add dependency check

ef9c4f17 · Wen Wei Li · ccd5430f · ef9c4f17 · ccd5430f · ccd5430f
Commit ef9c4f17 authored Aug 28, 2023 by Wen Wei Li
10 changed files
--- a/.drone.yml
+++ b/.drone.yml
@@ -20,6 +20,11 @@ steps:
        from_secret: sonar_host
      SONAR_TOKEN:
        from_secret: sonar_token
+  - name: dependency-check-py
+    image: prlab/dependency-check-py
+    volumes:
+      - name: cache
+        path: /build/

  - name: scp
    image: appleboy/drone-scp

--- a/reports/.sastscan.baseline
+++ b/reports/.sastscan.baseline
-{
-  "baseline_fingerprints": {
-    "scanPrimaryLocationHash": [
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb",
-      "b0bd4a6a902e74cb"
-    ],
-    "scanTagsHash": []
-  },
-  "created_at": "2023-08-28 05:56:18.157798"
-}
\ No newline at end of file
--- a/reports/ngsast-report.findings.json
+++ b/reports/ngsast-report.findings.json
--- a/reports/scan-full-report.json
+++ b/reports/scan-full-report.json
--- a/reports/source-python-report.html
+++ b/reports/source-python-report.html
--- a/reports/source-python-report.json
+++ b/reports/source-python-report.json
--- a/reports/source-python-report.sarif
+++ b/reports/source-python-report.sarif
-{
-  "runs": [
-    {
-      "tool": {
-        "driver": {
-          "name": "Python Source Analyzer",
-          "version": "1.0.0-scan",
-          "fullName": "Python Source Analyzer"
-        }
-      },
-      "conversion": {
-        "tool": {
-          "driver": {
-            "name": "@ShiftLeft/sast-scan"
-          }
-        },
-        "invocation": {
-          "arguments": [
-            "-r",
-            "-a",
-            "vuln",
-            "-n",
-            "3",
-            "-s",
-            "B101,B102,B105,B307,B308,B310,B322,B404,B601,B602,B603,B604,B605,B701,B702,B703",
-            "-iii",
-            "-ll",
-            "-o",
-            "/app/reports/source-python-report.json",
-            "-f",
-            "json",
-            "-x",
-            ".git,.svn,.mvn,.idea,.github,.hg,dist,obj,backup,docs,tests,test,test-packages,tmp,report,reports,node_modules,.terraform,.serverless,venv,.virtualenv,vendor,bower_components,.vscode,e2e,.pytest_cache,__pycache__,.storybook,.venv,.tox,examples,tutorials,samples,migrations,db_migrations,unittests,unittests_legacy,stubs,cypress,mock,mocks",
-            "/app"
-          ],
-          "executionSuccessful": true,
-          "commandLine": "-r -a vuln -n 3 -s B101,B102,B105,B307,B308,B310,B322,B404,B601,B602,B603,B604,B605,B701,B702,B703 -iii -ll -o /app/reports/source-python-report.json -f json -x .git,.svn,.mvn,.idea,.github,.hg,dist,obj,backup,docs,tests,test,test-packages,tmp,report,reports,node_modules,.terraform,.serverless,venv,.virtualenv,vendor,bower_components,.vscode,e2e,.pytest_cache,__pycache__,.storybook,.venv,.tox,examples,tutorials,samples,migrations,db_migrations,unittests,unittests_legacy,stubs,cypress,mock,mocks /app",
-          "endTimeUtc": "2023-08-28T05:56:16Z",
-          "workingDirectory": {
-            "uri": "file:///home/oran/Documents/ric-app-hw-python"
-          }
-        }
-      },
-      "invocations": [
-        {
-          "executionSuccessful": true,
-          "endTimeUtc": "2023-08-28T05:56:16Z",
-          "workingDirectory": {
-            "uri": "file:///home/oran/Documents/ric-app-hw-python"
-          }
-        }
-      ],
-      "properties": {
-        "metrics": {
-          "total": 0,
-          "critical": 0,
-          "high": 0,
-          "medium": 0,
-          "low": 0
-        }
-      },
-      "results": [],
-      "automationDetails": {
-        "description": {
-          "text": "Static Analysis Security Test results using @ShiftLeft/sast-scan"
-        },
-        "guid": "bf813369-d6ff-470d-a89e-195870e19510"
-      },
-      "versionControlProvenance": [
-        {
-          "branch": "master",
-          "repositoryUri": "",
-          "revisionId": ""
-        }
-      ]
-    }
-  ],
-  "version": "2.1.0",
-  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
-  "inlineExternalProperties": [
-    {
-      "guid": "bf813369-d6ff-470d-a89e-195870e19510",
-      "runGuid": "518b5465-3c50-45a1-bef9-cbca03e2d705"
-    }
-  ]
-}
\ No newline at end of file
--- a/reports/source-yaml-report.html
+++ b/reports/source-yaml-report.html
--- a/reports/source-yaml-report.sarif
+++ b/reports/source-yaml-report.sarif
--- a/reports/yamllint-report.out
+++ b/reports/yamllint-report.out
-/app/resources/pod.yaml:19:1: [warning] missing document start "---" (document-start)
-/app/.drone.yml:16:81: [error] line too long (108 > 80 characters) (line-length)
-/app/.drone.yml:16:104: [error] trailing spaces (trailing-spaces)
-/app/.drone.yml:38:11: [error] too many spaces before colon (colons)
-/app/.drone.yml:47:1: [error] trailing spaces (trailing-spaces)