Update azure-pipelines.yml for Azure Pipelines #68
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | |
| name: Checkmarx AST scan | |
| on: [push, pull_request] | |
| jobs: | |
| build: | |
| runs-on: ubantu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Checkmarx AST Github Action | |
| # You may pin to the exact commit or the version. | |
| # uses: Checkmarx/ast-github-action@120ae714236b39685a59726fa20cf09ff2f25b69 | |
| uses: Checkmarx/[email protected] | |
| with: | |
| # Provide the AST portal URL | |
| base_uri: https://eu.ast.checkmarx.net | |
| # Provide the Tenant for AST portal URL | |
| cx_tenant: dp_wp_account | |
| # Client ID for AST portal authentication | |
| cx_client_id: ${{ secrets.CLIENT_ID }} | |
| # Secret key for AST portal authentication | |
| cx_client_secret: ${{ secrets.CLIENT_SECRET }} | |
| # Select a Checkmarx Project Name | |
| project_name: ${{ github.repository }} | |
| # Branch name | |
| branch: ${{ github.ref }} | |
| # Additional parameters for AST scan | |
| additional_params: --tags test1, test2 --scan-types sast,kics --file-filter !readme --report-format sarif --output-name results | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v1 | |
| with: | |
| # Path to SARIF file relative to the root of the repository | |
| sarif_file: results.sarif |