From 832e963f43169e6ef2a9883f997d34d4cb899a61 Mon Sep 17 00:00:00 2001 From: Eli Trop Date: Thu, 11 Mar 2021 16:25:47 +0200 Subject: [PATCH] init docker runner --- Dockerfile | 5 +---- entrypoint.sh | 32 +------------------------------- 2 files changed, 2 insertions(+), 35 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0d0c8bb..3e9dc11 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,4 @@ -FROM ubuntu:18.04 - -RUN apt-get update && \ - apt-get install -y wget curl +FROM elitcx/kics:alpine COPY entrypoint.sh /entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh index a11c61b..ca575fe 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,34 +1,4 @@ #!/bin/bash DATETIME="`date '+%H:%M'`" -if [ -z "$INPUT_PATH" ] -then - echo "${DATETIME} - ERR input path can't be empty" - exit 1 -else - INPUT_PARAM="-p $INPUT_PATH" -fi - -[[ ! -z "$INPUT_OUTPUT_PATH" ]] && OUTPUT_PATH_PARAM="-o $INPUT_OUTPUT_PATH" -[[ ! -z "$INPUT_PAYLOAD_PATH" ]] && PAYLOAD_PATH_PARAM="-d $INPUT_PAYLOAD_PATH" -[[ ! -z "$INPUT_VERBOSE" ]] && VERBOSE_PARAM="-v" - -if [ ! -z "$INPUT_QUERIES" ] -then - QUERIES_PARAM="-q $INPUT_QUERIES" -else - QUERIES_PARAM="-q /usr/bin/assets/queries" -fi - -tag=`curl --silent "https://api.github.com/repos/Checkmarx/kics/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/'` -echo "${DATETIME} - INF latest tag is $tag" -version=`echo $tag | sed -r 's/^.{1}//'` -echo "${DATETIME} - INF version is $version" - -echo "${DATETIME} - INF downloading latest kics binaries kics_${version}_linux_x64.tar.gz" -wget -q -c "https://github.com/Checkmarx/kics/releases/download/${tag}/kics_${version}_linux_x64.tar.gz" -O - | tar -xz --directory /usr/bin &>/dev/null - -echo "${DATETIME} - INF : current directory - ${PWD}" -echo "${DATETIME} - INF : about to scan directory $INPUT_PATH" -echo "${DATETIME} - INF : kics command kics $INPUT_PARAM $OUTPUT_PATH_PARAM $PAYLOAD_PATH_PARAM $QUERIES_PARAM $VERBOSE_PARAM" -kics $INPUT_PARAM $OUTPUT_PATH_PARAM $PAYLOAD_PATH_PARAM $QUERIES_PARAM $VERBOSE_PARAM \ No newline at end of file +./app/bin/kics -p $GITHUB_WORKSPACE/$INPUTS_PATH -o $INPUTS.OUTPUT_PATH \ No newline at end of file