Description
Fcli supports workflow-style actions defined in YAML files. Many built-in actions are provided, focusing on data export and CI/CD integration. Users can also develop their own custom actions, either from scratch or by customizing built-in actions. If you require any assistance with developing custom actions, please consult with Fortify Professional Services.
This fcli version supports the following action schema versions: See fcli help output.
Actions can potentially perform dangerous operations like deleting data or posting data to 3rd-party systems, so it is recommended to only run trusted actions. Action authors can sign their actions using the action sign command; actions without a (valid) signature will require confirmation when trying to run them. Trusted public keys can be configured through the fcli config public-key commands, or passed directly using the --pubkey option on various action-related commands.
The 'fcli action' module allows for managing and running fcli actions that are not (directly) related to a specific product like SSC or FoD. Fcli also provides 'fcli fod action' and 'fcli ssc action' commands for managing and running fcli actions that are specific to these products.
This product-agnostic action module can be used to manage and run actions that: - Don’t interact with any product, like a custom action that just runs 'fcli config' commands - Optionally interact with either SSC or FoD products, depending on input - Interact with both SSC and FoD, for example for synchronizing data between different products