From 0b45ddae0d6a1bb5d2524384ae316a929f3d0e96 Mon Sep 17 00:00:00 2001 From: DhavalPatelPersistent Date: Fri, 24 Dec 2021 15:55:11 +0530 Subject: [PATCH 1/2] Update / Add "uses","project","teams","scanners","params" attributes. --- code-scanning/checkmarx.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/code-scanning/checkmarx.yml b/code-scanning/checkmarx.yml index ee97108..c0785da 100644 --- a/code-scanning/checkmarx.yml +++ b/code-scanning/checkmarx.yml @@ -29,14 +29,16 @@ jobs: - uses: actions/checkout@v2 # Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs - name: Checkmarx CxFlow Action - uses: checkmarx-ts/checkmarx-cxflow-github-action@04e6403dbbfee0fd3fb076e5791202c31c54fe6b + uses: checkmarx-ts/checkmarx-cxflow-github-action@master with: - project: GithubActionTest - team: '\CxServer\SP\Checkmarx' + project: ${{ secrets.CHECKMARX_PROJECT }} + team: ${{ secrets.CHECKMARX_TEAMS }} checkmarx_url: ${{ secrets.CHECKMARX_URL }} checkmarx_username: ${{ secrets.CHECKMARX_USERNAME }} checkmarx_password: ${{ secrets.CHECKMARX_PASSWORD }} checkmarx_client_secret: ${{ secrets.CHECKMARX_CLIENT_SECRET }} + scanners: sast + params: --namespace=${{ github.repository_owner }} --repo-name=${{ github.event.repository.name }} --branch=${{ github.ref }} --cx-flow.filterSeverity --cx-flow.filterCategory # Upload the Report for CodeQL/Security Alerts - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v1 From 97020d0adc1a32ef799bcafcffa18b2297ca4da3 Mon Sep 17 00:00:00 2001 From: DhavalPatelPersistent <93903969+DhavalPatelPersistent@users.noreply.github.com> Date: Thu, 30 Dec 2021 16:39:28 +0530 Subject: [PATCH 2/2] Update checkmarx.yml Point to SHA instead for master --- code-scanning/checkmarx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/checkmarx.yml b/code-scanning/checkmarx.yml index c0785da..96b9897 100644 --- a/code-scanning/checkmarx.yml +++ b/code-scanning/checkmarx.yml @@ -29,7 +29,7 @@ jobs: - uses: actions/checkout@v2 # Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs - name: Checkmarx CxFlow Action - uses: checkmarx-ts/checkmarx-cxflow-github-action@master + uses: checkmarx-ts/checkmarx-cxflow-github-action@9975af7d6b957abec9ee9646effa3fb3b82c5314 with: project: ${{ secrets.CHECKMARX_PROJECT }} team: ${{ secrets.CHECKMARX_TEAMS }}