From 97de22b47c64dfc718d0793874168c3fc08a1814 Mon Sep 17 00:00:00 2001 From: Ruud Senden Date: Wed, 22 Sep 2021 14:12:39 +0200 Subject: [PATCH] Update according to PR review comments --- code-scanning/fortify-on-demand.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/code-scanning/fortify-on-demand.yml b/code-scanning/fortify-on-demand.yml index da200a6..d67d194 100644 --- a/code-scanning/fortify-on-demand.yml +++ b/code-scanning/fortify-on-demand.yml @@ -24,7 +24,7 @@ on: push: branches: [ $default-branch ] schedule: - - cron: '24 18 * * 5' + - cron: $cron-weekly jobs: FoD-SAST-Scan: @@ -56,7 +56,7 @@ jobs: # For other build tools, add your build commands to download necessary dependencies and prepare according to Fortify on Demand Packaging documentation. # ScanCentral Client documentation is located at https://www.microfocus.com/documentation/fortify-software-security-center/ - name: Download Fortify ScanCentral Client - uses: fortify/gha-setup-scancentral-client@v1 + uses: fortify/gha-setup-scancentral-client@5b7382f8234fb9840958c49d5f32ae854115f9f3 - name: Package Code + Dependencies run: scancentral package $PACKAGE_OPTS -o package.zip env: @@ -67,7 +67,7 @@ jobs: # Credentials and release ID should be obtained from your FoD tenant (either Personal Access Token or API Key can be used). # Automated Audit preference should be configured for the release's Static Scan Settings in the Fortify on Demand portal. - name: Download Fortify on Demand Universal CI Tool - uses: fortify/gha-setup-fod-uploader@v1 + uses: fortify/gha-setup-fod-uploader@6e6bb8a33cb476e240929fa8ebc739ff110e7433 - name: Perform SAST Scan run: java -jar $FOD_UPLOAD_JAR -z package.zip -aurl $FOD_API_URL -purl $FOD_URL -rid "$FOD_RELEASE_ID" -tc "$FOD_TENANT" -uc "$FOD_USER" "$FOD_PAT" $FOD_UPLOADER_OPTS -n "$FOD_UPLOADER_NOTES" env: @@ -82,7 +82,7 @@ jobs: # Once scan completes, pull SAST issues from Fortify on Demand and generate SARIF output. - name: Export results to GitHub-optimized SARIF - uses: fortify/gha-export-vulnerabilities@v1 + uses: fortify/gha-export-vulnerabilities@fcb374411cff9809028c911dabb8b57dbdae623b with: fod_base_url: "https://ams.fortify.com/" fod_tenant: ${{ secrets.FOD_TENANT }}