Skip to content

Sync Security Issues #14

Sync Security Issues

Sync Security Issues #14

# Create GitHub Action Repository Variables for your version of the application:
# FOD_BASE_URL should be FoD BASE URL for your tenant (e.g. https://emea.fortify.com)
# FOD_API_URL should be FoD API URL for your tenant (e.g. https://api.emea,fortify.com)
# FOD_PARENT_RELEASE_NAME is the FoD release name corresponding to the parent branch of any newly created branch, this is typically "main"
# Create GitHub Action Secrets for your version of the application:
# FOD_CLIENT_ID should be an API Key obtained from your FoD tenant.
# FOD_CLIENT_SECRET should be the secret for the API Key obtained for your FoD tenant.
# Helpful hints:
# API Key credentials can be obtained from your FoD tenant, under Administration -> Settings -> API
# It is recommended to create credentials with 'Security Lead' Role selected.
# "Automated Audit preference" should be configured for the release's Static Scan Settings.
name: Sync Security Issues
on:
# Run at the end of every day
schedule:
- cron: "0 0 * * *"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Global environment variables
env:
DEFAULT_APP_NAME: "FortifyDemoApp"
DEFAULT_RELEASE_NAME: "1.0"
jobs:
FoD-GitHub-Sync:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/[email protected]
- name: Fortify App and Release Name
id: fortify-app-and-rel-name
uses: ./.github/actions/fortify-app-and-release-name
with:
default_fortify_app_name: ${{ env.DEFAULT_APP_NAME }}
#default_fortify_release_name: ${{ github.ref_name }}
default_fortify_release_name: ${{ vars.FORTIFY_RELEASE_NAME }}
app_name_postfix: ${{ vars.FORTIFY_APP_NAME_POSTFIX }}
# Install Fortify tools
- name: Setup Fortify tools
uses: fortify/github-action/setup@v1
with:
export-path: true
fcli: latest
sc-client: skip
fod-uploader: skip
vuln-exporter: latest
bugtracker-utility: skip
- name: Export FoD vulnerability data to GitHub
uses: fortify/github-action/[email protected]
env:
FOD_URL: ${{ vars.FOD_URL }}
FOD_CLIENT_ID: ${{ secrets.FOD_CLIENT_ID }}
FOD_CLIENT_SECRET: ${{ secrets.FOD_CLIENT_SECRET }}
FOD_RELEASE: ${{ format('{0}:{1}', steps.fortify-app-and-rel-name.outputs.app_name, env.DEFAULT_RELEASE_NAME) }}