update readme; set v1.0.6

reversinglabs · Mar 28, 2024 · e84265f · e84265f
1 parent 8b8e395
commit e84265f
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -4,16 +4,16 @@ ReversingLabs provides the official extension in
 [Azure Marketplace](https://marketplace.visualstudio.com/) for
 [Azure DevOps Pipelines](https://learn.microsoft.com/en-us/azure/devops/pipelines/get-started/what-is-azure-pipelines?view=azure-devops)
 to enable faster and easier integration of the
-[ReversingLabs secure.software Portal](https://docs.secure.software/portal/integrations/)
+[ReversingLabs Spectra Assure Portal](https://docs.secure.software/portal/integrations/)
 solution in CI/CD workflows.
 
 The extension provided in this repository is called `rl-scanner-cloud-task`.
 It uses the official
 [ReversingLabs rl-scanner-cloud Docker image](https://hub.docker.com/r/reversinglabs/rl-scanner-cloud)
-to scan a single build artifact with the secure.software Portal,
+to scan a single build artifact with the Spectra Assure Portal,
 generate the analysis report, and display the analysis status.
 
-The `rl-scanner-cloud-task` extension is most suitable for experienced users who want to integrate the secure.software Portal with their existing Azure DevOps pipelines.
+The `rl-scanner-cloud-task` extension is most suitable for experienced users who want to integrate the Spectra Assure Portal with their existing Azure DevOps pipelines.
 
 **To successfully work with the extension, you should:**
 
@@ -24,12 +24,12 @@ The `rl-scanner-cloud-task` extension is most suitable for experienced users who
 - Add the extension in Azure DevOps on the Organization level, for example: `https://dev.azure.com/your-Azure-organization-name/_settings/extensions`
 
 
-## What is ReversingLabs secure.software Portal?
+## What is ReversingLabs Spectra Assure Portal?
 
-The secure.software Portal is a SaaS solution that's part of the secure.software platform - a new ReversingLabs solution for software supply chain security.
+The Spectra Assure Portal is a SaaS solution that's part of the Spectra Assure platform - a new ReversingLabs solution for software supply chain security.
 More specifically, the Portal is a web-based application for improving and managing the security of your software releases and verifying third-party software used in your organization.
 
-With the secure.software Portal, you can:
+With the Portal, you can:
 
 
 - Scan your software packages to detect potential risks before release.
@@ -38,7 +38,7 @@ With the secure.software Portal, you can:
 - Manage software quality policies on the fly to ensure compliance and achieve maturity in your software releases.
 
 
-ReversingLabs secure.software Portal is capable of scanning
+ReversingLabs Spectra Assure Portal is capable of scanning
 [nearly any type](https://docs.secure.software/concepts/language-coverage)
 of software artifact or package that results from a build.
 
@@ -48,7 +48,7 @@ of software artifact or package that results from a build.
 This extension relies on user-specified [extension parameters](#parameters) to:
 
 - create a directory for analysis reports
-- use the `rl-scanner-cloud-task` Azure extension to scan a single build artifact with the secure.software Portal
+- use the `rl-scanner-cloud-task` Azure extension to scan a single build artifact with the Spectra Assure Portal
 - place the analysis reports into the previously created directory and optionally publish them as pipeline artifacts
 - output the scan result as a build status message.
 
@@ -57,7 +57,7 @@ It expects that the build artifact is produced in a previous stage
 and requires specifying the location of the artifact with the `BUILD_PATH` parameter.
 The path must be relative to `$(System.DefaultWorkingDirectory)`.
 
-Analysis reports generated by the secure.software Portal
+Analysis reports generated by the Spectra Assure Portal
 after scanning the artifact are saved to the location specified with the `REPORT_PATH` parameter.
 The reports are always created regardless of the scan result (pass or fail).
 
@@ -74,7 +74,7 @@ make sure you can access the Azure DevOps project where you want to use this ext
 3. **An [Azure Pipelines agent with the Docker capability enabled](https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops&tabs=yaml%2Cbrowser)**.
 The example pipeline in this repository runs on a Microsoft-hosted agent using the `ubuntu-latest` VM image.
 
-4. **A valid secure.software Portal Access Token**.
+4. **A valid Spectra Assure Portal Access Token**.
 The extension requires that you define the `RLPORTAL_ACCESS_TOKEN` secret environment variable to store your
 [Portal access token](https://docs.secure.software/api/generate-api-token).
 
@@ -109,7 +109,7 @@ The following secrets **must** be passed via `env:`
 
 | Parameter name          | Required | Type    | Description |
 | ---------               | ------   | ------  | ------      |
-| `RLPORTAL_ACCESS_TOKEN` | **Yes** | string | A Personal Access Token for authenticating requests to the secure.software Portal. Before you can use this extension, you must [create the token](https://docs.secure.software/api/generate-api-token) in your Portal settings. Tokens can expire and be revoked, in which case you'll have to update this value. Define it as a secret in a group `rl-scanner-cloud` |
+| `RLPORTAL_ACCESS_TOKEN` | **Yes** | string | A Personal Access Token for authenticating requests to the Spectra Assure Portal. Before you can use this extension, you must [create the token](https://docs.secure.software/api/generate-api-token) in your Portal settings. Tokens can expire and be revoked, in which case you'll have to update this value. Define it as a secret in a group `rl-scanner-cloud` |
 
 
 **Inputs**
@@ -120,10 +120,10 @@ The following paramaters **must** be passed via `inputs:`
 
 | Parameter name          | Required | Type    | Description |
 | ---------               | ------   | ------  | ------      |
-| `RLPORTAL_SERVER`       | **Yes** | string | Name of the secure.software Portal instance to use for the scan. The Portal instance name usually matches the subdirectory of `my.secure.software` in your Portal URL. For example, if your portal URL is `my.secure.software/demo`, the instance name to use with this parameter is `demo`. |
-| `RLPORTAL_ORG`          | **Yes** | string | The name of a secure.software Portal organization to use for the scan. The organization must exist on the Portal instance specified with `RLPORTAL_SERVER`. The user account authenticated with the token must be a member of the specified organization and have the appropriate permissions to upload and scan a file. Organization names are case-sensitive. |
-| `RLPORTAL_GROUP`        | **Yes** | string | The name of a secure.software Portal group to use for the scan. The group must exist in the Portal organization specified with `RLPORTAL_ORG`. Group names are case-sensitive. |
-| `RL_PACKAGE_URL`        | **Yes** | string | The package URL (PURL) used to associate the file with a project and package on the Portal. PURLs are unique identifiers in the format `[pkg:type/]<project></package><@version>`. When scanning a file, you must assign a PURL to it, so that it can be placed into the specified project and package as a version. If the project and package you specified don't exist in the Portal, they will be automatically created.  |
+| `RLPORTAL_SERVER`       | **Yes** | string | Name of the Spectra Assure Portal instance to use for the scan. The Portal instance name usually matches the subdirectory of `my.secure.software` in your Portal URL. For example, if your portal URL is `my.secure.software/demo`, the instance name to use with this parameter is `demo`. |
+| `RLPORTAL_ORG`          | **Yes** | string | Name of the Spectra Assure Portal organization to use for the scan. The organization must exist on the Portal instance specified with `RLPORTAL_SERVER`. The user account authenticated with the token must be a member of the specified organization and have the appropriate permissions to upload and scan a file. Organization names are case-sensitive. |
+| `RLPORTAL_GROUP`        | **Yes** | string | Name of the Spectra Assure Portal group to use for the scan. The group must exist in the Portal organization specified with `RLPORTAL_ORG`. Group names are case-sensitive. |
+| `RL_PACKAGE_URL`        | **Yes** | string | The package URL (purl) used to associate the file with a project and package on the Portal. Package URLs are unique identifiers in the format `[pkg:type/]<project></package><@version>`. When scanning a file, you must assign a package URL to it, so that it can be placed into the specified project and package as a version. If the project and package you specified don't exist in the Portal, they will be automatically created.  |
 | `BUILD_PATH`            | **Yes** | string | The directory where the build artifact specified with the `MY_ARTIFACT_TO_SCAN` parameter is located. The path must be relative to `$(System.DefaultWorkingDirectory)`. **The default value is `.`** |
 | `MY_ARTIFACT_TO_SCAN`   | **Yes** | string | The name of the file you want to scan. Must be relative to `BUILD_PATH`. The file must exist in the specified location before the scan starts. |
 | `REPORT_PATH`           | No      | string | The directory where analysis reports will be stored after the scan is finished. The path must be relative to `$(System.DefaultWorkingDirectory)`. The directory must be empty before the scan starts. **The default value is `RlReport`** |
@@ -253,7 +253,7 @@ The `rl-html` report format is currently not supported for this integration.
 
 - The official Microsoft documentation on [using Azure DevOps extensions](https://learn.microsoft.com/en-us/azure/devops/extend/overview?view=azure-devops)
 - The official `reversinglabs/rl-scanner-cloud` Docker image [on Docker Hub](https://hub.docker.com/r/reversinglabs/rl-scanner-cloud)
-- [Supported file formats](https://docs.secure.software/concepts/filetypes) and [language coverage](https://docs.secure.software/concepts/language-coverage) for the secure.software platform
+- [Supported file formats](https://docs.secure.software/concepts/filetypes) and [language coverage](https://docs.secure.software/concepts/language-coverage) for the Spectra Assure platform
 - Introduction to [secure software release processes](https://www.reversinglabs.com/solutions/secure-software-release-processes) with ReversingLabs
 
 
diff --git a/scan-cloud-task/task.json b/scan-cloud-task/task.json
@@ -10,7 +10,7 @@
   "version": {
     "Major": 1,
     "Minor": 0,
-    "Patch": 5
+    "Patch": 6
   },
   "instanceNameFormat": "rl scanner cloud task",
   "inputs": [

diff --git a/vss-extension.json b/vss-extension.json
@@ -2,7 +2,7 @@
   "manifestVersion": 1,
   "publisher": "ReversingLabs",
   "id": "rl-scanner-cloud-task",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "name": "ReversingLabs rl-scanner-cloud task",
   "description": "ReversingLabs rl-scanner-cloud as a Azure DevOps extension",
   "public": true,
@@ -56,6 +56,7 @@
   },
   "tags": [
     "ReversingLabs",
+    "Spectra Assure",
     "Secure Software",
     "Software Supply Chain"
   ],