From 70787d2edb2e638a7f843912706ddb02e41c8cdf Mon Sep 17 00:00:00 2001
From: wbunker <will@thebunkers.com>
Date: Mon, 29 Apr 2019 10:35:36 -0500
Subject: [PATCH 1/5] putting full path into twistlock path

---
 Jenkinsfile | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 317fd4c..4330de5 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -12,7 +12,6 @@ pipeline {
   environment {
     NEXUS_SERVER = 'nexus-docker.52.61.140.4.nip.io'
     S3_REPORT_BUCKET = 's3://dsop-pipeline-artifacts'
-    TWISTLOCK_SERVER = 'https://twistlock-console-twistlock.us-gov-west-1.compute.internal'
     REMOTE_HOST = 'ec2-52-222-64-188.us-gov-west-1.compute.amazonaws.com'
   }  // environment
 
@@ -60,9 +59,10 @@ pipeline {
           remote.name = "node"
           remote.host = "${env.REMOTE_HOST}"
           remote.allowAnyHosts = true
+          openscap_artifact_path = "${S3_REPORT_BUCKET}/${VENDOR_PRODUCT}/${REPO_NAME}/${IMAGE_TAG}/${DATETIME_TAG}_${BUILD_NUMBER}/openscap/"
+
           node {
             withCredentials([sshUserPrivateKey(credentialsId: 'oscap', keyFileVariable: 'identity', usernameVariable: 'userName')]) {
-              openscap_artifact_path = "${S3_REPORT_BUCKET}/${VENDOR_PRODUCT}/${REPO_NAME}/${IMAGE_TAG}/${DATETIME_TAG}_${BUILD_NUMBER}/openscap/"
               image_full_path = "${NEXUS_SERVER}/${REPO_NAME}:${IMAGE_TAG}"
               remote.user = userName
               remote.identityFile = identity
@@ -110,6 +110,8 @@ pipeline {
           remote.name = "node"
           remote.host = "${env.REMOTE_HOST}"
           remote.allowAnyHosts = true
+          twistlock_artifact_path = "${S3_REPORT_BUCKET}/${VENDOR_PRODUCT}/${REPO_NAME}/${IMAGE_TAG}/${DATETIME_TAG}_${BUILD_NUMBER}/twistlock/"
+
           node {
                 // using the oscap user, this is temporary
             withCredentials([sshUserPrivateKey(credentialsId: 'oscap', keyFileVariable: 'identity', usernameVariable: 'userName')]) {
@@ -120,9 +122,9 @@ pipeline {
                 withCredentials([usernamePassword(credentialsId: 'TwistLock', usernameVariable: 'TWISTLOCK_USERNAME', passwordVariable: 'TWISTLOCK_PASSWORD')]) {
                     sshCommand remote: remote, command: "sudo curl -k -ssl -u ${TWISTLOCK_USERNAME}:'${TWISTLOCK_PASSWORD}' ${TWISTLOCK_SERVER}/api/v1/util/twistcli -o twistcli && sudo chmod +x ./twistcli && sudo ./twistcli images scan ${IMAGE_TAG} --user ${TWISTLOCK_USERNAME} --password '${TWISTLOCK_PASSWORD}' --address ${TWISTLOCK_SERVER} --details ${IMAGE_TAG}"
 		            // Pull latest report from the twistlock console
-		            sshCommand remote: remote, command: "curl -k -s -u ${TWISTLOCK_USERNAME}:'${TWISTLOCK_PASSWORD}' -H 'Content-Type: application/json' -X GET '${TWISTLOCK_SERVER}/api/v1/scans?search=${NEXUS_SERVER}/${IMAGE_TAG}&limit=1&reverse=true&type=twistcli' | python -m json.tool | /usr/sbin/aws s3 cp - ${S3_REPORT_BUCKET}/twistlock/${IMAGE_TAG}.json"
+		            sshCommand remote: remote, command: "curl -k -s -u ${TWISTLOCK_USERNAME}:'${TWISTLOCK_PASSWORD}' -H 'Content-Type: application/json' -X GET '${TWISTLOCK_SERVER}/api/v1/scans?search=${NEXUS_SERVER}/${IMAGE_TAG}&limit=1&reverse=true&type=twistcli' | python -m json.tool | /usr/sbin/aws s3 cp - ${twistlock_artifact_path}${IMAGE_TAG}.json"
                 }// withCredentials
-                
+
               } // stage
             } // withCredentials
           } // node
-- 
GitLab


From 2780efcd13e171cb3f0232108a62e0fa002df3d6 Mon Sep 17 00:00:00 2001
From: wbunker <will@thebunkers.com>
Date: Mon, 29 Apr 2019 10:55:18 -0500
Subject: [PATCH 2/5] added documentation for git/build variables

---
 Jenkinsfile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index 4330de5..e6c2e8f 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -13,6 +13,12 @@ pipeline {
     NEXUS_SERVER = 'nexus-docker.52.61.140.4.nip.io'
     S3_REPORT_BUCKET = 's3://dsop-pipeline-artifacts'
     REMOTE_HOST = 'ec2-52-222-64-188.us-gov-west-1.compute.amazonaws.com'
+    // variable to track git hash version
+    //BUILD_TAG
+    //GIT_COMMIT
+    //BUILD_ID=2011-06-22_15-26-06
+    //GIT_BRANCH=master
+    //BUILD_NUMBER=17
   }  // environment
 
   parameters { choice(choices : 'All\nOpenSCAP\nTwistlock\nAnchore',
-- 
GitLab


From 8b2b8d6b8d567c15ac3d486972912e2e5a998c57 Mon Sep 17 00:00:00 2001
From: wbunker <will@thebunkers.com>
Date: Mon, 29 Apr 2019 12:07:13 -0500
Subject: [PATCH 3/5] add DOD license

---
 LICENSE | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 LICENSE

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..cee4cab
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,16 @@
+As a work of the United States Government, this project is in the public domain within the United States.
+
+Additionally, we waive copyright and related rights in the work worldwide through the CC0 1.0 Universal public domain dedication.
+
+CC0 1.0 Universal Summary
+This is a human-readable summary of the Legal Code (read the full text).
+
+No Copyright
+The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
+
+You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission.
+
+Other Information
+In no way are the patent or trademark rights of any person affected by CC0, nor are the rights that other persons may have in the work or in how the work is used, such as publicity or privacy rights.
+
+Unless expressly stated otherwise, the person who associated a work with this deed makes no warranties about the work, and disclaims liability for all uses of the work, to the fullest extent permitted by applicable law. When using or citing the work, you should not imply endorsement by the author or the affirmer.
-- 
GitLab


From de34cc291ba21fdc5b355c805de348e8db627341 Mon Sep 17 00:00:00 2001
From: wbunker <will@thebunkers.com>
Date: Mon, 29 Apr 2019 12:13:28 -0500
Subject: [PATCH 4/5] added stub for anchore path

---
 Jenkinsfile | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index e6c2e8f..b57eafc 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -153,6 +153,17 @@ pipeline {
 
         anchore bailOnFail: false, bailOnPluginFail: false, name: 'anchore_images'
 
+        script {
+          def remote = [:]
+          remote.name = "node"
+          remote.host = "${env.REMOTE_HOST}"
+          remote.allowAnyHosts = true
+          anchore_artifact_path = "${S3_REPORT_BUCKET}/${VENDOR_PRODUCT}/${REPO_NAME}/${IMAGE_TAG}/${DATETIME_TAG}_${BUILD_NUMBER}/anchore/"
+
+          node {
+          } // Node
+        } // script
+
         //TODO: Push reports to git repo
 
         // s3Upload consoleLogLevel: 'INFO', dontWaitForConcurrentBuildCompletion: false,
-- 
GitLab


From 3c990faae61ed239359fa2940fad68f765111f10 Mon Sep 17 00:00:00 2001
From: wbunker <will@thebunkers.com>
Date: Mon, 29 Apr 2019 12:14:55 -0500
Subject: [PATCH 5/5] removed values for vaiables

---
 Jenkinsfile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index b57eafc..3dcc87f 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -16,9 +16,9 @@ pipeline {
     // variable to track git hash version
     //BUILD_TAG
     //GIT_COMMIT
-    //BUILD_ID=2011-06-22_15-26-06
-    //GIT_BRANCH=master
-    //BUILD_NUMBER=17
+    //BUILD_ID
+    //GIT_BRANCH
+    //BUILD_NUMBER
   }  // environment
 
   parameters { choice(choices : 'All\nOpenSCAP\nTwistlock\nAnchore',
-- 
GitLab