-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ab571da
commit bb9101e
Showing
14 changed files
with
181 additions
and
5 deletions.
There are no files selected for viewing
2 changes: 1 addition & 1 deletion
2
...2.11-generate-token-wrong-credentials.yml → ...2.11-generate-token-wrong-credentials.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
26 changes: 26 additions & 0 deletions
26
.github/workflows/cx-2020.2.18-generate-token-wrong-credentials.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| name: 2020.2.18 Generate Token Wrong Credentials | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxServer: ${{ secrets.CX_SERVER }} | ||
| cxAction: GenerateToken | ||
| cxUsername: ${{ secrets.CX_EMAIL }} | ||
| cxPassword: "123456" | ||
| cxSkipIfFail: true | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| name: 2020.2.18 OSA Scan | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| pull_request: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxAction: OsaScan | ||
| cxServer: ${{ secrets.CX_OSA_SERVER }} | ||
| cxUsername: ${{ secrets.CX_OSA_EMAIL }} | ||
| cxPassword: ${{ secrets.CX_OSA_PASSWORD }} | ||
| cxTeam: ${{ secrets.CX_OSA_TEAM }} | ||
| cxExecutePackageDependency: true | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| cxGithubIssues: true | ||
| cxGithubToken: ${{ secrets.GITHUB_TOKEN }} | ||
| cxGithubLabels: bug,test | ||
| cxGithubAssignees: miguelfreitas93 | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
25 changes: 25 additions & 0 deletions
25
.github/workflows/cx-2020.2.18-revoke-token-trust-certs-true.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| name: 2020.2.18 Revoke Token Trust Certs True | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxServer: ${{ secrets.CX_SERVER }} | ||
| cxAction: RevokeToken | ||
| cxToken: ${{ secrets.CX_TOKEN }} | ||
| cxTrustedCertificates: true | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| name: 2020.2.18 Revoke Token | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxServer: ${{ secrets.CX_SERVER }} | ||
| cxAction: RevokeToken | ||
| cxToken: ${{ secrets.CX_TOKEN }} | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| name: 2020.2.18 SAST Scan | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| pull_request: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxAction: Scan | ||
| cxServer: ${{ secrets.CX_SERVER }} | ||
| cxUsername: ${{ secrets.CX_EMAIL }} | ||
| cxPassword: ${{ secrets.CX_PASSWORD }} | ||
| cxTeam: ${{ secrets.CX_TEAM }} | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| cxGithubIssues: true | ||
| cxGithubToken: ${{ secrets.GITHUB_TOKEN }} | ||
| cxGithubLabels: bug,test | ||
| cxGithubAssignees: miguelfreitas93 | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| name: 2020.2.18 SCA Scan | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
| pull_request: | ||
| branches: | ||
| - master | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v1 | ||
| - name: Checkmarx Action | ||
| uses: ./ | ||
| with: | ||
| cxAction: ScaScan | ||
| cxScaAccount: ${{ secrets.CX_SCA_ACCOUNT }} | ||
| cxScaUsername: ${{ secrets.CX_SCA_USERNAME }} | ||
| cxScaPassword: ${{ secrets.CX_SCA_PASSWORD }} | ||
| cxScaPathExclude: coverage,images | ||
| cxExecutePackageDependency: true | ||
| cxVersion: "2020.2.18" | ||
| cxLog: log.log | ||
| - name: Upload artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: log.log | ||
| path: log.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -344,6 +344,7 @@ Here the list of versions supported: | |
| - 2020.2.3 | ||
| - 2020.2.7 | ||
| - 2020.2.11 | ||
| - 2020.2.18 | ||
| ## Secrets | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bb9101eThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[Checkmarx][OSA]
Libraries Summary
Libraries Summary By Severity
Result Summary Details
Results By Status
bb9101eThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[Checkmarx] - Project : checkmarx-github-action-master - Scan ID : 1000099
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000099
LOC: 7791
Files Scanned: 15
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000099&projectid=6
Scan Comment: git master@bb9101ed82fa9485fe5c6677f5608c3a8c077f25
Scan Type: 00h:01m:09s
Scan Start Date: Thu Jun 18 2020 00:47:09 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:09s
Source Origin: LocalPath
Visibility: Public
Results Summary Details
Results By Status
Results By State and Severity
Results By Queries
Results By Languages
Vulnerabilities in Files:
https://github.com/checkmarx-ts/checkmarx-github-action/blob/bb9101ed82fa9485fe5c6677f5608c3a8c077f25/src/github/inputs.js
https://github.com/checkmarx-ts/checkmarx-github-action/blob/bb9101ed82fa9485fe5c6677f5608c3a8c077f25/src/cli/token.js