHUB_TOKEN: ${{ inputs.github_token }}
BRANCH: ${{ inputs.branch }}
PROJECT_NAME: ${{ inputs.project_name }}
ADDITIONAL_PARAMS: ${{ inputs.additional_params }}
REPO_NAME: ${{ inputs.repo_name }}
NAMESPACE: ${{ inputs.namespace }}
PR_NUMBER: ${{ inputs.pr_number }}
branding:
icon: 'check'
color: 'green'