-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSecurityCodeScan-example.toml
40 lines (33 loc) · 1.73 KB
/
SecurityCodeScan-example.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
[source-code]
relativeDirectory='' # source code directory specified by relative directory name (overrides projectFileDirectoryPatterns)
projectFileDirectoryPatterns=['*.sln','*.csproj','*.vbproj','*.fsproj'] # patterns (e.g., *.sln,*.csproj) to find source code directory by largest, first file found
[request] # (reserved for Code Dx use)
# The image name contains the Docker image that handles this scan request file.
#
imageName = "codedx/codedx-securitycodescanrunner:v1.51.0"
# The work directory stores k8s secrets, trusted CA certificates,a copy of the scan request
# file, and the exit code file. The user running the Docker image *must* have write access
# to the work directory.
#
# $workDirectory/analysis-exit-code - exit code of the shell command
# $workDirectory/ca-certificates - trusted CA certificates
# $workDirectory/config/request.toml - a copy of the scan request file
# $workDirectory/input - analysis input
# $workDirectory/workflow-secrets - workflow secrets
#
workDirectory = "/opt/codedx/securitycodescan/work"
# The shell cmd to run as the entry point for the tool.
#
shellCmd = '''
source=$(ls /opt/codedx/securitycodescan/work/input)
pwsh /opt/codedx/securitycodescan/script/SecurityCodeScan.ps1 \
"/opt/codedx/securitycodescan/work/input/$source" \
/opt/codedx/securitycodescan/work/output/securitycodescan.output \
/opt/codedx/securitycodescan/work/config/request.toml
'''
# The result file contains the tool output provided to Code Dx.
#
resultFilePath = "/opt/codedx/securitycodescan/work/output/securitycodescan.output"
# The Intelligent Orchestration security activities supported by this tool (e.g., sca, sast, dast)
#
securityActivities = ['sast']