-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathaction.yaml
74 lines (74 loc) · 2.86 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
name: 'HCL AppScan Static Analyzer'
description: 'Scan for security issues in code'
branding:
color: 'blue'
icon: 'lock'
inputs:
asoc_key:
description: 'API key for connecting to the AppScan service.'
required: true
asoc_secret:
description: 'Secret for connecting to the AppScan service.'
required: true
service_url:
description: 'The url of the AppScan service.'
required: false
acceptssl:
description: 'Allow connections to a service with an untrusted certificate. Recommended for testing purposes only.'
required: false
type: boolean
default: false
application_id:
description: 'The application id where your scan will appear.'
required: true
scan_name:
description: 'The name of the scan created in the AppScan service.'
required: false
personal_scan:
description: 'Make the scan a personal scan.'
required: false
type: boolean
default: false
static_analysis_only:
description: 'Only run static analysis. Do not run SCA (Software Composition Analysis).'
required: false
type: boolean
default: false
open_source_only:
description: 'Only run SCA (Software Composition Analysis). Do not run static analysis.'
required: false
type: boolean
default: false
scan_build_outputs:
description: 'By default only source code files will be analyzed. Enabling this option will result in build output files for Java and .NET to be analyzed (.jar/.war/.ear/.dll/.exe). Additionally, Maven, Gradle, and Visual Studio solutions will be built if the build environment is available.'
required: false
type: boolean
default: false
wait_for_analysis:
description: 'By default this action will initiate the scan in the AppScan service, but it will not wait for analysis to complete. Enabling this option will cause the action to wait for analysis to complete. Note that this will cause the action to run longer.'
required: false
type: boolean
default: false
analysis_timeout_minutes:
description: 'If wait_for_analysis is true, the number of minutes to wait for analysis to complete. The default is 30 minutes.'
required: false
default: 30
fail_for_noncompliance:
description: 'If wait_for_analysis is true, fail the job if any non-compliant issues are found in the scan.'
required: false
type: boolean
default: false
failure_threshold:
description: 'If fail_for_noncompliance is enabled, the severity that indicates a failure. Lesser severities will not be considered a failure. For example, if failure_threshold is set to Medium, Informational and/or Low severity issues will not cause a failure. Medium, High, and/or Critical issues will cause a failure.'
required: false
type: choice
default: 'Low'
options:
- Informational
- Low
- Medium
- High
- Critical
runs:
using: 'node20'
main: 'src/main.js'