chore: remove acl(as aws set private as default) and add templatefile… #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Fortify | |
| on: | |
| push: | |
| branches: [master] | |
| jobs: | |
| fortify: | |
| runs-on: [self-hosted, devsecops] | |
| name: Fortify | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Checkout Application & Version Action | |
| run: git clone [email protected]:grupoboticario/fortify-action-api.git .github/fortify-action-api | |
| - name: Checkout SAST Assessment Action | |
| run: git clone [email protected]:grupoboticario/fortify-action-sast.git .github/fortify-action-sast | |
| - name: Import Secrets | |
| uses: hashicorp/[email protected] | |
| with: | |
| url: https://heimdall.grupoboticario.digital | |
| token: ${{ secrets.FORTIFY_VAULT_TOKEN }} | |
| secrets: | | |
| fortify/secrets/gbaction userf ; | |
| fortify/secrets/gbaction citoken ; | |
| fortify/secrets/gbaction scancentral | |
| - name: Create Application & Version | |
| uses: ./.github/fortify-action-api | |
| id: fortify_api | |
| with: | |
| api_credentials: '${{ env.USERF }}' | |
| application_name: '${{ github.repository }}' | |
| application_version: 'master' | |
| - name: SAST | |
| uses: ./.github/fortify-action-sast | |
| id: SAST | |
| with: | |
| application_name: '${{ github.repository }}' | |
| application_version: 'master' | |
| client_token: '${{ env.SCANCENTRAL }}' | |
| ci_token: '${{ env.CITOKEN }}' | |
| language_profile: other |