dsad

.github/workflows/main.yml

@@ -1,19 +1,22 @@
 name: Checkmarx AST Scan
-on: [pull_request]
+on: [push , pull_request]
+
+
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-      - name: Checkmarx AST CLI Action
-        uses: checkmarxDev/ast-github-action@master #Github Action version
-        with:
-          project_name: small-project
-          base_uri: https://ast-master.dev.cxast.net/
-          branch: ${{ github.head_ref }}
-          cx_tenant: galactica
-          cx_client_id: ${{ secrets.CX_CLIENT_ID }}
-          cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }}
-          additional_params: --threshold "sast-high=4;sca-high=1;kics-high=1"
+   runs-on: ubuntu-latest
+   steps:
+     - name: Checkout
+       uses: actions/checkout@v2
+     - name: Checkmarx AST CLI Action
+       uses: Checkmarx/ast-github-action@v0.29
+       with:
+            project_name: small-project
+            base_uri: https://eu.ast.checkmarx.net/
+            branch: ${{ github.head_ref }}
+            cx_tenant: cx_ast_pm_yoav_ast
+            cx_client_id: ${{ secrets.CX_CLIENT_ID }}
+            cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }}
+            additional_params: --threshold "sast-high=4;sca-high=1;kics-high=1"
+

.github/workflows/main1.yml

@@ -0,0 +1,48 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the main branch
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+     - name: Checkmarx AST Github Action
+  # You may pin to the exact commit or the version.
+  # uses: Checkmarx/ast-github-action@34a3cf1cdb359db037d432f3c024fea7e0df71d8
+  uses: Checkmarx/ast-github-action@2.0.2
+  with:
+    # Provide the AST portal URL
+    base_uri: https://eu.ast.checkmarx.net/
+    # Provide the Tenant for AST portal URL
+    cx_tenant: cx_ast_pm_yoav_ast
+    # Client ID for AST portal authentication
+    cx_client_id: GitHub Actions
+    # Secret key for AST portal authentication
+    cx_client_secret: 8f2c1e10-427c-460e-a800-208a0a5e36fb
+    # Select a Checkmarx Project Name
+    project_name: small-project
+    branch: main
+    github_token: # optional, default is ${{ github.token }}
+
+   - name: Upload SARIF file
+    uses: github/codeql-action/upload-sarif@v1
+    with:
+      # Path to SARIF file relative to the root of the repository
+      sarif_file: results.sarif

.github/workflows/main2.yml

@@ -0,0 +1,26 @@
+name: Checkmarx AST Scan
+on: [workflow_dispatch]
+
+
+
+jobs:
+  build:
+   runs-on: ubuntu-latest
+   steps:
+     - name: Checkout
+       uses: actions/checkout@v2
+     - name: Checkmarx AST CLI Action
+       uses: Checkmarx/ast-github-action@2.0.2
+       with:
+            project_name: small-project
+            base_uri: https://eu.ast.checkmarx.net/
+            cx_tenant: cx_ast_pm_yoav_ast
+            cx_client_id: ${{ secrets.CLIENT_ID }}
+            cx_client_secret: ${{ secrets.CLIENT_SECRET }}
+            additional_params:   --sast-preset-name "failed preset"
+
+
+
+
+
+

README.md

@@ -1,3 +1,5 @@
+test dev.cot
+12345678
 ![Sign](https://i.imgur.com/bovh598.png)
 
 Damn Small Vulnerable Web [![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-Unlicense-red.svg)](https://github.com/stamparm/DSVW/blob/master/LICENSE)