问题
I am working on Github integration with Checkmarx, which is used for code safety scan. This method works just fine for the repository hosted on github.com (External repository), but does not work on internal repository hosted inside our company (github.XXX.com), in fact the connection always failed (cannot pass the repository authorization on Checkmarx).
I have checked both repository (internal and external) settings, they look the same to me. What is the difference between these two different repositories? Any suggestions? Thanks a lot for your help. ---John
回答1:
You can find the differences in configuration between your Git and GitHub here: Checkmarx - Configuring the Connection to a Source Control System
Just to summarize, in order to use your own Git you need to download GIT Installation Package and perform the installation on CxSAST Manager Server.
Good luck.
回答2:
In 2020, you can use GitHub Actions.
CxSAST by Checkmarx is actually available directly as a GitHub Action in the new Code Scanning Security feature, available since Sept. 30th 2020.
GitHub code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production.
Today we're excited to announce that code scanning is generally available on GitHub.com.Code scanning is free for public repositories. Learn more about how to enable code scanning today.
You can select it in the Security tab of your (public) repository:
And it will create the GitHub Actions file for you:
来源:https://stackoverflow.com/questions/42424678/github-integration-with-checkmarx