diff --git a/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml b/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml index 43b20841..daee3196 100644 --- a/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml +++ b/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml @@ -16,8 +16,8 @@ jobs: with: check_run_name: ${{ github.workflow }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} diff --git a/.github/workflows/binary-ready-veracode-sast-policy-scan.yml b/.github/workflows/binary-ready-veracode-sast-policy-scan.yml index 5ce9d05d..39df155c 100644 --- a/.github/workflows/binary-ready-veracode-sast-policy-scan.yml +++ b/.github/workflows/binary-ready-veracode-sast-policy-scan.yml @@ -22,8 +22,8 @@ jobs: with: check_run_name: ${{ github.workflow }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} diff --git a/.github/workflows/veracode-check-run.yml b/.github/workflows/veracode-check-run.yml index 49af4932..0d5c09df 100644 --- a/.github/workflows/veracode-check-run.yml +++ b/.github/workflows/veracode-check-run.yml @@ -10,14 +10,18 @@ on: description: 'ID of workflow run (provided via GitHub syntax `github.run_id`)' required: true type: string - repositroy_owner: - description: 'repositroy_owner of original commit (provided by GitHub app via `github.event.client_payload.repository.owner`)' + repository_owner: + description: 'repository_owner of original commit (provided by GitHub app via `github.event.client_payload.repository.owner`)' required: true type: string - repositroy_name: - description: 'repositroy_name of original commit (provided by GitHub app via `github.event.client_payload.repository.name`)' + repository_name: + description: 'repository_name of original commit (provided by GitHub app via `github.event.client_payload.repository.name`)' required: true type: string + pull_request_num: + description: 'The associated pull request number (provided by GitHub app via `github.event.client_payload.pr_number`)' + required: false + type: string check_run_name: description: 'Name of check (Use `github.workflow` to use the name of the workflow)' required: true @@ -56,8 +60,8 @@ jobs: route: POST /repos/{owner}/{repo}/check-runs env: GITHUB_TOKEN: ${{ inputs.github_token }} - INPUT_OWNER: ${{ inputs.repositroy_owner }} - INPUT_REPO: ${{ inputs.repositroy_name }} + INPUT_OWNER: ${{ inputs.repository_owner }} + INPUT_REPO: ${{ inputs.repository_name }} INPUT_NAME: ${{ inputs.check_run_name }} INPUT_HEAD_SHA: ${{ inputs.head_sha }} INPUT_DETAILS_URL: "https://github.com/${{ github.repository }}/actions/runs/${{ inputs.run_id }}" @@ -67,7 +71,11 @@ jobs: run: | echo '{ "check_run_type": "${{ inputs.event_type }}", - "repository_name": "${{ inputs.repositroy_name }}", + "repository_name": "${{ inputs.repository_name }}", + "repository_owner": "${{ inputs.repository_owner }}", + "pull_request": { + "num": "${{ inputs.pull_request_num }}" + }, "check_run_id": ${{ fromJson(steps.create_check_run.outputs.data).id }}, "branch": "${{ inputs.branch }}", "sha": "${{ inputs.head_sha }}" diff --git a/.github/workflows/veracode-code-analysis.yml b/.github/workflows/veracode-code-analysis.yml index 3cf4c1ba..db92bd3d 100644 --- a/.github/workflows/veracode-code-analysis.yml +++ b/.github/workflows/veracode-code-analysis.yml @@ -44,8 +44,8 @@ jobs: with: check_run_name: ${{ github.workflow }} - ${{ contains(github.event.action, 'policy') && 'Policy' || 'Pipeline' }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} diff --git a/.github/workflows/veracode-iac-secrets-scan.yml b/.github/workflows/veracode-iac-secrets-scan.yml index 437ac1f8..719055d7 100644 --- a/.github/workflows/veracode-iac-secrets-scan.yml +++ b/.github/workflows/veracode-iac-secrets-scan.yml @@ -22,8 +22,8 @@ jobs: with: check_run_name: ${{ github.workflow }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} diff --git a/.github/workflows/veracode-not-supported.yml b/.github/workflows/veracode-not-supported.yml index 7a82f149..dfc51757 100644 --- a/.github/workflows/veracode-not-supported.yml +++ b/.github/workflows/veracode-not-supported.yml @@ -12,8 +12,8 @@ jobs: with: check_run_name: ${{ github.workflow }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} diff --git a/.github/workflows/veracode-sca-scan.yml b/.github/workflows/veracode-sca-scan.yml index 3e86f6ad..68e3c6d9 100644 --- a/.github/workflows/veracode-sca-scan.yml +++ b/.github/workflows/veracode-sca-scan.yml @@ -22,8 +22,9 @@ jobs: with: check_run_name: ${{ github.workflow }} head_sha: ${{ github.event.client_payload.sha }} - repositroy_owner: ${{ github.event.client_payload.repository.owner }} - repositroy_name: ${{ github.event.client_payload.repository.name }} + repository_owner: ${{ github.event.client_payload.repository.owner }} + repository_name: ${{ github.event.client_payload.repository.name }} + pull_request_num: ${{ github.event.client_payload.pr_number }} event_type: ${{ github.event.client_payload.event_type }} github_token: ${{ github.event.client_payload.token }} run_id: ${{ github.run_id }} @@ -175,7 +176,7 @@ jobs: JAVA_OPTS: -Xms2g -Xmx4g VERACODE_API_KEY_ID: '${{ secrets.VERACODE_API_ID }}' VERACODE_API_KEY_SECRET: '${{ secrets.VERACODE_API_KEY }}' - uses: "veracode/veracode-sca@SAI-1181-latest" # TODO: update this when tag is cut + uses: "veracode/veracode-sca@SAI-fix-for-sca" # TODO: update this when tag is cut with: github_token: ${{ secrets.GITHUB_TOKEN }} create-issues: false @@ -187,8 +188,4 @@ jobs: sca_fix_enabled: ${{ github.event.client_payload.user_config.sca_fix_enabled }} profile_name: ${{ github.event.client_payload.user_config.profile_name }} pr_number: ${{ github.event.client_payload.pr_number }} - client_repository_branch: ${{ github.event.client_payload.repository.branch }} - client_repository_name: ${{ github.event.client_payload.repository.name }} - client_repository_owner: ${{ github.event.client_payload.repository.owner }} - client_repository_full_name: ${{ github.event.client_payload.repository.full_name }}