diff --git a/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml b/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml index edae82b7..8ca7732c 100644 --- a/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml +++ b/.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Verify Veracode API credentials id: verify_api_creds - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validateVeracodeApiCreds token: ${{ github.event.client_payload.token }} @@ -43,7 +43,7 @@ jobs: - name: Verify Policy name id: verify_policy_name if: success() - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validatePolicyName token: ${{ github.event.client_payload.token }} @@ -83,7 +83,7 @@ jobs: - name: Veracode Pipeline Results if: always() id: prepare-results - uses: Veracode/github-actions-integration-helper@v0.1.4 + uses: Veracode/github-actions-integration-helper@v0.1.5 with: action: 'preparePipelineResults' token: ${{ github.event.client_payload.token }} diff --git a/.github/workflows/binary-ready-veracode-sast-policy-scan.yml b/.github/workflows/binary-ready-veracode-sast-policy-scan.yml index ff6566f6..f3b3dda7 100644 --- a/.github/workflows/binary-ready-veracode-sast-policy-scan.yml +++ b/.github/workflows/binary-ready-veracode-sast-policy-scan.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Verify Veracode API credentials id: verify_api_creds - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validateVeracodeApiCreds token: ${{ github.event.client_payload.token }} @@ -43,7 +43,7 @@ jobs: - name: Verify Policy name id: verify_policy_name if: success() - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validatePolicyName token: ${{ github.event.client_payload.token }} @@ -88,7 +88,7 @@ jobs: - name: Veracode Policy Results id: prepare-results if: always() - uses: Veracode/github-actions-integration-helper@v0.1.4 + uses: Veracode/github-actions-integration-helper@v0.1.5 with: action: 'preparePolicyResults' token: ${{ github.event.client_payload.token }} @@ -107,7 +107,7 @@ jobs: if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }} name: Remove Sandbox steps: - - uses: veracode/github-actions-integration-helper@v0.1.4 + - uses: veracode/github-actions-integration-helper@v0.1.5 with: action: 'removeSandbox' vid: ${{ secrets.VERACODE_API_ID }} diff --git a/.github/workflows/template-register.yaml b/.github/workflows/template-register.yaml index fa2b25cb..6e41ee39 100644 --- a/.github/workflows/template-register.yaml +++ b/.github/workflows/template-register.yaml @@ -14,7 +14,7 @@ jobs: steps: - name: Register build id: register-build - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: registerBuild token: ${{ github.event.client_payload.token }} diff --git a/.github/workflows/veracode-code-analysis.yml b/.github/workflows/veracode-code-analysis.yml index c0fa8c77..fdfd5fa4 100644 --- a/.github/workflows/veracode-code-analysis.yml +++ b/.github/workflows/veracode-code-analysis.yml @@ -52,7 +52,7 @@ jobs: steps: - name: Verify Veracode API credentials id: verify_api_creds - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validateVeracodeApiCreds token: ${{ github.event.client_payload.token }} @@ -65,7 +65,7 @@ jobs: - name: Verify Policy name id: verify_policy_name if: success() - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validatePolicyName token: ${{ github.event.client_payload.token }} diff --git a/.github/workflows/veracode-default-build.yml b/.github/workflows/veracode-default-build.yml index 15a458bf..f232dc7a 100644 --- a/.github/workflows/veracode-default-build.yml +++ b/.github/workflows/veracode-default-build.yml @@ -41,13 +41,14 @@ jobs: steps: - uses: actions/checkout@v4 with: - repository: ${{ inputs.repository }} - ref: ${{ inputs.ref }} - token: ${{ inputs.token }} + path: 'veracode-helper' - uses: actions/checkout@v4 with: - path: 'veracode-helper' + repository: ${{ inputs.repository }} + ref: ${{ inputs.ref }} + token: ${{ inputs.token }} + path: 'source-code' - name: Package the application id: application_package @@ -77,11 +78,13 @@ jobs: export PATH="veracode-helper/helper/cli/$cliFileName:$PATH" cd $working_path if [[ "${{ inputs.event_name }}" == *"ruby"* ]]; then + gem install --install-dir source-code veracode + cd source-code gem install bundler -v ${{ inputs.bundle_version }} - gem install veracode bundle install + cd .. fi - veracode package --source . --output veracode-artifacts --trust + veracode package --source source-code --output veracode-artifacts --trust - name: Package error if: failure() && steps.application_package.outcome == 'failure' diff --git a/.github/workflows/veracode-iac-secrets-scan.yml b/.github/workflows/veracode-iac-secrets-scan.yml index 5d1b38a4..1ae48e9d 100644 --- a/.github/workflows/veracode-iac-secrets-scan.yml +++ b/.github/workflows/veracode-iac-secrets-scan.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Verify Veracode API credentials id: verify_api_creds - uses: veracode/github-actions-integration-helper@v0.1.4 + uses: veracode/github-actions-integration-helper@v0.1.5 with: action: validateVeracodeApiCreds token: ${{ github.event.client_payload.token }} diff --git a/.github/workflows/veracode-pipeline-scan.yml b/.github/workflows/veracode-pipeline-scan.yml index 82f1d9e7..972307f1 100644 --- a/.github/workflows/veracode-pipeline-scan.yml +++ b/.github/workflows/veracode-pipeline-scan.yml @@ -84,7 +84,7 @@ jobs: - name: Veracode Pipeline Results if: always() id: prepare-results - uses: Veracode/github-actions-integration-helper@v0.1.4 + uses: Veracode/github-actions-integration-helper@v0.1.5 with: action: 'preparePipelineResults' token: ${{ inputs.token }} diff --git a/.github/workflows/veracode-policy-scan.yml b/.github/workflows/veracode-policy-scan.yml index 4c482d45..05558720 100644 --- a/.github/workflows/veracode-policy-scan.yml +++ b/.github/workflows/veracode-policy-scan.yml @@ -92,7 +92,7 @@ jobs: - name: Veracode Policy Results id: prepare-results if: always() - uses: Veracode/github-actions-integration-helper@v0.1.4 + uses: Veracode/github-actions-integration-helper@v0.1.5 with: action: 'preparePolicyResults' token: ${{ inputs.token }} @@ -111,7 +111,7 @@ jobs: if: ${{ github.event.client_payload.user_config.sandbox_scan.execute_remove_sandbox_action && always() }} name: Remove Sandbox steps: - - uses: veracode/github-actions-integration-helper@v0.1.4 + - uses: veracode/github-actions-integration-helper@v0.1.5 with: action: 'removeSandbox' vid: ${{ secrets.VERACODE_API_ID }} diff --git a/.github/workflows/veracode-remove-sandbox.yml b/.github/workflows/veracode-remove-sandbox.yml index 6adf1949..1431fa3a 100644 --- a/.github/workflows/veracode-remove-sandbox.yml +++ b/.github/workflows/veracode-remove-sandbox.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest name: Remove Sandbox steps: - - uses: veracode/github-actions-integration-helper@v0.1.4 + - uses: veracode/github-actions-integration-helper@v0.1.5 with: action: 'removeSandbox' vid: ${{ secrets.VERACODE_API_ID }}