-
Notifications
You must be signed in to change notification settings - Fork 61
66 lines (61 loc) · 1.81 KB
/
veracode-scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# name: Veracode Scan
# on:
# workflow_run:
# workflows: ["Veracode Build"]
# types:
# - completed
# workflow_dispatch:
# workflow_call:
# inputs:
# branch:
# description: 'The branch to Analyze'
# type: string
# required: true
# secrets:
# NPM_PACKAGES_TOKEN:
# description: 'NPM_PACKAGES_TOKEN'
# required: true
# PACKAGES_AUTH_USER:
# description: 'PACKAGES_AUTH_USER'
# required: true
# PACKAGES_AUTH_TOKEN:
# description: 'PACKAGES_AUTH_TOKEN'
# required: true
# VERACODE_API_ID:
# description: 'VERACODE_API_ID'
# required: true
# VERACODE_API_KEY:
# description: 'VERACODE_API_KEY'
# required: true
# env:
# REFERENCE_BRANCH: maintenance-3.0.x
# NPM_REPOSITORY: https://packages.nuxeo.com/repository/npm-public/
# BRANCH_NAME: ${{ github.head_ref || inputs.branch || 'maintenance-3.0.x' }}
# permissions:
# contents: read
# jobs:
# sast-scan:
# permissions:
# contents: read
# security-events: write
# actions: read
# runs-on: ubuntu-latest
# steps:
# - name: Download artifact
# uses: actions/download-artifact@v2
# with:
# name: nuxeo-web-ui
# path: .
# - name: Veracode Upload And Scan
# uses: veracode/[email protected]
# with:
# appname: 'Nuxeo Web UI'
# createprofile: false
# filepath: 'nuxeo-web-ui.zip'
# vid: '${{ secrets.VERACODE_SECRET_API_ID }}'
# vkey: '${{ secrets.VERACODE_SECRET_KEY }}'
# sandboxname: 'master'
# scantimeout: 600
# include: '*.war, *.zip, *.js, *.html, *.css, *.json'
# criticality: 'VeryHigh'
# includenewmodules: 'true'