yeulih
commented
3 years ago Hello, To confirm, you are running it via GitHub actions and aren't checking the scan status via polling?
Open jamesnswithers opened 3 years ago
yeulih
commented
3 years ago Hello, To confirm, you are running it via GitHub actions and aren't checking the scan status via polling?
jamesnswithers
commented
3 years ago Yes, that's right, via GitHub actions and i'm not polling.
- name: Download Fortify on Demand Universal CI Tool
uses: fortify/gha-setup-fod-uploader@v1
- name: Perform SAST Scan
run: java -jar $FOD_UPLOAD_JAR -z package.zip -aurl $FOD_API_URL -purl $FOD_URL -rid "$FOD_RELEASE_ID" -tc "$FOD_TENANT" -ac "$FOD_KEY" "$FOD_SECRET" $FOD_UPLOADER_OPTS -n "$FOD_UPLOADER_NOTES"
continue-on-error: true
env:
FOD_TENANT: ${{ secrets.FOD_TENANT }}
FOD_KEY: ${{ secrets.FOD_KEY }}
FOD_SECRET: ${{ secrets.FOD_SECRET }}
FOD_RELEASE_ID: ${{ secrets.FOD_RELEASE_ID }}
FOD_URL: "https://emea.fortify.com/"
FOD_API_URL: "https://api.emea.fortify.com/"
FOD_UPLOADER_OPTS: "-ep 1 -pp 0"
FOD_UPLOADER_NOTES: 'Triggered by GitHub Actions (${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})'Thank you for providing the details. This has been brought up to the dev team - currently if you poll FoDUploader returns an exit code of 3 for canceled scans.
Setting
-inProgressScanActionType = 0returns an exit code of 1 when a scan is already running.For example running via GitHub actions with this value returns:
An exit code of 1 will signify an (un)expected failure of the task. For me this would make more sense to return a successful exit code when a scan is already running as your intention of including the value in ProgressScanActionType = 0 is that a scan should not be actioned if another is already in progress, meaning that this task has been completed successfully.
Could this function be amended or a new option be provided to exit successfully if a scan is already running?