Description
Fcli supports workflow-style actions defined in YAML files. Many built-in actions are provided, focusing on data export and CI/CD integration. Users can also develop their own custom actions, either from scratch or by customizing built-in actions. If you require any assistance with developing custom actions, please consult with Fortify Professional Services.
Note that the ability to load and run custom actions is currently considered PREVIEW functionality; custom actions developed for this fcli version may fail on other fcli versions, even between minor fcli releases. Based on user feedback, we will stabilize action syntax over the next couple of fcli releases, after which any breaking action syntax changes will be considered a major fcli version change.
This fcli version supports the following action schema versions: See fcli help output.
Actions can potentially perform dangerous operations like deleting data or posting data to 3rd-party systems, so it is recommended to only run trusted actions. Action authors can sign their actions using the action sign command; actions without a (valid) signature will require confirmation when trying to run them. Trusted public keys can be configured through the fcli config public-key commands, or passed directly using the --pubkey option on various action-related commands.