Updates from PR feedback

This commit is contained in:
Noah Irwin
2022-06-10 11:35:06 +01:00
parent a54c80f225
commit ad064a4af4
+12 -6
View File
@@ -4,6 +4,9 @@
# documentation.
# This workflow will initiate a Contrast Scan on your built artifact, and subsequently upload the results SARIF to Github.
# Because Contrast Scan is designed to run against your deployable artifact, you need to build an artifact that will be passed to the Contrast Scan Action.
# Contrast Scan currently supports Java, JavaScript and .NET artifacts.
# For more information about the Contrast Scan GitHub Action see here: https://github.com/Contrast-Security-OSS/contrastscan-action
# Pre-requisites:
# All Contrast related account secrets should be configured as GitHub secrets to be passed as inputs to the Contrast Scan Action.
@@ -21,6 +24,9 @@ on:
name: Scan analyze workflow
jobs:
build-and-scan:
permissions:
contents: read # for actions/checkout
security-events: write # for github/codeql-action/upload-sarif
runs-on: ubuntu-latest
# check out project
steps:
@@ -30,12 +36,12 @@ jobs:
# ...
# Scan Artifact
- name: Contrast Scan Action
uses: Contrast-Security-OSS/contrastscan-action@092c4e12ee0ee37b6116275f06efea84b2fe9d1a
with:
artifact: mypath/target/myartifact.jar # replace this path with the path to your built artifact
apiKey: ${{ secrets.CONTRAST_API_KEY }}
orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
uses: Contrast-Security-OSS/contrastscan-action@7352a45d9678ec8a434cf061b07ffb51c1e351a1
with:
artifact: mypath/target/myartifact.jar # replace this path with the path to your built artifact
apiKey: ${{ secrets.CONTRAST_API_KEY }}
orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
#Upload the results to GitHub
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2