Merge pull request #47 from bnreplah/master

Added Policy Parameter for Create Profile

Author: julz0815

.github/workflows/main.yml

@@ -26,7 +26,7 @@ jobs:
       with: 
         distribution: 'adopt'
         java-version: '8'
-    - uses: actions/upload-artifact@v3
+    - uses: actions/upload-artifact@v4.6.2
       with:
         path: binaries_to_upload/*.jar
     - name: Veracode Upload and Scan Action Step
@@ -42,4 +42,5 @@ jobs:
         sandboxname: 'Github - ${{ github.ref }}'
         scantimeout: 15
         criticality: 'VeryHigh'
-        createprofile: false
+        createprofile: true
+        policy: 'Test policy 2'

README.md

@@ -124,6 +124,10 @@ Veracode recommends that you use the toplevel parameter if you want to ensure th
 
 **Optional** INTEGER - Number of times to retry the last request during certain error conditions or when a request times out. Value range is 1 to 5. Default is 5
 
+### `policy` 
+
+**Optional** STRING - The policy name that matches the policy in the Veracode platform you want to assign to the application profile on creation. Default is '' and the [`criticality`](README.md#criticality) will be used.
+
 ## Examples
 
 ### General Usage

action.yml

@@ -83,6 +83,10 @@ inputs:
     description: 'Number of times to retry the last request during certain error conditions or when a request times out. Value range is 1 to 5.'
     required: false
     default: 5
+  policy:
+    description: 'Veracode Policy Name'
+    required: false
+    default: ''
 
 
 # outputs:
@@ -118,3 +122,4 @@ runs:
     - ${{ inputs.debug }}
     - ${{ inputs.includenewmodules }}
     - ${{ inputs.maxretrycount }}
+    - ${{ inputs.policy }}

entrypoint.sh

@@ -1,4 +1,5 @@
 #!/bin/sh -l
+parameters=[ appname, createprofile, filepath, version, vid, vkey, createsandbox, sandboxname, scantimeout,exclude, include, criticality, pattern, replacement, sandboxid,scanallnonfataltoplevelmodules,selected,selectedpreviously, teams, toplevel, deleteincompletescan, scanpollinginterval, javawrapperversion, debug, includenewmodules, maxretrycount, policy]
 
 #required parameters
 appname=$1
@@ -30,22 +31,23 @@ javawrapperversion=${23}
 debug=${24}
 includenewmodules=${25}
 maxretrycount=${26}
-
+policy=${27}
 
 echo "Required Information"
 echo "===================="
 echo "appname: $appname"
 echo "createprofile: $createprofile"
 echo "filepath: $filepath"
 echo "version: $version"
-if [ "$vid" ]
+#echo "policy: $policy" 
+if [ "$vid"  || "${5}" ]
 then
 echo "vid: ***"
 else
 echo "vid:"
 fi
 
-if [ "$vkey" ]
+if [ "$vkey" || "${6}" ]
 then
 echo "vkey: ***"
 else
@@ -54,9 +56,9 @@ fi
 echo ""
 echo "Optional Information"
 echo "===================="
-echo "createsandbox: $createsandbox"
-echo "sandboxname: $8"
-echo "scantimeout: $9"
+echo "createsandbox: ${7}" #createsandbox" # why is this in a differnt convention ? 
+echo "sandboxname: ${8}"
+echo "scantimeout: ${9}"
 echo "exclude: ${10}"
 echo "include: ${11}"
 echo "criticality: ${12}"
@@ -74,6 +76,7 @@ echo "javawrapperversion: ${23}"
 echo "debug: ${24}"
 echo "includenewmodules: ${25}"
 echo "maxretrycount: ${26}"
+echo "policy: ${27}"
 
 
 #Check if required parameters are set
@@ -270,7 +273,12 @@ then
     echo "        -maxretrycount \"$maxretrycount\" \\" >> runJava.sh
 fi
 
+if [ "$policy" ]
+then
+    echo "        -policy \"$policy\" \\" >> runJava.sh
+fi
+
 curl -sS -o VeracodeJavaAPI.jar "https://repo1.maven.org/maven2/com/veracode/vosp/api/wrappers/vosp-api-wrappers-java/$javawrapperversion/vosp-api-wrappers-java-$javawrapperversion.jar"
-chmod 777 runJava.sh
-cat runJava.sh
+chmod 777 runJava.sh # does it need full 7 ? 
+cat runJava.sh        
 ./runJava.sh