-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #33 from tjarrettveracode/master
Update README to fix Mac runtime - fixes #32
- Loading branch information
Showing
3 changed files
with
47 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -95,25 +95,25 @@ Veracode recommends that you use the toplevel parameter if you want to ensure th | |
|
|
||
| ### `deleteincompletescan` | ||
|
|
||
| **Optional** | ||
|
|
||
| **In Java API Wrapper version >=22.5.10.0 this parameter has changed to an Integer. One of these values:** | ||
|
|
||
| * 0: do not delete an incomplete scan when running the uploadandscan action. The default. If set, you must delete an incomplete scan manually to proceed with the uploadandscan action. | ||
| * 1: delete a scan with a status of incomplete, no modules defined, failed, or canceled to proceed with the uploadandscan action. If errors occur when running this action, the Java wrapper automatically deletes the incomplete scan. | ||
| * 2: delete a scan of any status except Results Ready to proceed with the uploadandscan action. If errors occur when running this action, the Java wrapper automatically deletes the incomplete scan. | ||
|
|
||
|
|
||
| With the scan deleted automatically, you can create subsequent scans without having to manually delete an incomplete scan. | ||
| **Optional** With the scan deleted automatically, you can create subsequent scans without having to manually delete an incomplete scan. | ||
|
|
||
| ### `javawrapperversion` | ||
|
|
||
| **Optional** STRING - Allows specifying the version of the Java API Wrapper used by the script to call the Veracode APIs. The default is to use the latest released version of the Veracode Java API Wrapper, as [published in Maven Central](https://search.maven.org/search?q=a:vosp-api-wrappers-java). An example of the version string format is `22.5.10.1`. | ||
|
|
||
| ### `debug` | ||
|
|
||
| **Optional** BOOLEAN - Set to true to show detailed diagnostic information, which you can use for debugging, in the output. | ||
| **Optional** BOOLEAN - Set to true to show detailed diagnostic information, which you can use for debugging, in the output. | ||
|
|
||
| ## Examples | ||
|
|
||
| ## Example usage | ||
| ### General Usage | ||
|
|
||
| The following example will compile and build a Java web applicatin (.war file) from the main branch of the source code repository using Maven. The compiled .war file is then uploaded to Veracode and a static analysis scan is run. | ||
|
|
||
|
|
@@ -150,3 +150,40 @@ jobs: | |
| # include: '*.war' | ||
| # criticality: 'VeryHigh' | ||
| ``` | ||
|
|
||
| ### Using This Action With a Mac Runner | ||
|
|
||
| Docker is not installed on Mac runners by default, and [installing it can be time consuming](https://github.com/actions/runner/issues/1456). As an alternative, we suggest breaking the build and upload for languages that require a Mac runner to build (like iOS) into separate jobs. An example workflow is below: | ||
|
|
||
| ```yaml | ||
| jobs: | ||
| build: | ||
| name: Build | ||
| runs-on: macos-12 | ||
|
|
||
| steps: | ||
| - name: checkout | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # SNIP: steps to build an iOS application | ||
|
|
||
| - uses: actions/upload-artifact@v3 | ||
| with: | ||
| path: path/to/iOSApplication.zip | ||
| scan: | ||
| name: Scan | ||
| runs-on: ubuntu-latest | ||
| needs: build | ||
| steps: | ||
| - uses: actions/download-artifact@v3 | ||
| with: | ||
| path: iOSApplication.zip | ||
|
|
||
| - name: Upload & Scan | ||
| uses: veracode/[email protected] | ||
| with: | ||
| appname: 'MyTestApp' | ||
| filepath: 'iOSApplication.zip' | ||
| vid: 'FakeID' | ||
| vkey: 'FakeKey' | ||
| ``` | ||