diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml index 3fc04c84bd..9f61c52378 100644 --- a/.github/workflows/veracode.yml +++ b/.github/workflows/veracode.yml @@ -54,7 +54,7 @@ jobs: contents: read # for actions/checkout to fetch code security-events: write # for github/codeql-action/upload-sarif to upload SARIF results actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - runs-on: ubuntu-latest + runs-on: [ self-hosted, master ] steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps @@ -168,16 +168,16 @@ jobs: id: get-tag run: echo "::set-output name=TAG::$(git describe --tags --abbrev=0)" - - name: Veracode Upload And Scan - uses: veracode/veracode-uploadandscan-action@0.2.6 - with: - appname: 'Nuxeo Web UI' - createprofile: false - filepath: 'nuxeo-web-ui-${{ steps.get-tag.outputs.TAG }}.zip' - vid: '${{ secrets.VERACODE_SECRET_API_ID }}' - vkey: '${{ secrets.VERACODE_SECRET_KEY }}' - sandboxname: 'master' - scantimeout: 600 - include: '*.war, *.zip, *.js, *.html, *.css, *.json' - criticality: 'VeryHigh' - includenewmodules: 'true' \ No newline at end of file + # - name: Veracode Upload And Scan + # uses: veracode/veracode-uploadandscan-action@0.2.6 + # with: + # appname: 'Nuxeo Web UI' + # createprofile: false + # filepath: 'nuxeo-web-ui-${{ steps.get-tag.outputs.TAG }}.zip' + # vid: '${{ secrets.VERACODE_SECRET_API_ID }}' + # vkey: '${{ secrets.VERACODE_SECRET_KEY }}' + # sandboxname: 'master' + # scantimeout: 600 + # include: '*.war, *.zip, *.js, *.html, *.css, *.json' + # criticality: 'VeryHigh' + # includenewmodules: 'true' \ No newline at end of file