diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cbea06e..524e887 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,8 +22,9 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 - - uses: actions/setup-java@v1 + - uses: actions/setup-java@v2 with: + distribution: 'adopt' java-version: '8' - uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/policyscan.yml b/.github/workflows/policyscan.yml index 813d4a6..aa37014 100644 --- a/.github/workflows/policyscan.yml +++ b/.github/workflows/policyscan.yml @@ -18,8 +18,9 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 - - uses: actions/setup-java@v1 # Make java accessible on path so the uploadandscan action can run. + - uses: actions/setup-java@v2 # Make java accessible on path so the uploadandscan action can run. with: + distribution: 'adopt' java-version: '8' # zip the project and move it to a staging directory diff --git a/README.md b/README.md index 2b096dd..380b39d 100644 --- a/README.md +++ b/README.md @@ -95,15 +95,13 @@ Veracode recommends that you use the toplevel parameter if you want to ensure th ### `deleteincompletescan` -**Optional** - **In Java API Wrapper version >=22.5.10.0 this parameter has changed to an Integer. One of these values:** + * 0: do not delete an incomplete scan when running the uploadandscan action. The default. If set, you must delete an incomplete scan manually to proceed with the uploadandscan action. * 1: delete a scan with a status of incomplete, no modules defined, failed, or canceled to proceed with the uploadandscan action. If errors occur when running this action, the Java wrapper automatically deletes the incomplete scan. * 2: delete a scan of any status except Results Ready to proceed with the uploadandscan action. If errors occur when running this action, the Java wrapper automatically deletes the incomplete scan. - -With the scan deleted automatically, you can create subsequent scans without having to manually delete an incomplete scan. +**Optional** With the scan deleted automatically, you can create subsequent scans without having to manually delete an incomplete scan. ### `javawrapperversion` @@ -111,9 +109,11 @@ With the scan deleted automatically, you can create subsequent scans without hav ### `debug` -**Optional** BOOLEAN - Set to true to show detailed diagnostic information, which you can use for debugging, in the output. +**Optional** BOOLEAN - Set to true to show detailed diagnostic information, which you can use for debugging, in the output. + +## Examples -## Example usage +### General Usage The following example will compile and build a Java web applicatin (.war file) from the main branch of the source code repository using Maven. The compiled .war file is then uploaded to Veracode and a static analysis scan is run. @@ -150,3 +150,40 @@ jobs: # include: '*.war' # criticality: 'VeryHigh' ``` + +### Using This Action With a Mac Runner + +Docker is not installed on Mac runners by default, and [installing it can be time consuming](https://github.com/actions/runner/issues/1456). As an alternative, we suggest breaking the build and upload for languages that require a Mac runner to build (like iOS) into separate jobs. An example workflow is below: + +```yaml +jobs: + build: + name: Build + runs-on: macos-12 + + steps: + - name: checkout + uses: actions/checkout@v2 + + # SNIP: steps to build an iOS application + + - uses: actions/upload-artifact@v3 + with: + path: path/to/iOSApplication.zip + scan: + name: Scan + runs-on: ubuntu-latest + needs: build + steps: + - uses: actions/download-artifact@v3 + with: + path: iOSApplication.zip + + - name: Upload & Scan + uses: veracode/veracode-uploadandscan-action@0.2.4 + with: + appname: 'MyTestApp' + filepath: 'iOSApplication.zip' + vid: 'FakeID' + vkey: 'FakeKey' +```