Merge pull request #52 from veracode/REPO-723-differentiate-between-static-scans

https://veracode.atlassian.net/browse/RMC-9450

Author: jeradcliffe

.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -43,7 +43,7 @@ jobs:
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
@@ -83,7 +83,7 @@ jobs:
       - name: Veracode Pipeline Results
         if: always()
         id: prepare-results
-        uses: Veracode/[email protected].2
+        uses: Veracode/[email protected].3
         with:
           action: 'preparePipelineResults'
           token: ${{ github.event.client_payload.token }}

.github/workflows/binary-ready-veracode-sast-policy-scan.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -43,7 +43,7 @@ jobs:
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
@@ -88,7 +88,7 @@ jobs:
       - name: Veracode Policy Results
         id: prepare-results
         if: always()
-        uses: Veracode/[email protected].2
+        uses: Veracode/[email protected].3
         with:
           action: 'preparePolicyResults'
           token: ${{ github.event.client_payload.token }}
@@ -107,7 +107,7 @@ jobs:
     if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }}
     name: Remove Sandbox
     steps:
-      - uses: veracode/[email protected].2
+      - uses: veracode/[email protected].3
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}

.github/workflows/template-register.yaml

@@ -14,7 +14,7 @@ jobs:
     steps:
     - name: Register build
       id: register-build
-      uses: veracode/[email protected].2
+      uses: veracode/[email protected].3
       with:
         action: registerBuild
         token: ${{ github.event.client_payload.token }}

.github/workflows/veracode-build-artifact-for-scanning.yml

@@ -18,7 +18,7 @@ on:
 
 jobs:
   build:
-    if: ${{ inputs.event_name == 'java-pipeline-scan' || inputs.event_name == 'java-policy-scan' || inputs.event_name == 'java-sandbox-scan' || inputs.event_name == 'unidentified-lang-pipeline-scan' || inputs.event_name == 'unidentified-lang-policy-scan' || inputs.event_name == 'unidentified-lang-sandbox-scan' }}
+    if: ${{ inputs.event_name == 'java-pipeline-scan' || inputs.event_name == 'java-policy-scan' || inputs.event_name == 'java-sandbox-scan' || inputs.event_name == 'unidentified-lang-pipeline-scan' || inputs.event_name == 'unidentified-lang-policy-scan' || inputs.event_name == 'unidentified-lang-sandbox-scan' || inputs.event_name == 'dot-net-pipeline-scan' || inputs.event_name == 'dot-net-policy-scan' || inputs.event_name == 'dot-net-sandbox-scan'}}
     uses: ./.github/workflows/veracode-default-build.yml
     with:
       repository: ${{ inputs.repository }}
@@ -48,14 +48,6 @@ jobs:
       repository: ${{ inputs.repository }}
       ref: ${{ inputs.ref }}
       token: ${{ inputs.token }}
-      
-  build-dot-net-package:
-    if: ${{ inputs.event_name == 'dot-net-pipeline-scan' || inputs.event_name == 'dot-net-policy-scan'  || inputs.event_name == 'dot-net-sandbox-scan'}}
-    uses: ./.github/workflows/veracode-build-dot-net.yml
-    with:
-      repository: ${{ inputs.repository }}
-      ref: ${{ inputs.ref }}
-      token: ${{ inputs.token }}
 
   build-go-package:
     if: ${{ inputs.event_name == 'go-pipeline-scan' || inputs.event_name == 'go-policy-scan'  || inputs.event_name == 'go-sandbox-scan'}}

.github/workflows/veracode-code-analysis.yml

@@ -8,7 +8,7 @@ concurrency:
 
 on:
   repository_dispatch:
-    types: 
+    types:
       - java-maven-pipeline-scan
       - java-maven-policy-scan
       - java-gradle-pipeline-scan
@@ -38,7 +38,7 @@ jobs:
   register:
     uses: ./.github/workflows/veracode-check-run.yml
     with:
-      check_run_name: ${{ github.workflow }}
+      check_run_name: ${{ github.workflow }} - ${{ contains(github.event.action, 'policy') && 'Policy' || 'Pipeline' }}
       head_sha: ${{ github.event.client_payload.sha }}
       repositroy_owner: ${{ github.event.client_payload.repository.owner }}
       repositroy_name: ${{ github.event.client_payload.repository.name }}
@@ -54,7 +54,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -63,11 +63,11 @@ jobs:
           appname: ${{ github.event.client_payload.user_config.profile_name }}
           source_repository: ${{ github.event.client_payload.repository.full_name }}
           check_run_id: ${{ needs.register.outputs.run_id }}
-      
+
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
@@ -81,7 +81,7 @@ jobs:
           start_line: ${{ github.event.client_payload.annotationObj.start_line }}
           end_line: ${{ github.event.client_payload.annotationObj.end_line }}
           break_build_invalid_policy: ${{github.event.client_payload.break_build_invalid_policy }}
- 
+
   build:
     needs: validations
     uses: ./.github/workflows/veracode-build-artifact-for-scanning.yml
@@ -114,7 +114,7 @@ jobs:
       filter_mitigated_flaws: ${{ github.event.client_payload.user_config.filter_mitigated_flaws }}
       language: ${{ github.event.client_payload.repository.language }}
     secrets: inherit
-    
+
   policy_scan:
     needs: [build, register]
     if: contains(github.event.action, 'policy')
@@ -136,4 +136,4 @@ jobs:
       break_build_on_error: ${{ github.event.client_payload.user_config.break_build_on_error }}
       filter_mitigated_flaws: ${{ github.event.client_payload.user_config.filter_mitigated_flaws }}
       language: ${{ github.event.client_payload.repository.language }}
-    secrets: inherit
+    secrets: inherit

.github/workflows/veracode-default-build.yml

@@ -54,5 +54,5 @@ jobs:
     - uses: actions/upload-artifact@v4
       with:
         name: veracode-artifact
-        path: /__w/veracode/veracode/veracode-artifact.zip
+        path: /__w/veracode/veracode/veracode-artifacts/*
         if-no-files-found: error

.github/workflows/veracode-iac-secrets-scan.yml

@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/[email protected].2
+        uses: veracode/[email protected].3
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}

.github/workflows/veracode-pipeline-scan.yml

@@ -84,7 +84,7 @@ jobs:
       - name: Veracode Pipeline Results
         if: always()
         id: prepare-results
-        uses: Veracode/[email protected].2
+        uses: Veracode/[email protected].3
         with:
           action: 'preparePipelineResults'
           token: ${{ inputs.token }}

.github/workflows/veracode-policy-scan.yml

@@ -88,7 +88,7 @@ jobs:
       - name: Veracode Policy Results
         id: prepare-results
         if: always()
-        uses: Veracode/[email protected].2
+        uses: Veracode/[email protected].3
         with:
           action: 'preparePolicyResults'
           token: ${{ inputs.token }}
@@ -107,7 +107,7 @@ jobs:
     if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }}
     name: Remove Sandbox
     steps:
-      - uses: veracode/[email protected].2
+      - uses: veracode/[email protected].3
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}

.github/workflows/veracode-remove-sandbox.yml

@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Remove Sandbox
     steps:
-      - uses: veracode/[email protected].2
+      - uses: veracode/[email protected].3
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}

.gitignore

@@ -1 +1,2 @@
 .DS_Store
+.idea