Skip to content
Test Pipeline

fcli v3 / feat/fcli-ci / ast-scan / ssc / windows / node #234

Sign in to view logs

fcli v3 / feat/fcli-ci / ast-scan / ssc / windows / node

fcli v3 / feat/fcli-ci / ast-scan / ssc / windows / node #234

Workflow file for this run

.github/workflows/test-pipeline.yml at 01cc63d
name: Test Pipeline
run-name: ${{ inputs.pipeline_name }}
on:
workflow_dispatch:
inputs:
pipeline_name:
description: 'Pipeline display name'
required: true
version:
description: 'Integration version (v2, v3)'
required: true
fcli_version:
description: 'Fcli version (e.g., v3, dev_v3.x)'
required: true
product:
description: 'Product (fod or ssc)'
required: true
component:
description: 'Component (setup or ast-scan)'
required: true
source_dir:
description: 'Source directory name'
required: true
os:
description: 'Operating system (linux, windows, mac)'
required: true
fortify_release:
description: 'Fortify release/appversion name'
required: true
setup_steps:
description: 'JSON array of build tool setup steps'
required: false
default: '[]'
runs_on:
description: 'Runner label override'
required: false
default: ''
jobs:
# Setup component test (product-agnostic)
test-setup:
name: ${{ inputs.version }} / setup / ${{ inputs.os }}
runs-on: ${{ inputs.runs_on != '' && inputs.runs_on || inputs.os == 'linux' && 'ubuntu-latest' || inputs.os == 'windows' && 'windows-latest' || 'macos-latest' }}
if: ${{ inputs.component == 'setup' }}
steps:
- name: Checkout fortify/github-action
uses: actions/checkout@v4
with:
repository: fortify/github-action
ref: ${{ inputs.version }}
path: github-action
- name: Run setup action
uses: ./github-action/setup
with:
fcli: bootstrapped
env:
FCLI_BOOTSTRAP_VERSION: ${{ inputs.fcli_version }}
- name: Verify fcli installation
run: fcli --version
shell: bash
# FoD ast-scan component test
test-fod-ast-scan:
name: ${{ inputs.version }} / FoD / ast-scan / ${{ inputs.os }}
runs-on: ${{ inputs.runs_on != '' && inputs.runs_on || inputs.os == 'linux' && 'ubuntu-latest' || inputs.os == 'windows' && 'windows-latest' || 'macos-latest' }}
if: ${{ inputs.product == 'fod' && inputs.component == 'ast-scan' }}
steps:
- name: Checkout test sources
uses: actions/checkout@v4
- name: Setup build tools
uses: ./.github/actions/setup-build-tools
with:
setup-steps: ${{ inputs.setup_steps }}
- name: Checkout fortify/github-action
uses: actions/checkout@v4
with:
repository: fortify/github-action
ref: ${{ inputs.version }}
path: github-action
- name: Run AST scan action
uses: ./github-action
env:
FCLI_BOOTSTRAP_VERSION: ${{ inputs.fcli_version }}
SOURCE_DIR: ${{ github.workspace }}/${{ inputs.source_dir }}
FOD_URL: ${{ vars.FCLI_FT_FOD_URL }}
FOD_CLIENT_ID: ${{ secrets.FCLI_FT_FOD_CLIENT_ID }}
FOD_CLIENT_SECRET: ${{ secrets.FCLI_FT_FOD_CLIENT_SECRET }}
FOD_RELEASE: ${{ inputs.fortify_release }}
DO_SCA_SCAN: true
DO_AVIATOR_AUDIT: true
OVERRIDE_SAST_SETTINGS: true
# SSC ast-scan component test
test-ssc-ast-scan:
name: ${{ inputs.version }} / SSC / ast-scan / ${{ inputs.os }}
runs-on: ${{ inputs.runs_on != '' && inputs.runs_on || inputs.os == 'linux' && 'ubuntu-latest' || inputs.os == 'windows' && 'windows-latest' || 'macos-latest' }}
if: ${{ inputs.product == 'ssc' && inputs.component == 'ast-scan' }}
steps:
- name: Checkout test sources
uses: actions/checkout@v4
- name: Setup build tools
uses: ./.github/actions/setup-build-tools
with:
setup-steps: ${{ inputs.setup_steps }}
- name: Checkout fortify/github-action
uses: actions/checkout@v4
with:
repository: fortify/github-action
ref: ${{ inputs.version }}
path: github-action
- name: Run AST scan action
uses: ./github-action
env:
FCLI_BOOTSTRAP_VERSION: ${{ inputs.fcli_version }}
SOURCE_DIR: ${{ github.workspace }}/${{ inputs.source_dir }}
SSC_URL: ${{ vars.FCLI_FT_SSC_URL }}
SSC_TOKEN: ${{ secrets.FCLI_FT_SSC_TOKEN }}
SC_SAST_TOKEN: ${{ secrets.FCLI_FT_SC_SAST_TOKEN }}
SSC_APPVERSION: ${{ inputs.fortify_release }}
SETUP_EXTRA_OPTS: --issue-template "Prioritized High Risk Issue Template"
SAST_SCAN_EXTRA_OPTS: --no-replace