Attribute Release/Application differentiation and `setup-release` action

[kadraman]

Includes fix for --attrs being able to only update relevant type, e.g. Application/Release (fixes fortify#604)

Working fcli fod action run setup-release with attributes and Aviator/OSS options.

[rsenden]

@kadraman Looks like you've also updated the app create command to only include app attributes. I think in this case, we'd want to include both app and release attributes, as app create will also create a release.

[kadraman]

@kadraman Looks like you've also updated the app create command to only include app attributes. I think in this case, we'd want to include both app and release attributes, as app create will also create a release.

Yes, I forgot about that - will update it.

[kadraman]

Having a quick look at this, as an Application must always be created with a Release do you think it might be better to keep the same behaviour rather than specifying --app-attrs and --release-attrs (if creating a microservice as well it would also include --microservice-attrs)????

I could change the code to cater for this “soley” on fod app create … --attrs … But limit fod release create.. and fod app update and fod release update to having --attrs only work at the appropriate level.

I could then also change action setup-release to just having --attributes again.

What do you think?

[rsenden]

@kadraman I don't see any new commit yet, but I think it's better to just have a single --attrs option. On app create this would set both app & release attributes, on app update we would ignore release attributes, and on rel update and rel create we would ignore app attributes. The setup-release action can then just have a single --attrs option.

[rsenden]

I haven't checked any resource bundle updates yet, but please make sure that this behavior is properly documented in the option descriptions, i.e., stating that app create --attrs accepts both app & release attributes, whereas for the other commands, --attrs ignores app or release attributes.

[kadraman]

OK great, I will make this update then and commit.

Kevin Kevin Lee Lead Solutions Consultant | UK OpenText Cybersecurity | Fortify | Debricked Phone: (+44) 7429 151807 Website: www.opentext.comhttp://www.opentext.com/

@.***https://www.microfocus.com/en-us/assets/cyberres/magic-quadrant-for-application-security-testing

From: Ruud Senden @.> Sent: Friday, September 20, 2024 10:48 AM To: fortify/fcli @.> Cc: Kevin A. Lee @.>; Mention @.> Subject: [EXTERNAL] - Re: [fortify/fcli] Attribute Release/Application differentiation and setup-release action (PR #605)

I haven't checked any resource bundle updates yet, but please make sure that this behavior is properly documented in the option descriptions, i.e., stating that app create --attrs accepts both app & release attributes, whereas for the other commands, --attrs ignores app or release attributes.

— Reply to this email directly, view it on GitHubhttps://urldefense.com/v3/__https:/github.com/fortify/fcli/pull/605*issuecomment-2363316702__;Iw!!Obbck6kTJA!aIbOp4_TBHhwTkyLwPkDAoa-7MmptV3YUdf1RsFTaWtVN29Efy08CjAF4i7zSmph4-XoZ-ODoOQsMJdBZ0NJ1l8OAxIx$, or unsubscribehttps://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/ABA7EUBVS7L5PGYWZVI3UELZXPVMXAVCNFSM6AAAAABOROWPXOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNRTGMYTMNZQGI__;!!Obbck6kTJA!aIbOp4_TBHhwTkyLwPkDAoa-7MmptV3YUdf1RsFTaWtVN29Efy08CjAF4i7zSmph4-XoZ-ODoOQsMJdBZ0NJ1u0lqfiz$. You are receiving this because you were mentioned.Message ID: @.**@.>>