Skip to content

Commit

Permalink
Merge pull request #88 from itsKedar/pr-CXFLW-1531-multiple-custom-fi…
Browse files Browse the repository at this point in the history
…elds

Fix for multiple custom fields
  • Loading branch information
satyamchaurasiapersistent authored Dec 13, 2024
2 parents 069b07b + a51b657 commit 680f3d2
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 36 deletions.
6 changes: 1 addition & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -60,14 +60,10 @@ The GitHub action [![Latest Release](https://img.shields.io/github/v/release/ch
| jira_close_transition | 'Done' | Jira Close Transition Status | String | No | N/A |
| jira_open_status | 'Backlog,Selected for Development,In Progress' | Jira Open Status | String | No | N/A |
| jira_closed_status | 'Done' | Jira Closed Status | String | No | N/A |
| project_custom_field_key | 'test' | project custom field key that is mentioned in Checkmarx SAST | String | No | N/A |
| project_custom_field_value | 'test1' | project custom field value that needs to be updated or added in checkmarx SAST | String | No | N/A |
| scan_custom_field_key | 'test' | scan custom field key that is mentioned in Checkmarx SAST Scan. | String | No | N/A |
| scan_custom_field_value | 'test1' | scan custom field value that needs to be added in Checkmarx SAST Scan. | String | No | N/A |
| params | --severity=High --branch=${{ github.ref }} | Any additional parameters for CxFlow. For a full list of all the parameters, see the [following](https://github.com/checkmarx-ltd/cx-flow/wiki/Configuration). Special note about [filtering](#Filters) | String | No | N/A |
| java_opts | -Xms512m | Any Java options | String | No | N/A |

*Note:* Please use `--checkmarx.settings-override=true` in params while using `project-custom-field` or `scan-custom-field`. Make sure project_custom_field_key and project_custom_field_value both are mentioned.
*Note:* Please use `--checkmarx.settings-override=true` in params while using `project-custom-field` or `scan-custom-field`.
## Secrets

_Note: It is recommended to leverage secrets for any sensitive inputs_
Expand Down
27 changes: 2 additions & 25 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -142,23 +142,6 @@ inputs:
required: false
description: 'Jira Closed Status'
default: ''
#######CLI Parameters ###########
project_custom_field_key:
required: false
description: 'checkmarx project custom field key'
default: ''
project_custom_field_value:
required: false
description: 'checkmarx project custom field value'
default: ''
scan_custom_field_key:
required: false
description: 'checkmarx scan custom field key'
default: ''
scan_custom_field_value:
required: false
description: 'checkmarx scan custom field value'
default: ''
runs:
using: 'docker'
image: 'Dockerfile'
Expand Down Expand Up @@ -195,10 +178,7 @@ runs:
- ${{ inputs.jira_close_transition }}
- ${{ inputs.jira_open_status }}
- ${{ inputs.jira_closed_status }}
- ${{ inputs.project_custom_field_key }}
- ${{ inputs.project_custom_field_value }}
- ${{ inputs.scan_custom_field_key }}
- ${{ inputs.scan_custom_field_value }}


env:
TEAM: "${{ inputs.team }}"
Expand Down Expand Up @@ -235,10 +215,7 @@ runs:
JIRA_CLOSE_TRANSITION: ${{ inputs.jira_close_transition }}
JIRA_OPEN_STATUS: ${{ inputs.jira_open_status }}
JIRA_CLOSED_STATUS: ${{ inputs.jira_closed_status }}
PROJECT_CUSTOM_FIELD_KEY : ${{ inputs.project_custom_field_key }}
PROJECT_CUSTOM_FIELD_VALUE : ${{ inputs.project_custom_field_value }}
SCAN_CUSTOM_FIELD_KEY: ${{ inputs.scan_custom_field_key }}
SCAN_CUSTOM_FIELD_VALUE: ${{ inputs.scan_custom_field_value }}


branding:
icon: 'check'
Expand Down
12 changes: 6 additions & 6 deletions entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ if [ -n "$EXTRA_CERTIFICATES" ]
then
jvm_keystore="/etc/ssl/certs/java/cacerts" # java 8 specific location
echo "Importing custom certificates in $EXTRA_CERTIFICATES subdirectory to '$jvm_keystore'"
/app/keytool-import-certs.sh /github/workspace/$EXTRA_CERTIFICATES "$jvm_keystore"
/app/keytool-import-certs.sh /github/workspace/"$EXTRA_CERTIFICATES" "$jvm_keystore"
fi

# Check if CHECKMARX_URL contains 'cxrestapi'
Expand All @@ -19,15 +19,15 @@ else
fi


java ${JAVA_OPTS} -jar /app/cx-flow.jar --SHA=$GITHUB_SHA --spring.profiles.active="${CX_FLOW_ENABLED_VULNERABILITY_SCANNERS}" --scan --github.api-url="${GITHUB_API_URL}/repos/" --cx-team="${TEAM}" --cx-project="${PROJECT}" --app="${APP}" --jira.url="${JIRA_URL}" --jira.username="${JIRA_USERNAME}" --jira.token="${JIRA_TOKEN}" --jira.project="${JIRA_PROJECT}" --jira.issue-type="${JIRA_ISSUE_TYPE}" --jira.open-transition="${JIRA_OPEN_TRANSITION}" --jira.close-transition="${JIRA_CLOSE_TRANSITION}" --jira.open-status="${JIRA_OPEN_STATUS}" --jira.closed-status="${JIRA_CLOSED_STATUS}" --project-custom-field="${PROJECT_CUSTOM_FIELD_KEY}":"${PROJECT_CUSTOM_FIELD_VALUE}" --scan-custom-field="${SCAN_CUSTOM_FIELD_KEY}":"${SCAN_CUSTOM_FIELD_VALUE}" --f=. ${CXFLOW_PARAMS} 2> scanid$GITHUB_SHA.txt
java "${JAVA_OPTS}" -jar /app/cx-flow.jar --SHA="$GITHUB_SHA" --spring.profiles.active="${CX_FLOW_ENABLED_VULNERABILITY_SCANNERS}" --scan --github.api-url="${GITHUB_API_URL}/repos/" --cx-team="${TEAM}" --cx-project="${PROJECT}" --app="${APP}" --jira.url="${JIRA_URL}" --jira.username="${JIRA_USERNAME}" --jira.token="${JIRA_TOKEN}" --jira.project="${JIRA_PROJECT}" --jira.issue-type="${JIRA_ISSUE_TYPE}" --jira.open-transition="${JIRA_OPEN_TRANSITION}" --jira.close-transition="${JIRA_CLOSE_TRANSITION}" --jira.open-status="${JIRA_OPEN_STATUS}" --jira.closed-status="${JIRA_CLOSED_STATUS}" --f=. "${CXFLOW_PARAMS}" 2> scanid"$GITHUB_SHA".txt
JAVA_RETURN_STATUS=$(echo $?)
scanID=$(grep 'cxflowscanidextraction' scanid$GITHUB_SHA.txt | sed 's/.*cxflowscanidextractiongithubaction \(.*\)endofstatementscanidaction/\1/')
echo "cxflowscanid=$scanID" >> $GITHUB_OUTPUT
rm scanid$GITHUB_SHA.txt
echo "cxflowscanid=$scanID" >> "$GITHUB_OUTPUT"
rm scanid"$GITHUB_SHA".txt
EXIT_CODE=$(grep 'Finished with exit code:' cx-flow.log | tail -1 |sed 's/.*: //')
if [ -z "$EXIT_CODE" ]
then
exit $JAVA_RETURN_STATUS
exit "$JAVA_RETURN_STATUS"
else
exit $EXIT_CODE
exit "$EXIT_CODE"
fi

0 comments on commit 680f3d2

Please sign in to comment.