forked from Osthanes/compliance_crawler
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathextension.json
130 lines (125 loc) · 4.58 KB
/
extension.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
{
"id": "ibm.devops.services.pipeline.crawler.tester",
"version": 1,
"name_key": "ExtName",
"desc_key": "ExtDesc",
"extension_type": "Test",
"message_key": "ExtMessage",
"inputs": [
{
"type": "Bluemix",
"inclusion" : "always",
"regions": ["ibm:ys1:us-south", "ibm:yp:us-south", "ibm:yp:eu-gb"]
}
],
"params": [
{
"name": "WAIT_TIME",
"type": "Text",
"required": "false",
"default_value": "5",
"label_key": "WAIT_TIME_KEY",
"desc_key": "WAIT_TIME_DESC"
}
],
"outputs": [
{
"type": "Artifacts",
"inclusion" : "always"
}
],
"execution": {
"type": "JenkinsDocker",
"shell": "#!/bin/bash
set +x
set +e
export INIT_START_TIME=$(date +\"%s\")
export WAIT_TIME=#WAIT_TIME#
# OSSC line
dpkg -l | grep '^ii' > $EXT_DIR/pkglist
. $EXT_DIR/_init.sh
# OSSC line
dpkg -l | grep '^ii' > $EXT_DIR/pkglist2
if [[ $DEBUG -eq 1 ]]; then
diff $EXT_DIR/pkglist $EXT_DIR/pkglist2
fi
INIT_END_TIME=$(date +\"%s\")
export INIT_EST_TIME=$(($INIT_END_TIME-$INIT_START_TIME))
log_and_echo \"$INFO\" \"Init runtime of `date -u -d @\"$INIT_EST_TIME\" +\'%-Mm %-Ss\'`\"
log_and_echo \"$INFO\" \"Starting test script\"
# helper function to print the end time for this script
end_script_time() {
SCRIPT_END_TIME=$(date +\"%s\")
SCRIPT_EST_TIME=$(($SCRIPT_END_TIME-$INIT_END_TIME))
log_and_echo \"$INFO\" \"Script runtime of `date -u -d @\"$SCRIPT_EST_TIME\" +\'%-Mm %-Ss\'`\"
}
# run the python crawler checker to get, dump results on output
if [ -f ${EXT_DIR}/check_crawler_results.py ]; then
${EXT_DIR}/check_crawler_results.py
RESULT=$?
# add the appscan result json file to DRA
if [ $DRA_ENABLED -eq 0 ]; then
RESULT_FILE=\"compliance-result.json\"
EVENT_TYPE=\"SecurityCompliance\"
if [ -e \"$RESULT_FILE\" ]; then
add_result_rule_to_dra \"${RESULT_FILE}\" \"${EVENT_TYPE}\"
RC=$?
if [ $RC -eq 0 ]; then
log_and_echo \"$SUCCESSFUL\" \"Request DRA decision for ${CRITERIAL_NAME}.\"
dra_grunt_decision \"${CRITERIAL_NAME}\"
RC=$?
if [ $RC -eq 0 ]; then
log_and_echo \"$SUCCESSFUL\" \"DRA Decision result is '${DRA_DECISION}'\"
elif [ $RC -eq 1 ]; then
log_and_echo \"$LABEL\" \"DRA Decision result is '${DRA_DECISION}'\"
elif [ $RC -eq 2 ]; then
log_and_echo \"$ERROR\" \"DRA Decision result is '${DRA_DECISION}'\"
else
log_and_echo \"$ERROR\" \"Failed to execute decision for criterial ${CRITERIAL_NAME} with return error code ${RC}.\"
fi
else
log_and_echo \"$ERROR\" \"Failed to add result rule file ${RESULT_FILE} to DRA with return error code ${RC}.\"
fi
else
log_and_echo \"$ERROR\" \"Failed to get result rule file ${RESULT_FILE}.\"
fi
fi
if [ \"${ARCHIVE_DIR}\" == \"${WORKSPACE}\" ]; then
log_and_echo \"$INFO\" \"Achive directory is the working directory\"
else
log_and_echo \"$INFO\" \"Archive directory is $ARCHIVE_DIR - copying all content to that directory\"
pushd ${WORKSPACE} &> /dev/null
# also copy .git metadata
if [ -d .git ]; then
tar -cf source.tar * .git
else
tar -cf source.tar *
fi
mv source.tar $ARCHIVE_DIR
cd $ARCHIVE_DIR
tar -xf source.tar
rm source.tar
popd &> /dev/null
fi
if [ $RESULT -ne 0 ]; then
log_and_echo \"$ERROR\" \"Issues found in or while getting compliance results.\"
${EXT_DIR}/utilities/sendMessage.sh -l bad -m \"completed with issues found in or while getting compliance results.\"
end_script_time
exit 1
else
log_and_echo \"$SUCCESSFUL\" \"Compliance and vulnerability scan was successful\"
${EXT_DIR}/utilities/sendMessage.sh -l good -m \"Compliance and vulnerability scan was successful.\"
fi
else
log_and_echo \"$ERROR\" \"Compliance scan helper script not available, failed.\"
${EXT_DIR}/utilities/sendMessage.sh -l good -m \"Compliance scan helper script not available, failed.\"
end_script_time
exit 1
fi
"
}
},
"project": "https://hub.jazz.net/project/alchemy/Alchemy-Ostanes",
"project_example": "https://hub.jazz.net/pipeline/rjminsha/ice-pipeline_demo",
"project_contact": "[email protected]"
}