runCxSASTScan

Initiates an SAST scan using the given account credentials. Also automatically creates a project in Checkmarx if none exists with the given name.

Inputs

Input Name

Input Code

Required

Description

Input Name

Input Code

Required

Description

Checkmarx Account Code

FDCX_INP_ANALYSIS_TOOL_ACCOUNT_CODE

Yes

The Checkmarx account with all required properties such as URL, Username and Password.

Checkmarx Project Name

FDCX_INP_PROJECT_NAME

Yes

The project name to use in Checkmarx. If no project exists with this name, one will be created.

Wait for Scan to Complete

FDCX_INP_WAIT_SCAN_COMPLETE

Yes

Whether to wait for the scan to complete or not. If set to false, you will need to use getSASTScanResults to see results.

Report Type

FDCX_INP_REPORT_TYPE

Yes

Type of report to be generated. Only applies if Wait for Completion is set to true.

Incremental Scan

FDCX_INP_INCREMENTAL_SCAN

Yes

Whether to perform an Incremental Scan.

Source Location

FDCX_INP_SOURCE_CODE_LOCATION

Yes

Where to derive the source code from. If upload is used, any contents in FD_TEMP_DIR will be uploaded to Checkmarx. If Git is selected it will use first configured git scm. Only token-based authentication is supported for git. If none is selected whatever is configured already on the project in Checkmarx will be used.

Exclude files

FDCX_INP_EXCLUDE_FILES

Yes

Files (including wildcards) to exclude from the scan.

Exclude folders

FDCX_INP_EXCLUDE_FOLDERS

Yes

Folders (including wildcards) to exclude from the scan.

Is Public

FDCX_INP_IS_PUBLIC

Yes

Whether the scan is public or not.

Force Scan

FDCX_INP_FORCE_SCAN

Yes

Whether to force a scan or not.

Team Name

FDCX_INP_TEAM_NAME

No

Team name to use to create project if none exists. If this value is not set, default team name on checkmarx account will be used instead.

Outputs

Output Name

Description

Output Name

Description

FDCX_OUT_SCAN_ID

ID of the scan.

FDCX_OUT_SCAN_RESULT_LINK

Link to the scan results. Only applies if wait for scan is true.

FDCX_OUT_HIGH_VULNERABILITIY_COUNT

Number of High Vulnerabilities. Only applies if wait for scan is true.

FDCX_OUT_MEDIUM_VULNERABILITIY_COUNT

Number of Medium Vulnerabilities. Only applies if wait for scan is true.

FDCX_OUT_LOW_VULNERABILITIY_COUNT

Number of Low Vulnerabilities. Only applies if wait for scan is true.

Artifacts

This operation doesn’t consume or produce any artifacts.

Endpoint Selection

This operation delegates the selection to the workflow developer to determine.

Endpoint Execution

This operation will execute on any one of the selected endpoints and will be random in the determination of which one.

The following macros are not currently supported in the footer:
  • style