From aab877b424ca21302a036fd016522d90fdc4ef87 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Tue, 8 Aug 2023 08:06:47 +0100 Subject: [PATCH 1/6] Update index.js --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index 668a9f8ed6..0d2dc29289 100644 --- a/index.js +++ b/index.js @@ -2,7 +2,7 @@ var express = require('express'); var app = express(); app.get('/', function (req, res) { - res.send('{ "response": "Hello From Thetips4you" }'); + res.send('{ "response": "Hello From Sladey" }'); }); app.get('/will', function (req, res) { From 0c6e88f764b3f59d549d90426bd1cccf65cac479 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Tue, 8 Aug 2023 08:17:46 +0100 Subject: [PATCH 2/6] Add files via upload --- gitlab-ci.yml | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 gitlab-ci.yml diff --git a/gitlab-ci.yml b/gitlab-ci.yml new file mode 100644 index 0000000000..a9677b9cc5 --- /dev/null +++ b/gitlab-ci.yml @@ -0,0 +1,49 @@ +image: docker:19.03.12 +services: + - docker:19.03.12-dind + +stages: + - build + - test + - release + - deploy + +variables: + + CONTAINER_TEST_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG + CONTAINER_RELEASE_IMAGE: $CI_REGISTRY_IMAGE:latest + +before_script: + - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + + + +build: + stage: build + script: + - docker build -t $CONTAINER_TEST_IMAGE . + - docker push $CONTAINER_TEST_IMAGE + +test: + stage: test + script: + - docker pull $CONTAINER_TEST_IMAGE + - docker run $CONTAINER_TEST_IMAGE npm test + + +release-image: + stage: release + script: + - docker pull $CONTAINER_TEST_IMAGE + - docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE + - docker push $CONTAINER_RELEASE_IMAGE + + +deploy: + stage: deploy + tags: + - local_docker + script: + - docker pull $CONTAINER_RELEASE_IMAGE + - docker run -d -p 3000:3000 $CONTAINER_RELEASE_IMAGE + From f7ea2e55b639ed24268044986fe532812ed60ec2 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Wed, 24 Jul 2024 13:29:53 +0100 Subject: [PATCH 3/6] Update main.yml --- .github/workflows/main.yml | 95 +++++++++++++++++++++++++++----------- 1 file changed, 69 insertions(+), 26 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 58c79cde54..b57034821e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,33 +1,76 @@ -name: Publish Docker image +name: Prebuilt repo + Snyk Security Scanning (OS, Code, Docker, IaC) -on: - push: - branches: ['master'] +# Runs 4 Snyk Products (Code, Open Source, Container, IaC) +# Snyk installation via npm +# Node.js version: 18.4 +# Outputs the results to the pipeline and in SARIF-format to the security tab + +# Prerequisites: +# - Set a SNYK_TOKEN and a SNYK_ORG in the pipelines secrets + +on: [push, pull_request] jobs: - push_to_registry: - name: Push Docker image to Docker Hub + build: runs-on: ubuntu-latest + steps: - - name: Check out the repo - uses: actions/checkout@v3 - - - name: Log in to Docker Hub - uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} + - uses: actions/checkout@v2 + + - name: Use Node.js for installing Snyk + uses: actions/setup-node@v2 + with: + node-version: 18.4 + + # Install & prepare Snyk + - run: npm install --location=global snyk + + # This OPTIONAL step will configure the Snyk CLI to connect to the EU instance of Snyk + #- run: snyk config set use-base64-encoding=true + #- run: snyk config set endpoint='https://app.eu.snyk.io/api' - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: thetips4you/testjodejsapp + - run: snyk auth ${{ secrets.SNYK_TOKEN }} + - name: install snyk-to-html + run: | + npm install snyk-to-html -g + # - name: Snyk Open Source Scanning + ## continue-on-error: true + - name: Install SNyk Filter + run: npm i -g snyk-filter + + - name: Snyk filter test + run: snyk test --json | snyk-filter + continue-on-error: true - - name: Build and push Docker image - uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + - name: SNyk SCA Test + run: + snyk test --json | snyk-to-html -o scaresult.html + mkdir downloads + cp -v /home/runner/work/sladey01.github.io/sladey01.github.io/*.html /home/runner/work/sladey01.github.io/sladey01.github.io/downloads + + + + - name: Snyk Code Scanning + run: snyk code test --json | snyk-to-html -o snykcode.html + continue-on-error: true + + + - name: Build the Docker Image + run: docker build . --file Dockerfile --tag sladey01/sladey01.github.io:latest + + - name: Snyk Container Scanning + run: snyk container test --file=Dockerfile -json -d| snyk-to-html -o snykcont.html + continue-on-error: true + + + - name: Snyk Infrastructure-as-Code Scanning + run: snyk iac test --json | snyk-to-html -o snykiac.html + continue-on-error: true + + + + - name: Use the Upload Artifact GitHub Action + uses: actions/upload-artifact@v4 + with: + name: results + path: ./*.html From 1d279a7427e170d2c3c06c561f47dc00669d8539 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Wed, 24 Jul 2024 13:30:25 +0100 Subject: [PATCH 4/6] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b57034821e..e27e5103a9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,7 +3,7 @@ name: Prebuilt repo + Snyk Security Scanning (OS, Code, Docker, IaC) # Runs 4 Snyk Products (Code, Open Source, Container, IaC) # Snyk installation via npm # Node.js version: 18.4 -# Outputs the results to the pipeline and in SARIF-format to the security tab +# Outputs the results to thef pipeline and in SARIF-format to the security tab # Prerequisites: # - Set a SNYK_TOKEN and a SNYK_ORG in the pipelines secrets From 28f49001e1429a5201955cdbec67ed163dcffd57 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Wed, 24 Jul 2024 13:34:20 +0100 Subject: [PATCH 5/6] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e27e5103a9..15cf9183b1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,6 +1,6 @@ name: Prebuilt repo + Snyk Security Scanning (OS, Code, Docker, IaC) -# Runs 4 Snyk Products (Code, Open Source, Container, IaC) +# Runs 4 Snyk Products (Code, Open Source, Cont5ainer, IaC) # Snyk installation via npm # Node.js version: 18.4 # Outputs the results to thef pipeline and in SARIF-format to the security tab From e9137b85029499c5ea43cda4ae64152ac98c3f05 Mon Sep 17 00:00:00 2001 From: Sladey01 <103081216+Sladey01@users.noreply.github.com> Date: Wed, 24 Jul 2024 13:37:13 +0100 Subject: [PATCH 6/6] Update main.yml --- .github/workflows/main.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 15cf9183b1..ce7db73c46 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,8 +45,6 @@ jobs: - name: SNyk SCA Test run: snyk test --json | snyk-to-html -o scaresult.html - mkdir downloads - cp -v /home/runner/work/sladey01.github.io/sladey01.github.io/*.html /home/runner/work/sladey01.github.io/sladey01.github.io/downloads @@ -59,7 +57,7 @@ jobs: run: docker build . --file Dockerfile --tag sladey01/sladey01.github.io:latest - name: Snyk Container Scanning - run: snyk container test --file=Dockerfile -json -d| snyk-to-html -o snykcont.html + run: snyk container test sladey01.github.io:latest -json | snyk-to-html -o snykcont.html continue-on-error: true