diff --git a/code-scanning/checkmarx.yml b/code-scanning/checkmarx.yml index ee97108..96b9897 100644 --- a/code-scanning/checkmarx.yml +++ b/code-scanning/checkmarx.yml @@ -29,14 +29,16 @@ jobs: - uses: actions/checkout@v2 # Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs - name: Checkmarx CxFlow Action - uses: checkmarx-ts/checkmarx-cxflow-github-action@04e6403dbbfee0fd3fb076e5791202c31c54fe6b + uses: checkmarx-ts/checkmarx-cxflow-github-action@9975af7d6b957abec9ee9646effa3fb3b82c5314 with: - project: GithubActionTest - team: '\CxServer\SP\Checkmarx' + project: ${{ secrets.CHECKMARX_PROJECT }} + team: ${{ secrets.CHECKMARX_TEAMS }} checkmarx_url: ${{ secrets.CHECKMARX_URL }} checkmarx_username: ${{ secrets.CHECKMARX_USERNAME }} checkmarx_password: ${{ secrets.CHECKMARX_PASSWORD }} checkmarx_client_secret: ${{ secrets.CHECKMARX_CLIENT_SECRET }} + scanners: sast + params: --namespace=${{ github.repository_owner }} --repo-name=${{ github.event.repository.name }} --branch=${{ github.ref }} --cx-flow.filterSeverity --cx-flow.filterCategory # Upload the Report for CodeQL/Security Alerts - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v1