The native scancentral cli supports either specifying SSC_URL or SCSAST Controller URL (henceforth SCSAST_URL).
Currently, if SSC_URL is specified in the native scancentral cli, it will retrieve the SCSAST_URL setting configured in SSC.
In some environments, SCSAST_URL specified in SSC could be using internal DNS/IP (or even k8s cluster name).
In such scenario, the resolved SCSAST_URL will be an internal DNS/IP, and hence not accessible via GitHub.
The current workaround is use fortify/github-action/setup to install sc-client and run the native scancentral command via shell.
A reusable GitHub action approach would be nice.
Enhancement Request
The native
scancentral
cli supports either specifyingSSC_URL
or SCSAST Controller URL (henceforthSCSAST_URL
).Currently, if
SSC_URL
is specified in the nativescancentral
cli, it will retrieve theSCSAST_URL
setting configured in SSC. In some environments,SCSAST_URL
specified in SSC could be using internal DNS/IP (or even k8s cluster name). In such scenario, the resolvedSCSAST_URL
will be an internal DNS/IP, and hence not accessible via GitHub.The current workaround is use
fortify/github-action/setup
to installsc-client
and run the nativescancentral
command via shell. A reusable GitHub action approach would be nice.