-
Notifications
You must be signed in to change notification settings - Fork 4
/
io-manifest-sigma.yml
132 lines (131 loc) · 3.81 KB
/
io-manifest-sigma.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# Copyright (c) 2024 Black Duck Software, Inc. All rights reserved worldwide.
application:
appId: <<APP_ID>>
assetId: <<ASSET_ID>>
projectName: <<PROJECT_NAME>>
appType: Webapp
release: <<RELEASE_TYPE>>
microservice: false
projectLanguage: Java
platformVersion: Java 8
buildSystem: Maven
riskMatrixRevision: Rev1.0
sourceFilePattern: .*\+\+\+.*(\.java|\.jsp)+.*
sensitivePackagePattern: <<SENSITIVE_PACKAGE_PATTERN>>
fileChangeThreshold: <<FILE_CHANGE_THRESHOLD>>
environment:
scm: <<SCM_TYPE>>
scmOwner: <<SCM_OWNER>>
scmRepositoryName: <<SCM_REPO_NAME>>
scmBranchName: <<SCM_BRANCH_NAME>>
bitbucketUserName: <<BITBUCKET_USERNAME>>
bitbucketPassword: <<BITBUCKET_PASSWORD>>
bitbucketApiUrl: https://api.bitbucket.org/2.0/repositories/
githubApiUrl: https://api.github.com/repos/
githubUsername: <<GITHUB_USERNAME>>
githubToken: <<GITHUB_ACCESS_TOKEN>>
gitlabHostUrl: <<GITLAB_HOST_URL>>
gitlabToken: <<GITLAB_TOKEN>>
enableJira: <<ENABLE_JIRA>>
jiraProjectName: <<JIRA_PROJECT_NAME>>
jiraIssuesQuery: <<JIRA_ISSUES_QUERY>>
jiraApiUrl: <<JIRA_API_URL>>
jiraUserName: <<JIRA_USERNAME>>
jiraAuthToken: <<JIRA_AUTH_TOKEN>>
security:
activities:
sast:
rescanThreshold: <<SAST_RESCAN_THRESHOLD>>
sca:
rescanThreshold: <<SCA_RESCAN_THRESHOLD>>
connectors:
- connector_name: slack
fields:
channelidentifier: <<SLACK_CHANNEL_ID>>
bearertoken: <<SLACK_TOKEN>>
- connector_name: msteams
fields:
webhook_url: <<MSTEAMS_WEBHOOK_URL>>
- connector_name: jira
fields:
issuetype: Bug
projectkey: <<JIRA_PROJECT_NAME>>
assignee: <<JIRA_ASSIGNEE>>
url: <<JIRA_API_URL>>
username: <<JIRA_USERNAME>>
authtoken: <<JIRA_AUTH_TOKEN>>
- connector_name: rally
fields:
projectkey: <<RALLY_PROJECT_NAME>>
assignee: <<RALLY_ASSIGNEE>>
url: <<RALLY_API_URL>>
authtoken: <<RALLY_AUTH_TOKEN>>
- connector_name: bitbucket
fields:
workspace_name: <<SCM_OWNER>>
repository_name: <<SCM_REPO_NAME>>
commit_id: <<BITBUCKET_COMMIT_ID>>
username: <<BITBUCKET_USERNAME>>
app_password: <<BITBUCKET_PASSWORD>>
- connector_name: github
fields:
file_path: workflowengine-results.sarif.json
owner_name: <<GITHUB_OWNER_NAME>>
repository_name: <<GITHUB_REPO_NAME>>
ref: <<GITHUB_REF>>
commit_id: <<GITHUB_COMMIT_ID>>
username: <<GITHUB_USERNAME>>
accesstoken: <<GITHUB_ACCESS_TOKEN>>
buildbreaker:
- activityname: sast
status:
- new
- open
overallseverity:
- high
categories:
- name: cross-site scripting
severity: high
- name: sql injection
severity: high
- activityname: sca
status:
- new
overallseverity:
- high
categories:
- name: cve-2015-2119
severity: medium
# for WF client
tool_information:
- tool_name: coverity
enabled: false
fields:
file_path: coverity-results.json
stream: <<COVERITY_STREAM>>
instance_url: <<COVERITY_SERVER_URL>>
username: <<COVERITY_USERNAME>>
password: <<COVERITY_PASSWORD>>
- tool_name: polaris
enabled: false
fields:
project_name: <<POLARIS_PROJECT_NAME>>
branch_name: <<POLARIS_BRANCH_NAME>>
instance_url: <<POLARIS_SERVER_URL>>
auth_token: <<POLARIS_ACCESS_TOKEN>>
- tool_name: sigma
enabled: <<IS_SAST_ENABLED>>
fields:
output_file: sigma-results.json
- tool_name: blackduck
enabled: <<IS_SCA_ENABLED>>
fields:
project_name: <<BLACKDUCK_PROJECT_NAME>>
instance_url: <<BLACKDUCK_SERVER_URL>>
auth_token: <<BLACKDUCK_ACCESS_TOKEN>>
- tool_name: seeker
enabled: <<IS_DAST_ENABLED>>
fields:
project_name: <<SEEKER_PROJECT_NAME>>
instance_url: <<SEEKER_SERVER_URL>>
auth_token: <<SEEKER_ACCESS_TOKEN>>