Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

accepting password as secret and multi aarch support #46

Merged
merged 2 commits into from
Jun 19, 2024
Merged

accepting password as secret and multi aarch support #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0540fa9
accepting password as secret and multi aarch support
dhruv-singhal-github Jun 19, 2024
d696ace
Merge branch 'main' into security-checks
dhruv-singhal-github Jun 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions src/main/java/io/jenkins/plugins/traceable/ast/TraceableASTGenerateReportAction.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import com.google.common.io.Files;
import hudson.model.Result;
import hudson.model.Run;
import hudson.util.Secret;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
Expand All @@ -24,15 +25,15 @@ public class TraceableASTGenerateReportAction implements RunAction2 {
private transient Run run;
private String traceableCliBinaryLocation;
private String scanId;
private String clientToken;
private Secret clientToken;
private String traceableRootCaFileName;
private String traceableCliCertFileName;
private String traceableCliKeyFileName;

public TraceableASTGenerateReportAction(
String traceableCliBinaryLocation,
String scanId,
String clientToken,
Secret clientToken,
String traceableRootCaFileName,
String traceableCliCertFileName,
String traceableCliKeyFileName) {
Expand All @@ -52,7 +53,7 @@ public void onAttached(Run<?, ?> r) {
args = new String[] {
traceableCliBinaryLocation,
scanId,
clientToken,
clientToken.getPlainText(),
traceableRootCaFileName,
traceableCliCertFileName,
traceableCliKeyFileName
Expand Down
9 changes: 5 additions & 4 deletions src/main/java/io/jenkins/plugins/traceable/ast/TraceableASTInitAndRunStepBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.Secret;
import io.jenkins.plugins.traceable.ast.scan.helper.Assets;
import io.jenkins.plugins.traceable.ast.scan.helper.TrafficType;
import java.io.*;
Expand All @@ -27,7 +28,7 @@ public class TraceableASTInitAndRunStepBuilder extends Builder implements Simple

private String scanName;
private String testEnvironment;
private static String clientToken;
private static Secret clientToken;
private String attackPolicy;
private String openApiSpecIds;
private String openApiSpecFiles;
Expand Down Expand Up @@ -87,7 +88,7 @@ public String getTestEnvironment() {
return testEnvironment;
}

public static String getClientToken() {
public static Secret getClientToken() {
return clientToken;
}

Expand Down Expand Up @@ -216,7 +217,7 @@ public void setTestEnvironment(String testEnvironment) {
}

@DataBoundSetter
public static void setClientToken(String clientToken) {
public static void setClientToken(Secret clientToken) {
TraceableASTInitAndRunStepBuilder.clientToken = clientToken;
}

Expand Down Expand Up @@ -434,7 +435,7 @@ private void runAndInitScan(TaskListener listener, Run<?, ?> run) {
traceableCliKeyFileName,
scanName,
testEnvironment,
clientToken,
clientToken.getPlainText(),
attackPolicy,
pluginsToInclude,
includeUrlRegex,
Expand Down
9 changes: 5 additions & 4 deletions src/main/java/io/jenkins/plugins/traceable/ast/TraceableASTInitStepBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.Secret;
import io.jenkins.plugins.traceable.ast.scan.helper.Assets;
import io.jenkins.plugins.traceable.ast.scan.helper.TrafficType;
import java.io.*;
Expand All @@ -27,7 +28,7 @@ public class TraceableASTInitStepBuilder extends Builder implements SimpleBuildS

private String scanName;
private String testEnvironment;
private static String clientToken;
private static Secret clientToken;
private String attackPolicy;
private String openApiSpecIds;
private String openApiSpecFiles;
Expand Down Expand Up @@ -84,7 +85,7 @@ public String getTestEnvironment() {
return testEnvironment;
}

public static String getClientToken() {
public static Secret getClientToken() {
return clientToken;
}

Expand Down Expand Up @@ -263,7 +264,7 @@ public void setTestEnvironment(String testEnvironment) {
}

@DataBoundSetter
public static void setClientToken(String clientToken) {
public static void setClientToken(Secret clientToken) {
TraceableASTInitStepBuilder.clientToken = clientToken;
}

Expand Down Expand Up @@ -404,7 +405,7 @@ private void initScan(TaskListener listener, Run<?, ?> run) {
traceableCliKeyFileName,
scanName,
testEnvironment,
clientToken,
clientToken.getPlainText(),
attackPolicy,
pluginsToInclude,
includeUrlRegex,
Expand Down
7 changes: 4 additions & 3 deletions src/main/java/io/jenkins/plugins/traceable/ast/TraceableASTResultStepBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,23 +9,24 @@
import hudson.model.TaskListener;
import hudson.tasks.BuildStepDescriptor;
import hudson.tasks.Builder;
import hudson.util.Secret;
import java.io.IOException;
import jenkins.tasks.SimpleBuildStep;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;

public class TraceableASTResultStepBuilder extends Builder implements SimpleBuildStep {
private static String clientToken;
private static Secret clientToken;

@DataBoundConstructor
public TraceableASTResultStepBuilder() {}

public static String getClientToken() {
public static Secret getClientToken() {
return clientToken;
}

@DataBoundSetter
public static void setClientToken(String clientToken) {
public static void setClientToken(Secret clientToken) {
TraceableASTResultStepBuilder.clientToken = clientToken;
}

Expand Down
2 changes: 1 addition & 1 deletion src/main/java/io/jenkins/plugins/traceable/ast/TraceableASTRunStepBuilder.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ private void runScan(TaskListener listener, Run<?, ?> run) {
String scriptPath = "shell_scripts/run_ast_scan.sh";
String[] args = new String[] {
TraceableASTInitStepBuilder.getTraceableCliBinaryLocation(),
TraceableASTInitStepBuilder.getClientToken(),
TraceableASTInitStepBuilder.getClientToken().getPlainText(),
idleTimeout,
maxRetries,
TraceableASTInitStepBuilder.getTraceableRootCaFileName(),
Expand Down
20 changes: 14 additions & 6 deletions ...resources/io/jenkins/plugins/traceable/ast/shell_scripts/download_traceable_cli_binary.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,23 @@ export LANG=en_US.utf-8
cd ${1}
version=${2}

os_name=$(uname -s)
if [[ "$os_name" == "Darwin" ]];
then
arch="macosx-x86_64.tar.gz"
else
arch="linux-x86_64.tar.gz"
fi

if [[ "$version" = *"-rc."* ]]
then
curl -OL https://downloads.traceable.ai/cli/rc/"${version}"/traceable-cli-"${version}"-linux-x86_64.tar.gz
tar -xvf ./traceable-cli-"${version}"-linux-x86_64.tar.gz
curl -OL https://downloads.traceable.ai/cli/rc/"${version}"/traceable-cli-"${version}"-"${arch}"
tar -xvf ./traceable-cli-"${version}"-"${arch}"
elif [ "$version" = "latest" ] || [ -z "$version" ] || [ "$version" = "''" ]
then
curl -OL https://downloads.traceable.ai/cli/release/latest/traceable-cli-latest-linux-x86_64.tar.gz
tar -xvf ./traceable-cli-latest-linux-x86_64.tar.gz
curl -OL https://downloads.traceable.ai/cli/release/latest/traceable-cli-latest-"${arch}"
tar -xvf ./traceable-cli-latest-"${arch}"
else
curl -OL https://downloads.traceable.ai/cli/release/"${version}"/traceable-cli-"${version}"-linux-x86_64.tar.gz
tar -xvf ./traceable-cli-"${version}"-linux-x86_64.tar.gz
curl -OL https://downloads.traceable.ai/cli/release/"${version}"/traceable-cli-"${version}"-"${arch}"
tar -xvf ./traceable-cli-"${version}"-"${arch}"
fi
Loading