Skip to content
.github/workflows/main.yml

Configurado todo o processo de scan em imagem docker com SCA #37

Sign in to view logs

Configurado todo o processo de scan em imagem docker com SCA

Configurado todo o processo de scan em imagem docker com SCA #37

Workflow file for this run

.github/workflows/main.yml at f12a77e
name: Node.js Tests with Docker

Check failure on line 1 in .github/workflows/main.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/main.yml

Invalid workflow file 

`container-test-job` is not a valid event name
on:
push:
branches:
- main
pull_request:
branches:
- main
container-test-job:
runs-on: ubuntu-latest
container:
image: docker.io/evernow/fortify-sca:23.1
options: --user root
credentials:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWD }}
steps:
- name: Testes
run: |
curl -v https://update.fortify.com
cat /etc/os-release
yum install -y tar gzip
echo $PATH
ls -la /opt/fortify/bin
- name: Checkout code
uses: actions/checkout@v4
- name: Run fortifyupdate
run: fortifyupdate -url https://update.fortify.com
- name: Run Fortify SCA clean
run: sourceanalyzer -b webgoat -clean
- name: Run Fortify SCA translate
run: sourceanalyzer -b webgoat .
- name: Run Fortify SCA scan
run: sourceanalyzer -b webgoat -scan -f webgoat.fpr
- name: Setup Fortify tools
uses: fortify/github-action/setup@v1
with:
tool-definitions: https://github.com/fortify/tool-definitions/releases/download/v1/tool-definitions.yaml.zip
export-path: true
fcli: latest
- name: Run fcli from PATH
run: fcli -V
- name: Run fcli using FCLI_CMD environment variable
run: ${FCLI_CMD} -V
- name: Login SSC do lab via FCLI
run: fcli ssc session login --url=https://ssc.evernow.com.br/ --user ${{ secrets.SSC_USER }} --password ${{ secrets.SSC_PASSWD }}
- name: Upload artifact via FCLI
run: fcli ssc artifact upload --appversion=88 --file=webgoat.fpr