UNCLASSIFIED

Skip to content

GitLab

Commit e1828b0e authored by Karpagam Balan's avatar Karpagam Balan
Browse files

Merge branch 'development' of... 

Merge branch 'development' of https://dccscr.dsop.io/dsop/solutions-delivery-platform/dependency-check/dependency-check into development
parents 7096b385 e32926dc
Hide whitespace changes
Inline Side-by-side
Showing with 0 additions and 163 deletions
5.2.4/Dockerfile deleted 100644 → 0
View file @ 7096b385
ARG BASE_REGISTRY=registry.access.redhat.com
ARG BASE_IMAGE=ubi7/ubi
ARG BASE_TAG=7.8
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
### Required Atomic/OpenShift Labels - https://github.com/projectatomic/ContainerApplicationGenericLabels
LABEL name="Solutions Delivery Platform: OWASP Dependency Check" \
maintainer="terrana_steven@bah.com" \
vendor="Booz Allen Hamilton" \
version="5.2.4" \
release="5.2.4" \
summary="OWASP Dependency Check container" \
description="The OWASP Dependency Check container image for the Solutions Delivery Platform"
### add licenses to this directory
COPY LICENSE /licenses
### Install packages from ubi base repo
RUN INSTALL_PKGS="java-1.8.0-openjdk-devel ruby unzip" && \
yum update -y \
--nogpgcheck \
--disablerepo=unified_platform_ubi8_os \
--disablerepo=unified_platform_ubi8_appstream \
--disableplugin=subscription-manager \
--setopt=tsflags=nodocs \
--security \
--sec-severity=Important \
--sec-severity=Critical && \
yum install ${INSTALL_PKGS} -y \
--nogpgcheck \
--disablerepo=unified_platform_ubi8_os \
--disablerepo=unified_platform_ubi8_appstream \
--disableplugin=subscription-manager \
--setopt=tsflags=nodocs
### Environment variables
ENV user dependencycheck
ENV OWASP_DEP_CHECK_VERSION 5.2.4
### Fetch dependency bundle
RUN mkdir /root/tmp
RUN cd /root/tmp && \
curl -k -fu ${NEXUS_USERNAME}:${NEXUS_PASSWORD} https://${NEXUS_SERVER}/repository/dsop/solutions-delivery-platform/dependency-check/owasp-dep-check-dependencies-$OWASP_DEP_CHECK_VERSION.tar.gz -O
### Install mono-devel
RUN cd /root/tmp && tar -xzf owasp-dep-check-dependencies-$OWASP_DEP_CHECK_VERSION.tar.gz && rpm -ivh --replacepkgs --replacefiles /root/tmp/dependencies/mono-devel/*.rpm && rm /root/tmp/owasp-dep-check-dependencies-$OWASP_DEP_CHECK_VERSION.tar.gz
### Install ruby dependencies
RUN cd /root/tmp && \
gem install --force --local /root/tmp/dependencies/rubygems-update/*.gem && \
update_rubygems && \
gem install --force --local /root/tmp/dependencies/bundle-audit/*.gem && \
gem cleanup
### Install OWASP Dependency Check binaries
RUN cd /root/tmp/dependencies/owasp && \
unzip dependency-check-${OWASP_DEP_CHK_VERSION}-release.zip && \
rm dependency-check-${OWASP_DEP_CHK_VERSION}-release.zip && \
mv dependency-check /usr/share/ && \
rm -rf /root/tmp/dependencies
# Add user, create required directories and cleanup
RUN useradd -ms /bin/bash ${user} && \
chown -R ${user}:${user} /usr/share/dependency-check && \
mkdir /report && \
chown -R ${user}:${user} /report && \
yum --nogpgcheck --disableplugin=subscription-manager clean all
USER ${user}
VOLUME ["/src" "/usr/share/dependency-check/data" "/report"]
WORKDIR /src
CMD ["--help"]
ENTRYPOINT ["/usr/share/dependency-check/bin/dependency-check.sh"]
5.2.4/scripts/BAH-public.key deleted 100644 → 0
View file @ 7096b385
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (GNU/Linux)
mQINBF4worQBEACsIaK9upBTpLrZUKQdGsYMwFs62iFQ2LFpe20X+cWDzHyjAs6C
c0b+QJK/WFEh61rWkSu74IUfAgLrbAzZV6dYwcNYaa/FNR9NLFBpn/7HK4lE2M7A
MqdujCKAELS74JHpJ8+bjLbgV59MkPfQSTHn0BOo02JiWuqxpFKSlVTTtdiymhXQ
USiqZ8FSgrVH9GiibRdCBloT1HFrrxs2LMnRsgCN6FXtyPF7jQSipklBfASCe0lS
i4UNyx+d5G1lpXqZiwYxVYMw79Z5b9l/ZcYAar10o5EQpnr76rxMCIf2vlEZp/Yj
aZVIHpTTtA4g9lsrIhDoJ8hABnOsNfz5M1zLMXbZaIrwQi+1ZhHlKSGxYlXgy2ay
+zOWzjz4ub5t7yxI3MPLlEIcJTrJwC9LMUzGhqLDnOi0m5vdrXksUvIQ9JQHqHOd
iQdtTqJErVQl7rBMepLUBdNSJ1PqjR5AZRljGOCdZPedb5/U+5n/pxv23xbWWs2/
pad31FISlY8y3eEhaA1Y2GcP+Y4LAtNm4LyM4Uk/nvniG+rI0TBzxERn1Y6Pax8x
JhTUcgcBLGHbwFAQ/gTDRkg+9DnR0m8ZCKuJ8bPx1qmM1iR39Ks44AbtZsgrkZF+
DrHXaiaIxtEHyRw7JLQ4auNhZb3FQfy7YrENqnF3eEhyg4cx0LEJJcl+wwARAQAB
tDBiYWxhbi1rYXJwYWdhbSA8YmFsYW4ta2FycGFnYW1AdXNlcnMuZ2l0aHViLmNv
bT6JAj8EEwECACkFAl4worQCGwMFCRLMAwAHCwkIBwMCAQYVCAIJCgsEFgIDAQIe
AQIXgAAKCRCRo0uHmCFZ3ECvD/9Ix0fSV4zOwnJ5KQZEp5tEnOGPJBPcBZ6hBJQc
9/R7DcmcN2LsOm6weMvax12/7Jo7Dbpl2rH11vwqrMrPmnm4BO6YcdmxmfE5ikyu
2EU4pzYgAFOGrahNaaSzEXFnMvDAKHLPT6xOJ35Re/RYxQOoiW+dmxPaceZv+lf4
Jpfm8AtreMqpWLwl1+EN6zJzMF0yJjxUNxsZzaf4G6IxqZ+xwh9Auh2R6ga7UUz5
0sNDIMdFUNE0aQNsd8UX5pJQApwd63xE9MrnqnCPs3y39b1V+gSwYWv3sMTGDpyE
rlDazVIJgSdBytpjAqoC0+wlm/fSgMI5YL6sJnhAfKUKp5u+5Dsr3xPFfq8s62cs
TD14tQ0ees62I3yysStfo2w8lRUE+7fXLhgPaeYoN56/XsIheO0cXIbiNgLdS6kl
MH+RtdyvwOBLdUgH1N5V/ctqeXbs38w4i4jPeyt/z6XYRli7Xkh7g3m1JpL4Hn6Q
tqvuvx0FwdfXjcbuHIAHrY4kAkvKNi+dDsJ3tP8CYotmI/RlNCKjweMcOKN7qXAz
/3qOUNXP546eObg3obOn0g0npyfQ9hojwFCl2KqNzHcr45y1Jw4peFXjthBq8B7Z
cn6mKauJ+0K3H+fjlKR3W2TUD/p3FKqILbbw10J3sFulRppTDqzhRetUs0dQgtuK
DpivCLkCDQReMKK0ARAA0sOzOfKuinhmzybri25NkXvyp9SbNcg8pZAmOkXsJ0Hy
S5VK4a6aHoRs1pGsikaBYNdxJ2gwA3CeiaAJW54od8gA1RVzETfyKWjYsO7AB4I0
LRmZSEYisnVjfTxzfpbTqjem3yyq2KG2pv4FEsv6jF9dGrdQ9EgZHf/ZebI55JS/
TPVVau/EW3urVPFLlz+2TOzks5ysHtdCZl5A7+it70lPnaqg2LO5Kp9OnmUpIpLF
piorHnNYXv6kUoCYblj65djCmvnRoN1rKfrh12vhIupXfRfyO/hovIMnEHFhXhBY
yJAdusapk6A+mkbjS3g0E2igV5g0lW1XR/vN6ElGs3JfCLLmFYJCWyIg5ykrHj3I
S8cf1uaMfSQcArIBewc8RZdN1YZUc6WCH3BImBKI1di8QdNACfUnZSkNdMrN4Dmn
MLD38ACsSTe/D68MHxr5ee5tH7iFxTWBn8l5bZQot5qsL9glDxTT4bNiK9HzZJZN
ks4r3kg8mUcNb8LTi4Fn9ITEv0COzPMOs7ibIMeFv+r5LGK2DHo/o+oLgSzNcx2W
PAzhFscXtCRFZHWjN1wLAjT1mPjkF8WRKfNwp3azU1VdZ4V7uR2FlsjwaL8QZs5g
ZpyeyZLMEsN47LoIaMvmTCc6HzsZoJAtz9GNwBlFmQoxodIkGYiwNRGWD/eNPEEA
EQEAAYkCJQQYAQIADwUCXjCitAIbDAUJEswDAAAKCRCRo0uHmCFZ3CyYEACN5wsX
vH+jNxYxQ+2FvObZyHT/LjD1DgFGCxE+dMqtaR84OgVgpHxhka8fbSaNlwey0J9h
jo7dgcx9pc4TpxmIiRFqKRUbMMEVfeksy1wC4T5UZHaL3QNy6I/vnpGmPkUmEK1F
RKERbpK/lCj4LDZpZr5hBnQ+5IcuSGR5JJ28vm58UMuiwwbE84hgbu0XcBqNkEcM
sg9jVVJJ7ZgV6TKjEa/335LwT8gQRBKBuef/ENWps8XOxY7tYD6XvHI4Hgxk5W3g
XuaaXs5SXR/bTgUgIYSqfSnjwbKVQJh8fXivs2N1kgFzZBA80O6oecB3+5sTmEMJ
SzBpX01+B0WQZ+AY/FAYTZhqG0eD0pn8MHdVr4emoZYAgkW9iCjrnN9+TS8Lpb0I
L3SxTyU07NCJKXZajCaSFuSm2OAM4E979HIZUargYKmA06v6bFXh/TdQKaONN+Eh
qR9E5AM1N12ekN0ORxSARRQuOXUMFZ+beco+MMGhkbtu4Q4dSJviF26gxgvdPDq9
5uMF/MKyo4Th6g1Yf3Y+UNaP9i+XHqvmExoDf6VN08Pto7sYIPHS1yqcEqJxPIw0
Q3R1n6FGi9YcfTSVpgLQa97FSzmzh5qT3Ef0puJsCzB916Itmwax1aeduZjURp3H
TWKZU0fI5Q5MLqyVTV3podyo7oDD4WySM3BYlQ==
=MD6X
-----END PGP PUBLIC KEY BLOCK-----
5.2.4/scripts/owasp-dep-check-dependencies-dcar-0.3.sha256 deleted 100644 → 0
View file @ 7096b385
4e885b2cf44aa7a27dd16727e8e3e01011498ab9b5fca2e27dc1fc6935b0d3f3
5.2.4/scripts/prebuild.sh deleted 100755 → 0
View file @ 7096b385
#!/bin/bash
#OWASP Dependency Checker prebuild script
set -e
### Environment Variables ###
OWASP_DEP_CHK_VERSION=5.2.4
SDP_DCAR_OWASP_DEP_CHK_VERSION=dcar-0.3
VENDOR=BAH
# DSOP Nexus repo
NEXUS_SERVER=${NEXUS_SERVER}
NEXUS_USERNAME=${NEXUS_USERNAME}
NEXUS_PASSWORD=${NEXUS_PASSWORD}
### Download files/dependencies ###
# temporarily place binaries locally in /tmp/${VENDOR}/
curl --create-dirs -sSLo /tmp/${VENDOR}/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz https://github.com/boozallen/sdp-images/releases/download/$SDP_DCAR_OWASP_DEP_CHK_VERSION/owasp-dep-check-dependencies-$SDP_DCAR_OWASP_DEP_CHK_VERSION.tar.gz
### Verify downloaded dependency bundle
gpg --import BAH-public.key
gpg --verify owasp-dep-check-dependencies-$SDP_DCAR_OWASP_DEP_CHK_VERSION.sig /tmp/${VENDOR}/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz
echo "$(cat owasp-dep-check-dependencies-$SDP_DCAR_OWASP_DEP_CHK_VERSION.sha256) /tmp/${VENDOR}/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz" | sha256sum --check --status
### Upload dependency bundle to Nexus
curl -k -fu ${NEXUS_USERNAME}:${NEXUS_PASSWORD} -T /tmp/${VENDOR}/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz https://${NEXUS_SERVER}/repository/dsop/solutions-delivery-platform/dependency-check/owasp-dep-check-dependencies-$OWASP_DEP_CHK_VERSION.tar.gz
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED