diff --git a/.github/workflows/veracode-sca-scan.yml b/.github/workflows/veracode-sca-scan.yml index 3e86f6ad..5cb72453 100644 --- a/.github/workflows/veracode-sca-scan.yml +++ b/.github/workflows/veracode-sca-scan.yml @@ -30,23 +30,6 @@ jobs: branch: ${{ github.event.client_payload.repository.branch }} default_runs_on: ${{ github.event.client_payload.user_config.default_runs_on }} - determine-matrix: - needs: [register] - runs-on: ubuntu-latest - outputs: - matrix-json: ${{ steps.set-matrix.outputs.matrix-json }} - steps: - - name: Determine matrix based on sca-fix enabled flag - id: set-matrix - run: | - if [ "${{ github.event.client_payload.user_config.sca_fix_enabled }}" = "true" ] || [ "${{ github.event.client_payload.user_config.sca_fix_enabled }}" = true ]; then - echo "matrix-json={\"output-type\":[\"txt\",\"json\"]}" >> $GITHUB_OUTPUT - echo "✓ SCA-Fix ENABLED: Running [txt, json] scans" - else - echo "matrix-json={\"output-type\":[\"txt\"]}" >> $GITHUB_OUTPUT - echo "✗ SCA-Fix DISABLED: Running [txt] scan only" - fi - veracode-sca-scan: needs: [register, determine-matrix] runs-on: ${{ fromJSON(github.event.client_payload.user_config.default_runs_on) }} @@ -175,11 +158,10 @@ jobs: JAVA_OPTS: -Xms2g -Xmx4g VERACODE_API_KEY_ID: '${{ secrets.VERACODE_API_ID }}' VERACODE_API_KEY_SECRET: '${{ secrets.VERACODE_API_KEY }}' - uses: "veracode/veracode-sca@SAI-1181-latest" # TODO: update this when tag is cut + uses: "veracode/veracode-sca@task/SAI-1339-consolidate-sca-scans" # TODO: update this when tag is cut with: github_token: ${{ secrets.GITHUB_TOKEN }} create-issues: false - json-output: ${{ matrix.output-type == 'json' }} recursive: true allow-dirty: true breakBuildOnPolicyFindings: ${{ github.event.client_payload.user_config.break_build_policy_findings }}