|
68 | 68 | # FOD_CLIENT_SECRET: ${{secrets.FOD_CLIENT_SECRET}} |
69 | 69 | ### Optional configuration |
70 | 70 | # FOD_LOGIN_EXTRA_OPTS: --socket-timeout=60s # Extra 'fcli fod session login' options |
71 | | - # FOD_RELEASE: MyApp:MyRelease # FoD release name, default: <org>/<repo>:<branch> |
| 71 | + FOD_RELEASE: 25.03 # FoD release name, default: <org>/<repo>:<branch> |
72 | 72 | # DO_SETUP: true # Setup FoD application, release & static scan configuration |
73 | 73 | # SETUP_ACTION: <URL or file> # Customize setup action |
74 | 74 | # Pass extra options to setup action: |
|
89 | 89 | # EXPORT_ACTION: <URL or file> # Customize export action |
90 | 90 | # EXPORT_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to export action |
91 | 91 | # TOOL_DEFINITIONS: <URL> # URL from where to retrieve Fortify tool definitions |
92 | | - |
93 | | - ############################################################# |
94 | | - ##### Fortify Hosted / Software Security Center & ScanCentral |
95 | | - ##### Remove this section if you're integrating with Fortify on Demand (see above) |
96 | | - ### Required configuration |
97 | | - SSC_URL: ${{vars.SSC_URL}} # Must be hardcoded or configured through GitHub variable, not secret |
98 | | - SSC_TOKEN: ${{secrets.SSC_TOKEN}} # SSC CIToken; credentials should be configured through GitHub secrets |
99 | | - SC_SAST_TOKEN: ${{secrets.SC_CLIENT_AUTH_TOKEN}} # ScanCentral SAST client_auth_token, required if SAST scan is enabled |
100 | | - DEBRICKED_TOKEN: ${{secrets.DEBRICKED_TOKEN}} # Debricked token, required if Debricked scan is enabled |
101 | | - SC_SAST_SENSOR_VERSION: 24.4.0 # Sensor version to use for the scan, required if SAST scan is enabled |
102 | | - ### Optional configuration |
103 | | - # SSC_LOGIN_EXTRA_OPTS: --socket-timeout=60s # Extra 'fcli ssc session login' options |
104 | | - # SC_SAST_LOGIN_EXTRA_OPTS: --socket-timeout=60s # Extra 'fcli sc-sast session login' options |
105 | | - # SSC_APPVERSION: MyApp:MyVersion # SSC application version name, default: <org>/<repo>:<branch> |
106 | | - # DO_SETUP: true # Set up SSC application & version |
107 | | - # SETUP_ACTION: <URL or file> # Customize setup action |
108 | | - # SETUP_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to setup action |
109 | | - # PACKAGE_EXTRA_OPTS: -bt mvn # Extra 'scancentral package' options |
110 | | - # EXTRA_SC_SAST_SCAN_OPTS: # Extra 'fcli sc-sast scan start' options |
111 | | - # DO_WAIT: true # Wait for successful scan completion (implied if post-scan actions enabled) |
112 | | - # DO_POLICY_CHECK: true # Fail pipeline if security policy outcome is FAIL |
113 | | - # POLICY_CHECK_ACTION: <URL or file> # Customize security policy checks |
114 | | - # POLICY_CHECK_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to policy check action |
115 | | - # DO_JOB_SUMMARY: true # Generate workflow job summary |
116 | | - # JOB_SUMMARY_ACTION: <URL or file> # Customize job summary |
117 | | - # JOB_SUMMARY_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to job summary action |
118 | | - # DO_PR_COMMENT: true # Generate PR comments, only used on pull_request triggers |
119 | | - # PR_COMMENT_ACTION: <URL or file> # Customize PR comments |
120 | | - # PR_COMMENT_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to PR comment action |
121 | | - # DO_EXPORT: true # Export vulnerability data to GitHub code scanning dashboard |
122 | | - # EXPORT_ACTION: <URL or file> # Customize export action |
123 | | - # EXPORT_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to export action |
124 | | - # TOOL_DEFINITIONS: <URL> # URL from where to retrieve Fortify tool definitions |
0 commit comments