Skip to content

Bump hashicorp/azurerm from 4.10.0 to 4.14.0 in /terraform #416

Bump hashicorp/azurerm from 4.10.0 to 4.14.0 in /terraform

Bump hashicorp/azurerm from 4.10.0 to 4.14.0 in /terraform #416

Workflow file for this run

---
name: fortidevsec
on: # yamllint disable-line rule:truthy
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
init:
name: init
runs-on: ubuntu-latest
outputs:
action: ${{ steps.init.outputs.action }}
steps:
- id: init
name: "init"
shell: bash
run: |
if [[ -n "${{ secrets.FORTIDEVSECORGID }}" && -n "${{ secrets.FORTIDEVSECAPPID }}" ]]
then
echo 'action=true' >> "${GITHUB_OUTPUT}"
else
echo 'action=false' >> "${GITHUB_OUTPUT}"
fi
fortidevsec-sast:
needs: [init]
if: needs.init.outputs.action == 'true'
name: https://fortidevsec.forticloud.com/
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Scan
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
#docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --risk_rating 1
#docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --url https://robinmordasiewicz.github.io/devops-toolkit/