From 4eef31221e40c51f19978a1657065e08e202d6db Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Wed, 2 Aug 2023 16:34:46 +0100 Subject: [PATCH 01/20] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1324fb7..e412880 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM golang:latest # Add Maintainer Info -LABEL maintainer="Rajeev Singh " +LABEL maintainer="Dave Lawton" # Set the Current Working Directory inside the container WORKDIR /app From 196cbfe811b2478d06c11bb6d620ec546e2f2191 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:16:38 +0100 Subject: [PATCH 02/20] Create main.yml --- .github/workflows/main.yml | 51 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..c692980 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,51 @@ +name: Docker Build and Apiiro Scan + +on: + push: + branches: + - master + +jobs: + build: + runs-on: ubuntu-latest + + steps: + # Check out code from the repository + - name: Check out repository + uses: actions/checkout@v2 + + # Build the Docker image + - name: Build Docker image + run: docker build -t my-image:${{ github.run_id }} . + + # Apiiro API Build Scan + - name: Apiiro API Build Scan + run: | + return_string=$(curl -s --location 'https://app-staging.apiiro.com/rest-api/v1.0/buildScan/builds' \ + --header 'Content-Type: application/json' \ + --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}' \ + --data ' + { + "commitSha": "${{ github.sha }}", + "repositoryUrl": "${{ github.repository_url }}", + "buildId": "${{ github.run_id }}" + }') + echo "$return_string" + echo "RETURN_STRING=$return_string" >> $GITHUB_ENV + continue-on-error: true + + # Apiiro API Results Scan + - name: Apiiro API Results Scan + run: | + response=$(curl -vv --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ + --header 'Content-Type: application/json' \ + --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') + + echo "$response" + + json_response=$(echo "$response" | grep '{"buildPassed"') + if [[ $(echo "$json_response" | jq '.buildPassed') == "false" ]]; then + echo "Pipeline failed due to Apiiro scan." + exit 1 + fi + From 8b325d558288e29462ea15740239a2264574c014 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:29:30 +0100 Subject: [PATCH 03/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c692980..b339bc9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: --data ' { "commitSha": "${{ github.sha }}", - "repositoryUrl": "${{ github.repository_url }}", + "repositoryUrl": "${{ vars.REPOSITORY_VAR }}", "buildId": "${{ github.run_id }}" }') echo "$return_string" From 3cd7be9e69481d8da05df8a19c8ee2975a75cf65 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:31:47 +0100 Subject: [PATCH 04/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b339bc9..f84190d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: --data ' { "commitSha": "${{ github.sha }}", - "repositoryUrl": "${{ vars.REPOSITORY_VAR }}", + "repositoryUrl": "$GITHUB_REPOSITORY", "buildId": "${{ github.run_id }}" }') echo "$return_string" From 8647cacdc383768c44eeaf98360217786f94bd11 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:34:29 +0100 Subject: [PATCH 05/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f84190d..84056e7 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: --data ' { "commitSha": "${{ github.sha }}", - "repositoryUrl": "$GITHUB_REPOSITORY", + "repositoryUrl": "${{ github.event.repository.html_url }}", "buildId": "${{ github.run_id }}" }') echo "$return_string" From cff23e3c73fde267bf09dfec5a8c3d6c37410dda Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:44:04 +0100 Subject: [PATCH 06/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 84056e7..faccee2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: --data ' { "commitSha": "${{ github.sha }}", - "repositoryUrl": "${{ github.event.repository.html_url }}", + "repositoryUrl": "https://github.com/davidl-apiiro/go-docker", "buildId": "${{ github.run_id }}" }') echo "$return_string" From 6182b5ef7719e11fcce6d9c12b76083946cee6df Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 28 Aug 2023 19:51:07 +0100 Subject: [PATCH 07/20] Update main.yml --- .github/workflows/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index faccee2..c3fd0dd 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -31,6 +31,8 @@ jobs: "buildId": "${{ github.run_id }}" }') echo "$return_string" + echo "${{ github.sha }}" + echo "${{ github.run_id }}"" echo "RETURN_STRING=$return_string" >> $GITHUB_ENV continue-on-error: true From 55cf8b157d05d149bbfe92f81542f1bded8cd519 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Tue, 29 Aug 2023 08:14:12 +0100 Subject: [PATCH 08/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c3fd0dd..63e62b2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -32,7 +32,7 @@ jobs: }') echo "$return_string" echo "${{ github.sha }}" - echo "${{ github.run_id }}"" + echo "${{ github.run_id }}" echo "RETURN_STRING=$return_string" >> $GITHUB_ENV continue-on-error: true From 155897cb9a31f2e74f1c1a88b776596742bbf4e7 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Tue, 29 Aug 2023 08:49:14 +0100 Subject: [PATCH 09/20] Update main.yml --- .github/workflows/main.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 63e62b2..d1d4759 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -6,7 +6,8 @@ on: - master jobs: - build: + docker-build: + name: Docker Build runs-on: ubuntu-latest steps: @@ -18,6 +19,12 @@ jobs: - name: Build Docker image run: docker build -t my-image:${{ github.run_id }} . + apiiro-scan: + name: Apiiro Build Scan + runs-on: ubuntu-latest + needs: docker-build # Ensures this job runs only after 'docker-build' completes successfully + + steps: # Apiiro API Build Scan - name: Apiiro API Build Scan run: | @@ -50,4 +57,3 @@ jobs: echo "Pipeline failed due to Apiiro scan." exit 1 fi - From 73f4bb543254d64c5d1ca53f0b0063f1f1c9ac53 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Fri, 8 Sep 2023 14:40:06 +0100 Subject: [PATCH 10/20] Update main.yml --- .github/workflows/main.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d1d4759..9566928 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,9 +1,6 @@ name: Docker Build and Apiiro Scan -on: - push: - branches: - - master + jobs: docker-build: From 8af8f14b5344b2571d78bf6144f805bb2d23a949 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Fri, 8 Sep 2023 14:41:37 +0100 Subject: [PATCH 11/20] Update main.yml --- .github/workflows/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9566928..1608ba7 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,7 @@ name: Docker Build and Apiiro Scan +on: + workflow_dispatch: jobs: From 9bfb0b7c0ccef5cdc010fff0cafbf047b4fcada4 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:55:37 +0100 Subject: [PATCH 12/20] Update main.yml --- .github/workflows/main.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1608ba7..086b893 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -46,13 +46,14 @@ jobs: - name: Apiiro API Results Scan run: | response=$(curl -vv --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ - --header 'Content-Type: application/json' \ + --header 'Accept: application/json' \ --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') - + echo "$response" - + json_response=$(echo "$response" | grep '{"buildPassed"') if [[ $(echo "$json_response" | jq '.buildPassed') == "false" ]]; then echo "Pipeline failed due to Apiiro scan." exit 1 fi + From f1f1aea18742881420896cacff3e91492b930d40 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 10:17:15 +0100 Subject: [PATCH 13/20] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 086b893..b857cbb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -46,7 +46,7 @@ jobs: - name: Apiiro API Results Scan run: | response=$(curl -vv --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ - --header 'Accept: application/json' \ + --header 'Content-Type: application/json' \ --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') echo "$response" From cfd22de3c09be9c231be97be66c6182b34e1cee4 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 15:37:38 +0100 Subject: [PATCH 14/20] Update main.yml --- .github/workflows/main.yml | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b857cbb..8215fd5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,11 +49,22 @@ jobs: --header 'Content-Type: application/json' \ --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') - echo "$response" - - json_response=$(echo "$response" | grep '{"buildPassed"') - if [[ $(echo "$json_response" | jq '.buildPassed') == "false" ]]; then - echo "Pipeline failed due to Apiiro scan." - exit 1 - fi + echo "$response" + + # Check for HTTP 503 Service Unavailable + if echo "$response" | grep -q "HTTP.*503"; then + echo "Scan is still in progress. Waiting for the next check..." + sleep 5 # Wait 5 seconds before the next iteration + else + # Check buildPassed status + if echo "$response" | jq -e '.buildPassed' 2>/dev/null | grep -q "true"; then + echo "Pipeline can continue. Apiiro scan passed." + exit 0 + else + echo "Unexpected JSON format or missing 'buildPassed' key." + exit 1 + fi + fi + done + From bef0e182950a41b99c3d85afa04a22943b9fd54d Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 17:17:27 +0100 Subject: [PATCH 15/20] Update main.yml --- .github/workflows/main.yml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8215fd5..5ec9537 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,26 +45,26 @@ jobs: # Apiiro API Results Scan - name: Apiiro API Results Scan run: | - response=$(curl -vv --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ - --header 'Content-Type: application/json' \ - --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') + while true; do + # The -s flag makes curl silent. -S forces it to show errors, but it won't show progress or any other messages. + response=$(curl -sS --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ + --header 'Content-Type: application/json' \ + --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') - echo "$response" - - # Check for HTTP 503 Service Unavailable - if echo "$response" | grep -q "HTTP.*503"; then - echo "Scan is still in progress. Waiting for the next check..." - sleep 5 # Wait 5 seconds before the next iteration + # Check for HTTP 503 Service Unavailable + if echo "$response" | grep -q "HTTP.*503"; then + echo "Scan is still in progress. Waiting for the next check..." + sleep 5 # Wait 5 seconds before the next iteration + else + # Check buildPassed status + if echo "$response" | jq -e '.buildPassed' 2>/dev/null | grep -q "true"; then + echo "Pipeline can continue. Apiiro scan passed." + exit 0 else - # Check buildPassed status - if echo "$response" | jq -e '.buildPassed' 2>/dev/null | grep -q "true"; then - echo "Pipeline can continue. Apiiro scan passed." - exit 0 - else - echo "Unexpected JSON format or missing 'buildPassed' key." - exit 1 - fi + echo "Unexpected JSON format or missing 'buildPassed' key." + exit 1 fi - done + fi + done From 3b713f340f166d29187950856741c12b5a8eca32 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 18:38:45 +0100 Subject: [PATCH 16/20] Update main.yml --- .github/workflows/main.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 5ec9537..9b229a6 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -56,6 +56,14 @@ jobs: echo "Scan is still in progress. Waiting for the next check..." sleep 5 # Wait 5 seconds before the next iteration else + # Print the API response summary and scan results + echo "API Response Summary:" + echo "$response" | jq -r '.summary' + echo "---------------------" + echo "API Scan Results:" + echo "$response" | jq -r '.scanResults[]' + echo "---------------------" + # Check buildPassed status if echo "$response" | jq -e '.buildPassed' 2>/dev/null | grep -q "true"; then echo "Pipeline can continue. Apiiro scan passed." @@ -67,4 +75,3 @@ jobs: fi done - From 8c4cdc82d0d773b693f548c111f06ad6cbc51233 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 18:47:22 +0100 Subject: [PATCH 17/20] Update main.yml --- .github/workflows/main.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9b229a6..e30fa91 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,12 +45,18 @@ jobs: # Apiiro API Results Scan - name: Apiiro API Results Scan run: | - while true; do - # The -s flag makes curl silent. -S forces it to show errors, but it won't show progress or any other messages. + while true; do response=$(curl -sS --insecure --retry 15 --retry-max-time 900 --retry-delay 45 --location --request GET 'https://app-staging.apiiro.com/rest-api/v1/buildScan/${{ env.RETURN_STRING }}/results' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer ${{ secrets.BEARER_TOKEN }}') - + + # Check if the response is valid JSON + if ! echo "$response" | jq empty 2>/dev/null; then + echo "Received an invalid JSON response. Waiting before the next check..." + sleep 5 + continue + fi + # Check for HTTP 503 Service Unavailable if echo "$response" | grep -q "HTTP.*503"; then echo "Scan is still in progress. Waiting for the next check..." @@ -74,4 +80,3 @@ jobs: fi fi done - From 27e907ddad91bc50b936396577a37545b72f003b Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Mon, 11 Sep 2023 18:51:27 +0100 Subject: [PATCH 18/20] Create s3.yaml --- .github/workflows/s3.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .github/workflows/s3.yaml diff --git a/.github/workflows/s3.yaml b/.github/workflows/s3.yaml new file mode 100644 index 0000000..45bc293 --- /dev/null +++ b/.github/workflows/s3.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +credsStore: + password: dave3E4gf4!P + s3_bucket_token: XQMOED0FK1ENBT4UHG3TY5BZL6FH7EGT8YOPSDF9NPSDU0FKT0WEUR0LKG0SDDFT + dbConnectionString: mongo -u admin -p dbking123! + From 4e8d9344c9ae9bc5ee2fa3c88d9b54d35d8fae11 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Wed, 13 Dec 2023 20:04:46 +0000 Subject: [PATCH 19/20] Create s3.yaml --- s3.yaml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 s3.yaml diff --git a/s3.yaml b/s3.yaml new file mode 100644 index 0000000..6da0b08 --- /dev/null +++ b/s3.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +credsStore: + password: dave3E4gf4!P + s3_bucket_token: XQMOED0FK1ENBT4UHG3TY5BZL6FH7EGT8YOPSDF9NPSDU0FKT0WEUR0LKG0SDDFT + dbConnectionString: mongo -u admin -p dbking123! From 6caaef38e851f67c19d27eae411bcea83658fa97 Mon Sep 17 00:00:00 2001 From: davidl-apiiro <140383991+davidl-apiiro@users.noreply.github.com> Date: Fri, 12 Jan 2024 11:26:07 +0000 Subject: [PATCH 20/20] Create s3.yml --- s3.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 s3.yml diff --git a/s3.yml b/s3.yml new file mode 100644 index 0000000..45bc293 --- /dev/null +++ b/s3.yml @@ -0,0 +1,6 @@ +apiVersion: v2 +credsStore: + password: dave3E4gf4!P + s3_bucket_token: XQMOED0FK1ENBT4UHG3TY5BZL6FH7EGT8YOPSDF9NPSDU0FKT0WEUR0LKG0SDDFT + dbConnectionString: mongo -u admin -p dbking123! +