fields:
- type: result
name: application
- type: result
name: project
Every value mentioned in fields will be added in Labels.
type
cx-scan: Used to map specific Checkmarx Scan Custom Field values
cx-sca: Used to map specific Checkmarx SCA Scan tags values
static: Used for static values (specifically requires a default-value to be provided)
result: Used to map known values from Checkmarx results or repository/scan request details. Refer to the Result values below.
name: If cx-scan or cx-sca reflects the type, it is the name of the custom field within Checkmarx SAST or key of tag in case o SCA
default-value Static value if no value can be determined for the respective field (Optional)
If result is provided as type, the name must be one of the following:
application - Command line option --app
project - Command line option --cx-project
namespace - Command line option --namespace
repo-name - Command line option --repo-name
repo-url - Command line option --repo-url
branch - Command line option --branch
severity - Severity of issue in Checkmarx
category - Category of issue in Checkmarx
cwe - CWE of issue in Checkmarx
recommendation - Recommendation details based on Mitre/Custom Wiki
loc - csv of lines of code
issue-link - Direct link to issue within Checkmarx
filename - Filename provided by Checkmarx issue
language - Language provided by Checkmarx issue
similarity-id - Cx Similarity ID
Description
Added new parameters for GitHub and GitLab
Every value mentioned in fields will be added in Labels.
type
name: If cx-scan or cx-sca reflects the type, it is the name of the custom field within Checkmarx SAST or key of tag in case o SCA
default-value Static value if no value can be determined for the respective field (Optional)
If result is provided as type, the name must be one of the following:
References
https://github.com/checkmarx-ltd/cx-flow/issues/1029
Testing
Tested on GitHub and GitLab