fortify · fransvanbuul · Mar 16, 2026 · Mar 16, 2026 · Mar 16, 2026 · Mar 16, 2026
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml
diff --git a/.github/workflows/insecure-workflow.yml b/.github/workflows/insecure-workflow.yml
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -0,0 +1,38 @@
+#
+# Runs an OpenText SAST (Fortify) scan using Scan Central, using fortify/github-action@v3.
+#
+
+name: OpenText SAST
+
+on:
+  workflow_dispatch:
+  pull_request:
+
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: Run ScanCentral SAST
+        uses: fortify/github-action@v3
+        env:
+          FCLI_BOOTSTRAP_VERSION: ${{vars.FCLI_VERSION}}
+          SSC_URL: ${{vars.SSC_URL}}
+          SC_CLIENT_VERSION: ${{vars.SC_CLIENT_VERSION}}
+          SSC_TOKEN: ${{secrets.SSC_TOKEN}}
+          SC_SAST_TOKEN: ${{secrets.SC_SAST_CLIENT_AUTH_TOKEN}}
+          SSC_APPVERSION: "${{vars.APPLICATION_NAME}}:${{github.ref_name}}"
+          DO_SETUP: true
+          SETUP_EXTRA_OPTS: '--issue-template "Prioritized High Risk Issue Template"'
+          DO_WAIT: true
+          DO_JOB_SUMMARY: true
diff --git a/.mvn/wrapper/maven-wrapper.properties b/.mvn/wrapper/maven-wrapper.properties
@@ -0,0 +1,3 @@
+wrapperVersion=3.3.4
+distributionType=only-script
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.3/apache-maven-3.9.3-bin.zip