Merge pull request #67 from veracode/SDEVX-v0.2.15

shailesh-veracode · web-flow · commit 8c8cf567da38 · 2024-12-12T23:02:09.000+05:30
Bug fixes related to invalid policy name and vercode helper repo
diff --git a/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml b/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml
@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -43,7 +43,7 @@ jobs:
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
@@ -83,7 +83,7 @@ jobs:
       - name: Veracode Pipeline Results
         if: always()
         id: prepare-results
-        uses: Veracode/github-actions-integration-helper@v0.1.4
+        uses: Veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'preparePipelineResults'
           token: ${{ github.event.client_payload.token }}
diff --git a/.github/workflows/binary-ready-veracode-sast-policy-scan.yml b/.github/workflows/binary-ready-veracode-sast-policy-scan.yml
@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -43,7 +43,7 @@ jobs:
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
@@ -88,7 +88,7 @@ jobs:
       - name: Veracode Policy Results
         id: prepare-results
         if: always()
-        uses: Veracode/github-actions-integration-helper@v0.1.4
+        uses: Veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'preparePolicyResults'
           token: ${{ github.event.client_payload.token }}
@@ -107,7 +107,7 @@ jobs:
     if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }}
     name: Remove Sandbox
     steps:
-      - uses: veracode/github-actions-integration-helper@v0.1.4
+      - uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}
diff --git a/.github/workflows/template-register.yaml b/.github/workflows/template-register.yaml
@@ -14,7 +14,7 @@ jobs:
     steps:
     - name: Register build
       id: register-build
-      uses: veracode/github-actions-integration-helper@v0.1.4
+      uses: veracode/github-actions-integration-helper@v0.1.5
       with:
         action: registerBuild
         token: ${{ github.event.client_payload.token }}
diff --git a/.github/workflows/veracode-code-analysis.yml b/.github/workflows/veracode-code-analysis.yml
@@ -52,7 +52,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
@@ -65,7 +65,7 @@ jobs:
       - name: Verify Policy name
         id: verify_policy_name
         if: success()
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validatePolicyName
           token: ${{ github.event.client_payload.token }}
diff --git a/.github/workflows/veracode-default-build.yml b/.github/workflows/veracode-default-build.yml
@@ -41,13 +41,14 @@ jobs:
     steps:
     - uses: actions/checkout@v4
       with:
-        repository: ${{ inputs.repository }}
-        ref: ${{ inputs.ref }}
-        token: ${{ inputs.token }}
+        path: 'veracode-helper'
 
     - uses: actions/checkout@v4
       with:
-        path: 'veracode-helper'
+        repository: ${{ inputs.repository }}
+        ref: ${{ inputs.ref }}
+        token: ${{ inputs.token }}
+        path: 'source-code'
 
     - name: Package the application
       id: application_package
@@ -77,11 +78,13 @@ jobs:
         export PATH="veracode-helper/helper/cli/$cliFileName:$PATH"
         cd $working_path
         if [[ "${{ inputs.event_name }}" == *"ruby"* ]]; then
+          gem install --install-dir source-code veracode
+          cd source-code
           gem install bundler -v ${{ inputs.bundle_version }}
-          gem install veracode
           bundle install
+          cd ..
         fi
-        veracode package --source . --output veracode-artifacts --trust
+        veracode package --source source-code --output veracode-artifacts --trust
 
     - name: Package error
       if: failure() && steps.application_package.outcome == 'failure'
diff --git a/.github/workflows/veracode-iac-secrets-scan.yml b/.github/workflows/veracode-iac-secrets-scan.yml
@@ -30,7 +30,7 @@ jobs:
     steps:
       - name: Verify Veracode API credentials
         id: verify_api_creds
-        uses: veracode/github-actions-integration-helper@v0.1.4
+        uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: validateVeracodeApiCreds
           token: ${{ github.event.client_payload.token }}
diff --git a/.github/workflows/veracode-pipeline-scan.yml b/.github/workflows/veracode-pipeline-scan.yml
@@ -84,7 +84,7 @@ jobs:
       - name: Veracode Pipeline Results
         if: always()
         id: prepare-results
-        uses: Veracode/github-actions-integration-helper@v0.1.4
+        uses: Veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'preparePipelineResults'
           token: ${{ inputs.token }}
diff --git a/.github/workflows/veracode-policy-scan.yml b/.github/workflows/veracode-policy-scan.yml
@@ -92,7 +92,7 @@ jobs:
       - name: Veracode Policy Results
         id: prepare-results
         if: always()
-        uses: Veracode/github-actions-integration-helper@v0.1.4
+        uses: Veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'preparePolicyResults'
           token: ${{ inputs.token }}
@@ -111,7 +111,7 @@ jobs:
     if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }}
     name: Remove Sandbox
     steps:
-      - uses: veracode/github-actions-integration-helper@v0.1.4
+      - uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}
diff --git a/.github/workflows/veracode-remove-sandbox.yml b/.github/workflows/veracode-remove-sandbox.yml
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Remove Sandbox
     steps:
-      - uses: veracode/github-actions-integration-helper@v0.1.4
+      - uses: veracode/github-actions-integration-helper@v0.1.5
         with:
           action: 'removeSandbox'
           vid: ${{ secrets.VERACODE_API_ID }}
