diff --git a/action.yml b/action.yml index 772b4f9..046ab06 100644 --- a/action.yml +++ b/action.yml @@ -67,6 +67,10 @@ inputs: description: 'Enable or disable debug mode' required: false default: false + waitForScanCompletion: + description: 'Wait for the Veracode Static Scan to complete and poll for the final results. If set to false, the scan will be submitted asynchronously and the workflow will continue immediately.' + default: 'true' + required: false runs: using: 'node20' main: 'dist/index.js' \ No newline at end of file diff --git a/dist/index.js b/dist/index.js index 79ece50..ff18290 100644 --- a/dist/index.js +++ b/dist/index.js @@ -117720,7 +117720,7 @@ const { calculateAuthorizationHeader } = __nccwpck_require__(92132); const SCAN_TIME_OUT = 8; const POLICY_EVALUATION_FAILED = 9; -async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug) { +async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion) { core.info(`Getting Veracode Application for Policy Scan: ${appname}`) const veracodeApp = await getVeracodeApplicationForPolicyScan(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, debug); if (veracodeApp.appId === -1) { @@ -117795,7 +117795,7 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi core.info(`Running a Policy Scan: ${appname}`); //comand for policy scan core.info(`Veracode Policy Scan Created, Build Id: ${version}`); - await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) + await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) } } catch (error) { console.log(error) @@ -117805,11 +117805,12 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi } -async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) { +async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) { const debugFlag = debug ? ' -debug' : ''; if (debug) core.debug(`Module: workflow-service, function: executePolicyScan. Application: ${veracodeApp.appId}`); - const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout 6000 -deleteincompletescan 2${debugFlag}`; + const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout ${scantimeout} -deleteincompletescan 2${debugFlag}`; + // const policyScanCommand = `java -jar ${jarName} -action UploadAndScan -vid ${vid} -vkey ${vkey} -appname BulkScan-4 -createprofile true -filepath ${filepath} -version ${version} -scantimeout ${scantimeout}`; let scan_id = ""; let sandboxID; let sandboxGUID; @@ -117827,6 +117828,12 @@ async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filep core.debug(stdout); core.debug(stderr); } + + if (String(waitForScanCompletion).toLowerCase() === 'false') { + core.info('Static Scan Submitted, please check Veracode Platform for results'); + return; + } + if (stdout) { scan_id = extractValue( stdout, @@ -142020,6 +142027,7 @@ const gitRepositoryUrl = core.getInput('gitRepositoryUrl', { required: false }); const platformType = core.getInput('platformType', { required: false }); const workflowApp = core.getInput('workflowApp', {required: false}); const debug = core.getInput('debug', {required: false}); +const waitForScanCompletion = core.getInput('waitForScanCompletion', {required: false}); const POLICY_EVALUATION_FAILED = 9; const SCAN_TIME_OUT = 8; @@ -142055,7 +142063,7 @@ async function run() { return; if (workflowApp){ - await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug); + await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion); return; } diff --git a/src/index.js b/src/index.js index f6690f1..937a0a9 100644 --- a/src/index.js +++ b/src/index.js @@ -25,6 +25,7 @@ const gitRepositoryUrl = core.getInput('gitRepositoryUrl', { required: false }); const platformType = core.getInput('platformType', { required: false }); const workflowApp = core.getInput('workflowApp', {required: false}); const debug = core.getInput('debug', {required: false}); +const waitForScanCompletion = core.getInput('waitForScanCompletion', {required: false}); const POLICY_EVALUATION_FAILED = 9; const SCAN_TIME_OUT = 8; @@ -60,7 +61,7 @@ async function run() { return; if (workflowApp){ - await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug); + await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion); return; } diff --git a/src/services/workflow-service.js b/src/services/workflow-service.js index de53635..97987e5 100644 --- a/src/services/workflow-service.js +++ b/src/services/workflow-service.js @@ -14,7 +14,7 @@ const { calculateAuthorizationHeader } = require('../api/veracode-hmac.js'); const SCAN_TIME_OUT = 8; const POLICY_EVALUATION_FAILED = 9; -async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug) { +async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion) { core.info(`Getting Veracode Application for Policy Scan: ${appname}`) const veracodeApp = await getVeracodeApplicationForPolicyScan(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, debug); if (veracodeApp.appId === -1) { @@ -89,7 +89,7 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi core.info(`Running a Policy Scan: ${appname}`); //comand for policy scan core.info(`Veracode Policy Scan Created, Build Id: ${version}`); - await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) + await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) } } catch (error) { console.log(error) @@ -99,11 +99,12 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi } -async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) { +async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) { const debugFlag = debug ? ' -debug' : ''; if (debug) core.debug(`Module: workflow-service, function: executePolicyScan. Application: ${veracodeApp.appId}`); - const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout 6000 -deleteincompletescan 2${debugFlag}`; + const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout ${scantimeout} -deleteincompletescan 2${debugFlag}`; + // const policyScanCommand = `java -jar ${jarName} -action UploadAndScan -vid ${vid} -vkey ${vkey} -appname BulkScan-4 -createprofile true -filepath ${filepath} -version ${version} -scantimeout ${scantimeout}`; let scan_id = ""; let sandboxID; let sandboxGUID; @@ -121,6 +122,12 @@ async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filep core.debug(stdout); core.debug(stderr); } + + if (String(waitForScanCompletion).toLowerCase() === 'false') { + core.info('Static Scan Submitted, please check Veracode Platform for results'); + return; + } + if (stdout) { scan_id = extractValue( stdout,