Use this action to perform static application security testing (SAST) on a repository with the Coverity on Polaris scanner from Black Duck, and then view comprehensive security results in the CloudBees platform.
This action is available on the GitHub marketplace.
Prerequisites
Set up the CloudBees platform and GHA to work together, providing key features of the platform to GHA workflows. Refer to Getting started for more information.
Inputs
Input name | Data type | Required? | Description |
---|---|---|---|
|
String |
Yes |
The Coverity on Polaris API token. |
|
String |
Yes |
|
|
String |
Yes |
The Coverity on Polaris server URL. |
|
String |
No |
The CloudBees platform URL.
The default value is |
Usage examples
Basic example
The following is a basic example of using this action:
- name: Scan with Coverity on Polaris uses: cloudbees-io-gha/coverity-scan-publish@v1 with: api-token: ${{ secrets.COVERITY_POLARIS_TOKEN }} cloudbees-pat : ${{ secrets.CloudBees-platform-PAT }} server-url: ${{ vars.COVERITY_POLARIS_SERVER_URL }}
Full workflow and run example
The following GHA workflow example scans a repository with Coverity on Polaris.
Example GHA workflow YAML file
After the GHA run has completed, the security findings are collected and displayed in the Security center of the component containing the workflow.
