Skip to content

Veracode Dynamic Analysis Scan #177

Veracode Dynamic Analysis Scan

Veracode Dynamic Analysis Scan #177

name: Veracode Dynamic Analysis Scan
concurrency: ${{ github.ref }}-${{ github.workflow }}
on:
schedule:
- cron: "0 3 * * 2,4,6"
workflow_dispatch:
inputs:
dast-profile-name:
description: "Name of dynamic analysis profile"
default: "CAMS Flexion"
required: true
type: string
jobs:
dast-scan:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Veracode credentials
run: |
pwd
mkdir ~/.veracode
cat > credentials << EOF
[default]
veracode_api_key_id = ${{ secrets.VERACODE_API_ID }}
veracode_api_key_secret = ${{ secrets.VERACODE_API_KEY }}
EOF
mv credentials ~/.veracode
- name: Install dependencies
run: pip install veracode-api-signing
- name: Execute DAST Prescan
run: ./ops/scripts/pipeline/veracode-prescan.py "${{ inputs.dast-profile-name || 'CAMS Flexion' }}"
- name: Schedule DAST Scan
run: ./ops/scripts/pipeline/veracode-dast-scan.py "${{ inputs.dast-profile-name || 'CAMS Flexion' }}"