Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump SAST to 0.0.46 #60

Merged
merged 1 commit into from
Jul 6, 2023
Merged

chore: bump SAST to 0.0.46 #60

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/integration-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
with:
target: push
tools: sca,sast
classes: target
classpath: target/test-project-0.1.0.jar
sources: ${{ github.workspace }}
debug: true
- name: Check run succeeded
Expand Down Expand Up @@ -61,7 +61,7 @@ jobs:
exit 1
fi
export SAST_RESULTS=`jq '.runs | map (.results | length) | add' sast.sarif`
expectedSastResults=2
expectedSastResults=1
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, 1 is the expected number of SAST finding we need to detect on the test project. I don't know why were the tests passing before.

echo "Got $SAST_RESULTS from SAST"
if [ "$SAST_RESULTS" != "$expectedSastResults" ]; then
echo "::error::Expected to have $expectedSastResults SAST results!"
Expand Down
9 changes: 7 additions & 2 deletions action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,12 @@ name: 'lacework-code-security'
description: "Scan code with Lacework's Code Security offering"
author: 'Lacework'
inputs:
classpath:
description: 'Specify the Java classpath'
required: false
default: '.'
classes:
description: 'Classes directory or JAR file to analyze'
description: 'Classes directory or JAR file to analyze (DEPRECATED)'
required: false
default: '.'
sources:
Expand Down Expand Up @@ -54,7 +58,7 @@ runs:
shell: bash
run: |
SCA_VERSION=0.0.50
SAST_VERSION=0.0.45
SAST_VERSION=0.0.46
curl https://raw.githubusercontent.com/lacework/go-sdk/main/cli/install.sh | bash
echo "cache-key=$(date +'%Y-%m-%d')-$SCA_VERSION-$SAST_VERSION" >> $GITHUB_OUTPUT
echo "sca-version=$SCA_VERSION" >> $GITHUB_OUTPUT
Expand Down Expand Up @@ -91,6 +95,7 @@ runs:
- id: run-analysis
uses: './../lacework-code-security'
with:
classpath: '${{ inputs.classpath }}'
classes: '${{ inputs.classes }}'
sources: '${{ inputs.sources }}'
target: '${{ inputs.target }}'
Expand Down
5 changes: 3 additions & 2 deletions src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ async function runAnalysis() {
const tools = (getInput('tools') || 'sca').toLowerCase().split(',')
const indirectDeps = getInput('eval-indirect-dependencies')
const toUpload: string[] = []
const classpath = getInput('classpath') || getOrDefault('classes', '.')
if (tools.includes('sca')) {
var args = [
'sca',
Expand Down Expand Up @@ -47,8 +48,8 @@ async function runAnalysis() {
'sast',
'scan',
'--save-results',
'--classes',
getOrDefault('classes', '.'),
'--classpath',
classpath,
'--sources',
getOrDefault('sources', '.'),
'-o',
Expand Down