Create checkmarx-analysis.yml
This commit is contained in:
parent
4c80ed3dc1
commit
c780d1c47d
|
@ -0,0 +1,39 @@
|
||||||
|
# This is a basic workflow to help you get started with Using Checkmarx CxFlow Action
|
||||||
|
|
||||||
|
name: CxFlow
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [ main, upload-artifact ]
|
||||||
|
pull_request:
|
||||||
|
# The branches below must be a subset of the branches above
|
||||||
|
branches: [ main ]
|
||||||
|
schedule:
|
||||||
|
- cron: '31 12 * * 3'
|
||||||
|
|
||||||
|
# A workflow run is made up of one or more jobs that can run sequentially or in parallel - this job is specifically configured to use the Checkmarx CxFlow Action
|
||||||
|
jobs:
|
||||||
|
# This workflow contains a single job called "build"
|
||||||
|
build:
|
||||||
|
# The type of runner that the job will run on - Ubuntu is required as Docker is leveraged for the action
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
|
||||||
|
steps:
|
||||||
|
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
# Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs
|
||||||
|
- name: Checkmarx CxFlow Action
|
||||||
|
uses: checkmarx-ts/checkmarx-cxflow-github-action@v1.0
|
||||||
|
with:
|
||||||
|
project: GithubActionTest
|
||||||
|
team: '\CxServer\SP\Checkmarx'
|
||||||
|
checkmarx_url: ${{ secrets.CHECKMARX_URL }}
|
||||||
|
checkmarx_username: ${{ secrets.CHECKMARX_USERNAME }}
|
||||||
|
checkmarx_password: ${{ secrets.CHECKMARX_PASSWORD }}
|
||||||
|
checkmarx_client_secret: ${{ secrets.CHECKMARX_CLIENT_SECRET }}
|
||||||
|
# Upload the Report for CodeQL/Security Alerts
|
||||||
|
- name: Upload SARIF file
|
||||||
|
uses: github/codeql-action/upload-sarif@v1
|
||||||
|
with:
|
||||||
|
sarif_file: cx.sarif
|
Loading…
Reference in New Issue