Action Documentation: fcli ssc action

This manual page describes built-in fcli actions that can be run through the fcli ssc action run <action-name> command.

appversion-summary

(PREVIEW) Generate application version summary.

Synopsis

fcli ssc action run appversion-summary [fcli ssc action run options] [action options, see below]

Description

This action generates a short summary listing issue counts and other statistics for a given application version. Based on user feedback on this initial version of this action, parameters and output of this action may change in the next couple of fcli releases.

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: stdout
--appversion, --av: Required application version id or <appName>:<versionName>
--filtersets, --fs: Comma-separated list of filter set names, guid’s or 'default' to display in the summary. If not specified, all filter sets will be included.

aws-sast-report

Generate a AWS Security Hub SAST report listing Fortify SSC SAST vulnerabilities.

Synopsis

fcli ssc action run aws-sast-report [fcli ssc action run options] [action options, see below]

Description

This action generate a ASFF report to integrate AWS Security Hub, generated reports then parsed by the lambda function, see: https://github.com/fortify/CloudDevSecOpsTemplates/ For information on how to create or update findings into AWS Security Hub, see https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-update-types.html

Options

--file, -f: Optional report output file name (or 'stdout' / 'stderr'). Default value: aws-fortify-report.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100
--aws-region: Required AWS region. Default value: AWS_REGION environment variable.
--aws-account: Required AWS account id. Default value: AWS_ACCOUNT_ID environment variable.

bitbucket-sast-report

Generate a BitBucket Code Insights report listing SSC SAST vulnerabilities.

Synopsis

fcli ssc action run bitbucket-sast-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into BitBucket, see https://support.atlassian.com/bitbucket-cloud/docs/code-insights/

Options

--report-file, -r: Optional report output file name (or 'stdout' / 'stderr'). Default value: bb-fortify-report.json
--annotations-file, -a: Optional annotations output file name (or 'stdout' / 'stderr'). Default value: bb-fortify-annotations.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

check-policy

(SAMPLE) Check security policy.

Synopsis

fcli ssc action run check-policy [fcli ssc action run options] [action options, see below]

Description

This sample action demonstrates how to implement a security policy using fcli actions, returning a non-zero exit code if any of the checks fail.

Options

--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version

ci

(PREVIEW) Run SSC CI pipeline

Synopsis

fcli ssc action run ci [fcli ssc action run options] [action options, see below]

Description

This action can be used to run a full, standardized CI pipeline that performs the following activities:

Create & configure SSC application version if needed
Package source code
Submit SAST scan request
Wait for SAST scan completion
Perform post-scan activities, like checking policy outcome, exporting results, …

Configuration for this fcli action is done through environment variables; the table below lists the environment variables supported by this action.

Environment Variable Description

Environment Variable	Description
SSC_APPVERSION	Fortify SSC application version to use with this action. This should be specified as `<app-name>:<version-name>`. Default value is based on repository and branch name, for example `myOrg/myRepo:myBranch`.
DO_SETUP SETUP_ACTION SETUP_EXTRA_OPTS	If `DO_SETUP` is set not set to `false`, the application and/or version will be created if they do not yet exist using the fcli-provided setup-appversion action, or, if specified, the custom fcli action specified through `SETUP_ACTION`. Extra options for the fcli action can be passed through the `SETUP_EXTRA_OPTS` environment variable. Depending on your Git workflow, it is recommended to copy state from the application version representing your default branch by passing the `--copy-from` option through `SETUP_EXTRA_OPTS`.
PACKAGE_ACTION PACKAGE_ACTION_EXTRA_OPTS	By default, when running a SAST scan, the fcli package action is used to (optionally) package the source code to be scanned; see next entry for information on how to configure the default package action. If the standard fcli package action doesn’t meet your needs, for example if you want to perform a local translation using Fortify Static Code Analyzer, you can use `PACKAGE_ACTION` to use a custom action for packaging, optionally providing extra options to this custom action through the `PACKAGE_ACTION_EXTRA_OPTS` environment variable. Note that any custom action must set the `global.package.output` action variable, pointing to the package or MBS file to be scanned.
USE_PACKAGE PACKAGE_EXTRA_OPTS SC_CLIENT_VERSION SOURCE_DIR DO_PACKAGE_DEBUG TOOL_DEFINITIONS	These environment variables define packaging behavior. If `USE_PACKAGE` is specified, packaging will be skipped and the given package or MBS file (which must already exist) will be used. To pass additional options to the `scancentral package` command like `-bt` or `-bf`, use `PACKAGE_EXTRA_OPTS`. By default: - Latest available ScanCentral Client version will be used for packaging; use `SC_CLIENT_VERSION` to specify a different version. - Current working directory will be packaged; use `SOURCE_DIR` to package a different directory. - Debug logging for Scancentral Client is disabled; set `DO_PACKAGE_DEBUG` to true to enable debug logging. - Tool definitions to identify available ScanCentral Client versions will be downloaded from the default location; use `TOOL_DEFINITIONS` to use customized tool definitions.
DO_SAST_SCAN SAST_SCAN_EXTRA_OPTS DO_SAST_WAIT	For now, this fcli action only supports running a SAST scan, which is enabled by default. The `SAST_SCAN_EXTRA_OPTS` environment variable can be used to pass extra options to the `fcli sc-sast scan start` command. By default, this action will wait until the scan has been completed, unless `DO_SAST_WAIT` is set to `false`; note that any post-scan tasks will be skipped in this case.
DO_APPVERSION_SUMMARY APPVERSION_SUMMARY_ACTION APPVERSION_SUMMARY_EXTRA_OPTS	If `DO_APPVERSION_SUMMARY` is not set to `false`, an application version summary will be generated using the fcli-provided appversion-summary action or, if specified, the custom fcli action specified through `APPVERSION_SUMMARY_ACTION`. Extra options for the fcli action can be specified through the `APPVERSION_SUMMARY_EXTRA_OPTS` environment variable, which may include fcli options to allow unsigned custom actions to be used.
DO_CHECK_POLICY CHECK_POLICY_ACTION CHECK_POLICY_EXTRA_OPTS	If `DO_CHECK_POLICY` is set to true (implied if any of the other two `CHECK_POLICY_*` variables are set), a policy check will be run after scan completion using the fcli-provided check-policy action or, if specified, the custom fcli action specified through `CHECK_POLICY_ACTION`. Extra options for a custom fcli action can be passed through the `CHECK_POLICY_EXTRA_OPTS` environment variable, which may include fcli options to allow unsigned custom actions to be used.
DO_PR_COMMENT PR_COMMENT_ACTION PR_COMMENT_EXTRA_OPTS	(PREVIEW) If `DO_PR_COMMENT` is set to true (implied if any of the other two `PR_COMMENT_*` variables are set), a Pull Request or Merge Request comment will be generated using an fcli-provided action matching the current CI system like github-pr-comment or, if specified, the custom fcli action specified through `PR_COMMENT_ACTION`. Extra options for the fcli action can be specified through the `PR_COMMENT_EXTRA_OPTS` environment variable, which may include fcli options to allow unsigned custom actions to be used.
DO_SAST_EXPORT SAST_EXPORT_ACTION SAST_EXPORT_EXTRA_OPTS	If `DO_SAST_EXPORT` is not set to `false` and a SAST scan was completed, the SAST vulnerability data will be exported into a CI-specific format using an fcli-provided action matching the current CI system like github-sast-report or gitlab-sast-report, or, if specified, the custom fcli action specified through `SAST_EXPORT_ACTION`. Extra options for the fcli action can be specified through the `SAST_EXPORT_EXTRA_OPTS` environment variable, which may include fcli options to allow unsigned custom actions to be used.

SSC_APPVERSION

Fortify SSC application version to use with this action. This should be specified as <app-name>:<version-name>. Default value is based on repository and branch name, for example myOrg/myRepo:myBranch.

DO_SETUP
SETUP_ACTION
SETUP_EXTRA_OPTS

If DO_SETUP is set not set to false, the application and/or version will be created if they do not yet exist using the fcli-provided setup-appversion action, or, if specified, the custom fcli action specified through SETUP_ACTION. Extra options for the fcli action can be passed through the SETUP_EXTRA_OPTS environment variable.

Depending on your Git workflow, it is recommended to copy state from the application version representing your default branch by passing the --copy-from option through SETUP_EXTRA_OPTS.

PACKAGE_ACTION
PACKAGE_ACTION_EXTRA_OPTS

By default, when running a SAST scan, the fcli package action is used to (optionally) package the source code to be scanned; see next entry for information on how to configure the default package action. If the standard fcli package action doesn’t meet your needs, for example if you want to perform a local translation using Fortify Static Code Analyzer, you can use PACKAGE_ACTION to use a custom action for packaging, optionally providing extra options to this custom action through the PACKAGE_ACTION_EXTRA_OPTS environment variable. Note that any custom action must set the global.package.output action variable, pointing to the package or MBS file to be scanned.

USE_PACKAGE
PACKAGE_EXTRA_OPTS
SC_CLIENT_VERSION
SOURCE_DIR
DO_PACKAGE_DEBUG
TOOL_DEFINITIONS

These environment variables define packaging behavior. If USE_PACKAGE is specified, packaging will be skipped and the given package or MBS file (which must already exist) will be used. To pass additional options to the scancentral package command like -bt or -bf, use PACKAGE_EXTRA_OPTS.
By default:
- Latest available ScanCentral Client version will be used for packaging; use SC_CLIENT_VERSION to specify a different version.
- Current working directory will be packaged; use SOURCE_DIR to package a different directory.
- Debug logging for Scancentral Client is disabled; set DO_PACKAGE_DEBUG to true to enable debug logging.
- Tool definitions to identify available ScanCentral Client versions will be downloaded from the default location; use TOOL_DEFINITIONS to use customized tool definitions.

DO_SAST_SCAN
SAST_SCAN_EXTRA_OPTS
DO_SAST_WAIT

For now, this fcli action only supports running a SAST scan, which is enabled by default. The SAST_SCAN_EXTRA_OPTS environment variable can be used to pass extra options to the fcli sc-sast scan start command. By default, this action will wait until the scan has been completed, unless DO_SAST_WAIT is set to false; note that any post-scan tasks will be skipped in this case.

DO_APPVERSION_SUMMARY
APPVERSION_SUMMARY_ACTION
APPVERSION_SUMMARY_EXTRA_OPTS

If DO_APPVERSION_SUMMARY is not set to false, an application version summary will be generated using the fcli-provided appversion-summary action or, if specified, the custom fcli action specified through APPVERSION_SUMMARY_ACTION. Extra options for the fcli action can be specified through the APPVERSION_SUMMARY_EXTRA_OPTS environment variable, which may include fcli options to allow unsigned custom actions to be used.

DO_CHECK_POLICY
CHECK_POLICY_ACTION
CHECK_POLICY_EXTRA_OPTS

If DO_CHECK_POLICY is set to true (implied if any of the other two CHECK_POLICY_* variables are set), a policy check will be run after scan completion using the fcli-provided check-policy action or, if specified, the custom fcli action specified through CHECK_POLICY_ACTION. Extra options for a custom fcli action can be passed through the CHECK_POLICY_EXTRA_OPTS environment variable, which may include fcli options to allow unsigned custom actions to be used.

DO_PR_COMMENT
PR_COMMENT_ACTION
PR_COMMENT_EXTRA_OPTS

(PREVIEW) If DO_PR_COMMENT is set to true (implied if any of the other two PR_COMMENT_* variables are set), a Pull Request or Merge Request comment will be generated using an fcli-provided action matching the current CI system like github-pr-comment or, if specified, the custom fcli action specified through PR_COMMENT_ACTION. Extra options for the fcli action can be specified through the PR_COMMENT_EXTRA_OPTS environment variable, which may include fcli options to allow unsigned custom actions to be used.

DO_SAST_EXPORT
SAST_EXPORT_ACTION
SAST_EXPORT_EXTRA_OPTS

If DO_SAST_EXPORT is not set to false and a SAST scan was completed, the SAST vulnerability data will be exported into a CI-specific format using an fcli-provided action matching the current CI system like github-sast-report or gitlab-sast-report, or, if specified, the custom fcli action specified through SAST_EXPORT_ACTION. Extra options for the fcli action can be specified through the SAST_EXPORT_EXTRA_OPTS environment variable, which may include fcli options to allow unsigned custom actions to be used.

ci-vars

(PREVIEW) Collect CI-specific data

Synopsis

fcli ssc action run ci-vars [fcli ssc action run options] [action options, see below]

Description

This action collects data used by the SSC & FoD 'ci' actions, based on CI-specific data like CI-specific environment variables. Data is collected in a CI-agnostic global variable named 'ci'. Note that available properties on the global 'ci' variable may change across fcli releases, potentially breaking any custom actions that depend on these properties.

github-pr-comment

(PREVIEW) Add GitHub Pull Request review comments.

Synopsis

fcli ssc action run github-pr-comment [fcli ssc action run options] [action options, see below]

Description

This action adds review comments to a GitHub Pull Request. Currently this is marked as PREVIEW as we build out this functionality; later versions may have different behavior and/or require different action cli.

The current implementation simply compares current scan results against previous scan results in the given SSC application version, listing all new, re-introduced and removed issues in a new PR comment.

For best results, this fcli action should only be run on GitHub pull_request triggers. Upon PR creation, a new SSC application version should be created, copying state from the SSC application version that represents the branch into which the PR will be merged, and a new scan should be run on the current PR branch before invoking this fcli action.

This will ensure that scan results for the current PR will be compared against the latest scan results for the target branch upon PR creation. Optionally, new scans can be run upon PR changes, creating new PR comments that show the issue delta compared to the previous scan for this PR.

Options

--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--analysis-type, -t: Analysis type for which to list vulnerabilities. Default value: SCA
--github-api-url: Required GitHub API URL. Default value: GITHUB_API_URL environment variable.
--github-token: Required GitHub Token. Default value: GITHUB_TOKEN environment variable.
--github-owner: Required GitHub repository owner. Default value: GITHUB_REPOSITORY_OWNER environment variable.
--github-repo: Required GitHub repository. Default value: Taken from GITHUB_REPOSITORY environment variable.
--pr: Required PR number. Default value: Taken from GITHUB_REF_NAME environment variable. Note that default value will only work on GitHub pull_request triggers; if this fcli action is invoked through any other GitHub trigger, it will fail unless an explicit PR number is passed through this option.
--commit: Required commit hash. Default value: GITHUB_SHA environment variable.
--dryrun: Set to true to just output PR decoration JSON; don’t actually update any PR

github-sast-report

Generate a GitHub Code Scanning report listing SSC SAST vulnerabilities.

Synopsis

fcli ssc action run github-sast-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into GitHub, see https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: gh-fortify-sast.sarif
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

gitlab-dast-report

Generate a GitLab DAST report listing SSC DAST vulnerabilities.

Synopsis

fcli ssc action run gitlab-dast-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into GitLab, see https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsdast

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: gl-fortify-dast.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

gitlab-debricked-report

Generate a GitLab Dependency Scanning report listing SSC Debricked vulnerabilities.

Synopsis

fcli ssc action run gitlab-debricked-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into GitLab, see https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsdependency_scanning

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: gl-fortify-debricked-depscan.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

gitlab-sast-report

Generate a GitLab SAST report listing SSC SAST vulnerabilities.

Synopsis

fcli ssc action run gitlab-sast-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into GitLab, see https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportssast

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: gl-fortify-sast.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

gitlab-sonatype-report

Generate a GitLab Dependency Scanning report listing SSC Sonatype vulnerabilities.

Synopsis

fcli ssc action run gitlab-sonatype-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into GitLab, see https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportsdependency_scanning

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: gl-fortify-sonatype-depscan.json
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

package

(PREVIEW) Package source code

Synopsis

fcli ssc action run package [fcli ssc action run options] [action options, see below]

Description

This action can be used to package source code using ScanCentral Client. It will take care of installing the specified ScanCentral Client version, followed by executing the 'scancentral package' command using the specified ScanCentral Client version.

Options

--use-package: Use an existing package file instead of trying to package the given source code directory. If specified, this ignores all other options.
--sc-client-version, -v: Specify the ScanCentral Client version to be used for packaging. Defaults to the value of the SC_CLIENT_VERSION environment variable, or 'latest' if not specified.
--source-dir, -d: Specify the source directory to be packaged. Defaults to the value of the SOURCE_DIR environment variable, or current working directory if not specified.
--debug: Add the -debug flag to the ScanCentral Client command. Defaults to the value of the DO_PACKAGE_DEBUG environment variable, or false if not specified.
--tool-definitions: Custom tool definitions to use for identifying available ScanCentral Client versions and download URLs. Defaults to the value of the TOOL_DEFINITIONS environment variable, or the built-in default if not specified.
--extra-opts: Extra options to be passed to the 'scancentral package' command. Defaults to the options specified in the EXTRA_PACKAGE_OPTS environment variable, or no extra options if not specified.
--output, -o: Name of the zip file in which packaged source code should be stored. Defaults to package.zip in the current working directory.

sarif-sast-report

Generate SARIF report listing SSC SAST vulnerabilities.

Synopsis

fcli ssc action run sarif-sast-report [fcli ssc action run options] [action options, see below]

Description

This action generates a SARIF report listing Fortify SAST vulnerabilities, which may be useful for integration with various 3rd-party tools that can ingest SARIF reports. For more information about SARIF, please see https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: fortify-sast.sarif
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

setup-appversion

Set up application version.

Synopsis

fcli ssc action run setup-appversion [fcli ssc action run options] [action options, see below]

Description

This action allows for preparing an application version for running an application security scan, creating the application and/or release if they do not exist yet.

Although the same functionality can be achieved by manually running the fcli ssc appversion create command, this action provides a convenient and standardized approach for running this command with some default options like --skip-if-exists and --auto-required-attrs.

To provide even more consistency across CI/CD pipelines in your organization, it is recommended to implement one or more custom setup actions that provide suitable default values or even hard-coded, non-overridable values for the various options, for example based on business unit, team, and/or application type. Such custom actions could for example set standard application version attributes for a particular type of application to be scanned. Alternative to implementing multiple custom actions, you may also consider implementing a single custom action that takes for example a --profile option to select between different profiles that each define appropriate option values and setup commands to run.

Options

--appversion, --av: Required application version name as <appName>:<versionName>
--add-users: See fcli ssc appversion create
--attrs, --attributes: See fcli ssc appversion create
--copy: See fcli ssc appversion create
--description, -d: See fcli ssc appversion create
--copy-from, --from: See fcli ssc appversion create
--issue-template: See fcli ssc appversion create
--refresh-timeout: See 'fcli ssc av create'. Default value: 300s

sonarqube-sast-report

Generate a SonarQube External Issues report listing SSC SAST vulnerabilities.

Synopsis

fcli ssc action run sonarqube-sast-report [fcli ssc action run options] [action options, see below]

Description

For information on how to import this report into SonarQube, see https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/importing-external-issues/external-analyzer-reports/

Options

--file, -f: Optional output file name (or 'stdout' / 'stderr'). Default value: sq-fortify-sast.json
--file-path-prefix, --pfx: Optional prefix for issue file paths
--appversion, --av: Required application version id or <appName>:<versionName>
--filterset, --fs: Optional filter set name or guid from which to load issue data. Default value: Default filter set for given application version
--page-size: Number of vulnerabilities to retrieve at a time. Higher numbers may reduce time required to build the report, at the cost of increased memory usage (on both fcli and SSC), and could potentially negatively affect overall SSC performance or result in read time-outs (see --socket-timeout option on fcli ssc session login command). Default value: 100

FCLI: The Universal Fortify CLI

Action Documentation: fcli ssc action

appversion-summary

Synopsis

Description

Options

aws-sast-report

Synopsis

Description

Options

bitbucket-sast-report

Synopsis

Description

Options

check-policy

Synopsis

Description

Options

ci

Synopsis

Description

ci-vars

Synopsis

Description

github-pr-comment

Synopsis

Description

Options

github-sast-report

Synopsis

Description

Options

gitlab-dast-report

Synopsis

Description

Options

gitlab-debricked-report

Synopsis

Description

Options

gitlab-sast-report

Synopsis

Description

Options

gitlab-sonatype-report

Synopsis

Description

Options

package

Synopsis

Description

Options

sarif-sast-report

Synopsis

Description

Options

setup-appversion

Synopsis

Description

Options

sonarqube-sast-report

Synopsis

Description

Options

Action Documentation: `fcli ssc action`