Skip to content
4 changes: 4 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ inputs:
description: 'Enable or disable debug mode'
required: false
default: false
waitForScanCompletion:
description: 'Wait for the Veracode Static Scan to complete and poll for the final results. If set to false, the scan will be submitted asynchronously and the workflow will continue immediately.'
default: 'true'
required: false
runs:
using: 'node20'
main: 'dist/index.js'
18 changes: 13 additions & 5 deletions dist/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -117720,7 +117720,7 @@ const { calculateAuthorizationHeader } = __nccwpck_require__(92132);
const SCAN_TIME_OUT = 8;
const POLICY_EVALUATION_FAILED = 9;

async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug) {
async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion) {
core.info(`Getting Veracode Application for Policy Scan: ${appname}`)
const veracodeApp = await getVeracodeApplicationForPolicyScan(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, debug);
if (veracodeApp.appId === -1) {
Expand Down Expand Up @@ -117795,7 +117795,7 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi
core.info(`Running a Policy Scan: ${appname}`);
//comand for policy scan
core.info(`Veracode Policy Scan Created, Build Id: ${version}`);
await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug)
await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion)
}
} catch (error) {
console.log(error)
Expand All @@ -117805,11 +117805,12 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi

}

async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) {
async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) {
const debugFlag = debug ? ' -debug' : '';
if (debug)
core.debug(`Module: workflow-service, function: executePolicyScan. Application: ${veracodeApp.appId}`);
const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout 6000 -deleteincompletescan 2${debugFlag}`;
const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout ${scantimeout} -deleteincompletescan 2${debugFlag}`;
// const policyScanCommand = `java -jar ${jarName} -action UploadAndScan -vid ${vid} -vkey ${vkey} -appname BulkScan-4 -createprofile true -filepath ${filepath} -version ${version} -scantimeout ${scantimeout}`;
let scan_id = "";
let sandboxID;
let sandboxGUID;
Expand All @@ -117827,6 +117828,12 @@ async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filep
core.debug(stdout);
core.debug(stderr);
}

if (String(waitForScanCompletion).toLowerCase() === 'false') {
core.info('Static Scan Submitted, please check Veracode Platform for results');
return;
}

if (stdout) {
scan_id = extractValue(
stdout,
Expand Down Expand Up @@ -142020,6 +142027,7 @@ const gitRepositoryUrl = core.getInput('gitRepositoryUrl', { required: false });
const platformType = core.getInput('platformType', { required: false });
const workflowApp = core.getInput('workflowApp', {required: false});
const debug = core.getInput('debug', {required: false});
const waitForScanCompletion = core.getInput('waitForScanCompletion', {required: false});

const POLICY_EVALUATION_FAILED = 9;
const SCAN_TIME_OUT = 8;
Expand Down Expand Up @@ -142055,7 +142063,7 @@ async function run() {
return;

if (workflowApp){
await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug);
await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion);
return;
}

Expand Down
3 changes: 2 additions & 1 deletion src/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ const gitRepositoryUrl = core.getInput('gitRepositoryUrl', { required: false });
const platformType = core.getInput('platformType', { required: false });
const workflowApp = core.getInput('workflowApp', {required: false});
const debug = core.getInput('debug', {required: false});
const waitForScanCompletion = core.getInput('waitForScanCompletion', {required: false});

const POLICY_EVALUATION_FAILED = 9;
const SCAN_TIME_OUT = 8;
Expand Down Expand Up @@ -60,7 +61,7 @@ async function run() {
return;

if (workflowApp){
await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug);
await executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion);
return;
}

Expand Down
15 changes: 11 additions & 4 deletions src/services/workflow-service.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ const { calculateAuthorizationHeader } = require('../api/veracode-hmac.js');
const SCAN_TIME_OUT = 8;
const POLICY_EVALUATION_FAILED = 9;

async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug) {
async function executeStaticScans(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, sandboxname, version, filepath, responseCode, createsandbox, failbuild, debug, scantimeout, waitForScanCompletion) {
core.info(`Getting Veracode Application for Policy Scan: ${appname}`)
const veracodeApp = await getVeracodeApplicationForPolicyScan(vid, vkey, appname, policy, teams, createprofile, gitRepositoryUrl, debug);
if (veracodeApp.appId === -1) {
Expand Down Expand Up @@ -89,7 +89,7 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi
core.info(`Running a Policy Scan: ${appname}`);
//comand for policy scan
core.info(`Veracode Policy Scan Created, Build Id: ${version}`);
await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug)
await executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion)
}
} catch (error) {
console.log(error)
Expand All @@ -99,11 +99,12 @@ async function executeStaticScans(vid, vkey, appname, policy, teams, createprofi

}

async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug) {
async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filepath, responseCode, failbuild, debug, scantimeout, waitForScanCompletion) {
const debugFlag = debug ? ' -debug' : '';
if (debug)
core.debug(`Module: workflow-service, function: executePolicyScan. Application: ${veracodeApp.appId}`);
const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout 6000 -deleteincompletescan 2${debugFlag}`;
const policyScanCommand = `java -jar ${jarName} -action UploadAndScanByAppId -vid ${vid} -vkey ${vkey} -appid ${veracodeApp.appId} -filepath ${filepath} -version ${version} -scanpollinginterval 30 -autoscan true -scanallnonfataltoplevelmodules true -includenewmodules true -scantimeout ${scantimeout} -deleteincompletescan 2${debugFlag}`;
// const policyScanCommand = `java -jar ${jarName} -action UploadAndScan -vid ${vid} -vkey ${vkey} -appname BulkScan-4 -createprofile true -filepath ${filepath} -version ${version} -scantimeout ${scantimeout}`;
let scan_id = "";
let sandboxID;
let sandboxGUID;
Expand All @@ -121,6 +122,12 @@ async function executePolicyScan(vid, vkey, veracodeApp, jarName, version, filep
core.debug(stdout);
core.debug(stderr);
}

if (String(waitForScanCompletion).toLowerCase() === 'false') {
core.info('Static Scan Submitted, please check Veracode Platform for results');
return;
}

if (stdout) {
scan_id = extractValue(
stdout,
Expand Down