hands on exercise(AST-94651)

.github/workflows/checkmarx-one-scan.yml

@@ -15,11 +15,21 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Checkmarx One Engine API action
+        uses: anjali-deore/ast-github-action@73294ab5cf7c8805ed59cfb19b54740e1564bf75 #v1.0.6
+        with:
+          base_uri: ${{ secrets.AST_RND_SCANS_BASE_URI }}
+          cx_tenant: ${{ secrets.AST_RND_SCANS_TENANT }}
+          cx_client_id: ${{ secrets.AST_RND_SCANS_CLIENT_ID }}
+          cx_client_secret: ${{ secrets.AST_RND_SCANS_CLIENT_SECRET }}
+          args: cx engine list-api
       - name: Checkmarx One CLI Action
         uses: checkmarx/ast-github-action@9fda5a4a2c297608117a5a56af424502a9192e57 # v.2.0.34
         with:
           base_uri: ${{ secrets.AST_RND_SCANS_BASE_URI }}
           cx_tenant: ${{ secrets.AST_RND_SCANS_TENANT }}
           cx_client_id: ${{ secrets.AST_RND_SCANS_CLIENT_ID }}
           cx_client_secret: ${{ secrets.AST_RND_SCANS_CLIENT_SECRET }}
-          additional_params: --tags phoenix --threshold "sast-critical=1;sast-high=1;sast-medium=1;sast-low=1;sca-critical=1;sca-high=1;sca-medium=1;sca-low=1;iac-security-critical=1;iac-security-high=1;iac-security-medium=1;iac-security-low=1;"
+          additional_params: --tags phoenix --threshold "sast-critical=1;sast-high=1;sast-medium=1;sast-low=1;sca-critical=1;sca-high=1;sca-medium=1;sca-low=1;iac-security-critical=1;iac-security-high=1;iac-security-medium=1;iac-security-low=1;"
+
+

Dockerfile

@@ -1,7 +1,9 @@
 # Use AST Base image
+# FROM anjalideore/checkmarx-test:latest@sha256:715e817a00fcfc4cc5c4ed72debb4a6f9b38b22348e36f190e4a1f985cc7661e
+# Docker actions must be run by the default Docker user (root).
+
 FROM checkmarx/ast-cli:2.3.19@sha256:e6c50b070ac33e3476dcf221f8ec6903461f9003d8cb0b8b07f71f0107b5f5e2
 
-# Docker actions must be run by the default Docker user (root).
 USER root
 
 # Copy the entrypoint script and properties used for the action