RDarnel
commented
1 year ago In case anyone else is looking for this, I learned that there are some environment variable overrides built into the detect binary to help with this. Tracking down these environment variables have proven difficult, but appears to correspond to the property name in the CLI where the name is capitalized and the . char is replaced with _. For example, detect.project.name would simply have the corresponding environment variable: DETECT_PROJECT_NAME
For a list of all available properties:
https://sig-product-docs.synopsys.com/bundle/integrations-detect/page/properties/all-properties.html
Environment variables documentation:
https://sig-product-docs.synopsys.com/bundle/integrations-detect/page/configuring/envvars.html
Here's a couple that will help with the project name and version:
- DETECT_PROJECT_NAME
- DETECT_PROJECT_VERSION_NAME
Sample usage:
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: "<Insert Build Step here>"
- name: Run BD Detect
uses: synopsys-sig/detect-action@v0.3.4
env:
DETECT_PROJECT_VERSION_NAME: "${{ env.VERSION }}"
DETECT_PROJECT_NAME: "${{ github.repository }}"
with:
scan-mode: INTELLIGENT
detect-version: 9.0.0
...
I would like to use my own custom project name and version during BDH scan. There is no input argument in the Action plugin. Please add or tell me a workaround for this issue.
**default behavior noticed tale repo name as BDH project name.