From 25f1795c075a528d4d6393459dab1e411ffab333 Mon Sep 17 00:00:00 2001 From: Sven Dolderer Date: Thu, 15 Aug 2024 18:33:49 +0200 Subject: [PATCH] integrate secretvalidation-wrapper part 1 #3365 --- .github/workflows/_build+publish-pds-solution.yml | 1 + .gitignore | 1 + sechub-pds-solutions/gitleaks/copy/README.md | 8 ++++++++ sechub-pds-solutions/gitleaks/env | 10 ++++++++++ sechub-pds-solutions/xray/copy/README.md | 8 ++++++++ 5 files changed, 28 insertions(+) create mode 100644 sechub-pds-solutions/gitleaks/copy/README.md create mode 100644 sechub-pds-solutions/xray/copy/README.md diff --git a/.github/workflows/_build+publish-pds-solution.yml b/.github/workflows/_build+publish-pds-solution.yml index 86232d5fc2..0162c12f99 100644 --- a/.github/workflows/_build+publish-pds-solution.yml +++ b/.github/workflows/_build+publish-pds-solution.yml @@ -71,6 +71,7 @@ jobs: export PREPARE_WRAPPER_VERSION export PMD_VERSION export SCANCODE_VERSION + export SECRETVALIDATION_WRAPPER_VERSION export SPDX_TOOL_VERSION export TERN_VERSION export XRAY_WRAPPER_VERSION diff --git a/.gitignore b/.gitignore index a20a2f8ea8..a8ad3e3122 100644 --- a/.gitignore +++ b/.gitignore @@ -64,6 +64,7 @@ java-gen/ # Containerized solutions copy/ !copy/README.adoc +!copy/README.md *.deb *.apk diff --git a/sechub-pds-solutions/gitleaks/copy/README.md b/sechub-pds-solutions/gitleaks/copy/README.md new file mode 100644 index 0000000000..3fe30a6de7 --- /dev/null +++ b/sechub-pds-solutions/gitleaks/copy/README.md @@ -0,0 +1,8 @@ +# Purpose of this directory +The purpose of this directory is to place a secretvalidation-wrapper .jar into here. + +When the build is started with "copy" as BUILD_TYPE then the file +"sechub-wrapper-secretvalidation-${SECRETVALIDATION_WRAPPER_VERSION}.jar +will be copied into the container. + +This way pds-gitleaks containers with a custon secretvalidation-wrapper .jar can be built. diff --git a/sechub-pds-solutions/gitleaks/env b/sechub-pds-solutions/gitleaks/env index e2e79cb2a6..f5463a23b6 100644 --- a/sechub-pds-solutions/gitleaks/env +++ b/sechub-pds-solutions/gitleaks/env @@ -6,3 +6,13 @@ BASE_IMAGE="ghcr.io/mercedes-benz/sechub/pds-base" # The gitleaks version to use # See: https://github.com/gitleaks/gitleaks/releases GITLEAKS_VERSION="8.18.4" + +# The build type of the Secret-Validation-Wrapper +# Possible values are: +# - copy (copies a local jar into container) +# - download (downloads the jar from github.com releases) +BUILD_TYPE=download + +# The Secret-Validation Wrapper version to use +# See: https://github.com/mercedes-benz/sechub/releases +SECRETVALIDATION_WRAPPER_VERSION="1.0.0" diff --git a/sechub-pds-solutions/xray/copy/README.md b/sechub-pds-solutions/xray/copy/README.md new file mode 100644 index 0000000000..2b5abb28e4 --- /dev/null +++ b/sechub-pds-solutions/xray/copy/README.md @@ -0,0 +1,8 @@ +# Purpose of this directory +The purpose of this directory is to place a xray-wrapper .jar into here. + +When the build is started with "copy" as BUILD_TYPE then the file +"sechub-wrapper-xray-${XRAY_WRAPPER_VERSION}.jar +will be copied into the container. + +This way pds-xray containers with a custon xray-wrapper .jar can be built.