Skip to content
This repository has been archived by the owner on Nov 14, 2023. It is now read-only.

Commit

Permalink
Update sample Windows-based workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@rsenden
rsenden committed Aug 26, 2021
1 parent 4b66abf commit 67a5e3d
Showing 1 changed file with 2 additions and 5 deletions.
7 changes: 2 additions & 5 deletions .github/workflows/fod-sast-scan-and-import-windows.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,23 +33,20 @@ jobs:
- name: Download Fortify ScanCentral Client
uses: fortify/gha-setup-scancentral-client@v1
- name: Package Code + Dependencies
run: scancentral package ${env:PACKAGE_OPTS} -o package.zip
env:
PACKAGE_OPTS: "-bt mvn"
run: scancentral package -bt mvn -o package.zip

# Start Fortify on Demand SAST scan and wait until results complete. Be sure to set secrets/variables for your FoD tenant.
- name: Download Fortify on Demand Universal CI Tool
uses: fortify/gha-setup-fod-uploader@v1
- name: Perform SAST Scan
run: java -jar ${env:FOD_UPLOAD_JAR} -z package.zip -aurl ${env:FOD_AURL} -purl ${env:FOD_PURL} -rid "${env:FOD_RELEASE_ID}" -tc "${env:FOD_TENANT}" -uc "${env:FOD_USER}" "${env:FOD_PAT}" ${env:FOD_UPLOADER_OPTS}
run: java -jar ${env:FOD_UPLOAD_JAR} -z package.zip -aurl ${env:FOD_AURL} -purl ${env:FOD_PURL} -rid "${env:FOD_RELEASE_ID}" -tc "${env:FOD_TENANT}" -uc "${env:FOD_USER}" "${env:FOD_PAT}" -ep 2 -pp 0 -I 1 -apf
env:
FOD_AURL: ${{ secrets.FOD_EIGHTBALL_API_URL }}
FOD_PURL: ${{ secrets.FOD_EIGHTBALL_BASE_URL }}
FOD_TENANT: ${{ secrets.FOD_EIGHTBALL_TENANT }}
FOD_USER: ${{ secrets.FOD_EIGHTBALL_USER }}
FOD_PAT: ${{ secrets.FOD_EIGHTBALL_PAT }}
FOD_RELEASE_ID: ${{ secrets.FOD_EIGHTBALL_RELEASE_ID }}
FOD_UPLOADER_OPTS: "-ep 2 -pp 0 -I 1 -apf"

# Once scan completes, pull SAST issues from Fortify on Demand and generate SARIF output.
- name: Export results to GitHub-optimized SARIF
Expand Down

0 comments on commit 67a5e3d

Please sign in to comment.