Skip to content
This repository has been archived by the owner on Feb 15, 2023. It is now read-only.

Latest commit

 

History

History
62 lines (44 loc) · 1.97 KB

README.md

File metadata and controls

62 lines (44 loc) · 1.97 KB

Veracode Upload And Scan Action

This action runs the Veracode Java Wrapper's 'upload and scan' action.

Inputs

appname

Required: The application name.

Default: '${{ github.repository }}'

createprofile

Required: True to create a new application profile.

Default: true

filepath

Required: Filepath or folderpath of the file or directory to upload. (If the last character is a backslash it needs to be escaped: \\).

version

Required: The name or version number of the new build.

Default: 'Scan from Github job: ${{ github.run_id }}'

vid

Required: Veracode API ID.

vkey

Required: Veracode API key.

sandboxname

Optional: If you would rather send your scan to a sandbox.

srcclr

Optional: Enable scanning this project with the srcclr agent. Currently only validated support for python Default: false

srcclrtoken

Optional: Token for access to srcclr. Only used when srcclr = true.

Example usage

The following example will upload all files contained within the folder_to_upload to Veracode and start a static scan.

The veracode credentials are read from github secrets. NEVER STORE YOUR SECRETS IN THE REPOSITORY.

- uses: actions/setup-java@v1 # Make java accessible on path so the uploadandscan action can run.
  with: 
    java-version: '8'
- uses: actions/upload-artifact@v2 # Copy files from repository to docker container so the next uploadandscan action can access them.
  with:
    path: folder_to_upload/*.jar # Wildcards can be used to filter the files copied into the container. See: https://github.com/actions/upload-artifact
- uses: actions/veracode-uploadandscan-action@master # Run the uploadandscan action. Inputs are described above.
  with:
    filepath: 'folder_to_upload/'
    vid: '${{ secrets.VERACODE_ID }}'
    vkey: '${{ secrets.VERACODE_KEY }}'
    srcclrtoken: '${{ secrets.SRCCLR_API_TOKEN }}'
    sandboxname: sandbox_to_send_scan
    srcclr: true