mirror of
https://github.com/finos/SymphonyElectron.git
synced 2024-11-26 02:40:24 -06:00
chore: SDA-1635: add snyk to builds (#839)
* SDA-1635: add support for running snyk tests on builds * SDA-1635: remove command checks for windows scripts * SDA-1635: fix windows batch scripts * SDA-1635: remove windows node version check
This commit is contained in:
parent
e4eb19dc30
commit
c3cff2e67a
4
package-lock.json
generated
4
package-lock.json
generated
@ -13065,8 +13065,8 @@
|
|||||||
"optional": true
|
"optional": true
|
||||||
},
|
},
|
||||||
"screen-snippet": {
|
"screen-snippet": {
|
||||||
"version": "1.0.0",
|
"version": "1.0.1",
|
||||||
"resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#4bd0f9b76d3d99f341b344ef4d9264a0a6bc62a8",
|
"resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#b018f7b00ed4a63e77afea9db647c21510ed722a",
|
||||||
"optional": true
|
"optional": true
|
||||||
},
|
},
|
||||||
"semver": {
|
"semver": {
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
NODE_REQUIRED_VERSION=v12.13.1
|
NODE_REQUIRED_VERSION=v12.13.1
|
||||||
|
SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
|
||||||
|
|
||||||
if ! [ -x "$(command -v git)" ]; then
|
if ! [ -x "$(command -v git)" ]; then
|
||||||
echo 'GIT does not exist! Please set it up before running this script!' >&2
|
echo 'GIT does not exist! Please set it up before running this script!' >&2
|
||||||
@ -34,8 +35,14 @@ if ! [ -x "$(command -v npm)" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if ! [ -x "$(command -v gulp)" ]; then
|
if ! [ -x "$(command -v gulp)" ]; then
|
||||||
echo 'Gulp does not exist! Install it for setting expiry!' >&2
|
echo 'Gulp does not exist! Installing it!' >&2
|
||||||
exit 1
|
npm install -g gulp
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [ -x "$(command -v snyk)" ]; then
|
||||||
|
echo 'Snyk does not exist! Installing and setting it up' >&2
|
||||||
|
npm install -g snyk
|
||||||
|
snyk config set api=$SNYK_API_TOKEN
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "$PARENT_BUILD_VERSION" ]; then
|
if [ -z "$PARENT_BUILD_VERSION" ]; then
|
||||||
@ -55,8 +62,13 @@ fi
|
|||||||
PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
|
PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
|
||||||
|
|
||||||
# Install app dependencies
|
# Install app dependencies
|
||||||
|
echo "Installing dependencies"
|
||||||
npm install
|
npm install
|
||||||
|
|
||||||
|
# Run Snyk Security Tests
|
||||||
|
echo "Running snyk security tests"
|
||||||
|
snyk test --file=package.json
|
||||||
|
|
||||||
# replace url in config
|
# replace url in config
|
||||||
echo "Setting default pod url to https://corporate.symphony.com"
|
echo "Setting default pod url to https://corporate.symphony.com"
|
||||||
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config
|
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
NODE_REQUIRED_VERSION=v12.13.1
|
NODE_REQUIRED_VERSION=v12.13.1
|
||||||
|
SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
|
||||||
|
|
||||||
# Check basic dependencies
|
# Check basic dependencies
|
||||||
if ! [ -x "$(command -v git)" ]; then
|
if ! [ -x "$(command -v git)" ]; then
|
||||||
@ -35,8 +36,14 @@ if ! [ -x "$(command -v npm)" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if ! [ -x "$(command -v gulp)" ]; then
|
if ! [ -x "$(command -v gulp)" ]; then
|
||||||
echo 'Gulp does not exist! Install it for setting expiry!' >&2
|
echo 'Gulp does not exist! Installing it!' >&2
|
||||||
exit 1
|
npm install -g gulp
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [ -x "$(command -v snyk)" ]; then
|
||||||
|
echo 'Snyk does not exist! Installing and setting it up' >&2
|
||||||
|
npm install -g snyk
|
||||||
|
snyk config set api=$SNYK_API_TOKEN
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! [ -x "$(command -v /usr/local/bin/packagesbuild)" ]; then
|
if ! [ -x "$(command -v /usr/local/bin/packagesbuild)" ]; then
|
||||||
@ -63,8 +70,13 @@ fi
|
|||||||
PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
|
PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
|
||||||
|
|
||||||
# Install app dependencies
|
# Install app dependencies
|
||||||
|
echo "Installing dependencies"
|
||||||
npm install
|
npm install
|
||||||
|
|
||||||
|
# Run Snyk Security Tests
|
||||||
|
echo "Running snyk security tests"
|
||||||
|
snyk test --file=package.json
|
||||||
|
|
||||||
# Replace url in config
|
# Replace url in config
|
||||||
echo "Setting default pod url to https://corporate.symphony.com"
|
echo "Setting default pod url to https://corporate.symphony.com"
|
||||||
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config
|
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config
|
||||||
|
@ -6,6 +6,7 @@ echo %PATH%
|
|||||||
|
|
||||||
set DISABLE_REBUILD=true
|
set DISABLE_REBUILD=true
|
||||||
set NODE_REQUIRED_VERSION=12.13.1
|
set NODE_REQUIRED_VERSION=12.13.1
|
||||||
|
set SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
|
||||||
|
|
||||||
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
|
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
|
||||||
echo %PATH%
|
echo %PATH%
|
||||||
@ -25,24 +26,22 @@ if %ERRORLEVEL% NEQ 0 (
|
|||||||
EXIT /B 1
|
EXIT /B 1
|
||||||
)
|
)
|
||||||
|
|
||||||
nvm install %NODE_REQUIRED_VERSION%
|
call nvm install %NODE_REQUIRED_VERSION%
|
||||||
nvm use %NODE_REQUIRED_VERSION%
|
call nvm use %NODE_REQUIRED_VERSION%
|
||||||
|
|
||||||
WHERE node
|
WHERE gulp
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
if %ERRORLEVEL% NEQ 0 (
|
||||||
echo "NODE does not exist. Please set it up before running this script."
|
echo "GULP does not exist. Installing it."
|
||||||
EXIT /B 1
|
call npm i gulp -g
|
||||||
)
|
)
|
||||||
|
|
||||||
WHERE npm
|
WHERE snyk
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
if %ERRORLEVEL% NEQ 0 (
|
||||||
echo "NPM does not exist. Please set it up before running this script."
|
echo "Snyk does not exist! Installing and setting it up"
|
||||||
EXIT /B 1
|
call npm i snyk -g
|
||||||
|
call snyk config set api=%SNYK_API_TOKEN%
|
||||||
)
|
)
|
||||||
|
|
||||||
echo "Node version is: "
|
|
||||||
call node --version
|
|
||||||
|
|
||||||
:: Below command replaces buildVersion with the appropriate build number from jenkins
|
:: Below command replaces buildVersion with the appropriate build number from jenkins
|
||||||
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
|
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
|
||||||
|
|
||||||
@ -50,9 +49,13 @@ sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%
|
|||||||
echo "Copying search libraries"
|
echo "Copying search libraries"
|
||||||
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
|
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
|
||||||
|
|
||||||
echo "Running npm install..."
|
echo "Installing dependencies..."
|
||||||
call npm install
|
call npm install
|
||||||
|
|
||||||
|
# Run Snyk Security Tests
|
||||||
|
echo "Running snyk security tests"
|
||||||
|
call snyk test --file=package.json
|
||||||
|
|
||||||
:: Set expiry if required
|
:: Set expiry if required
|
||||||
IF "%EXPIRY_PERIOD%"=="" (
|
IF "%EXPIRY_PERIOD%"=="" (
|
||||||
echo "Not setting expiry for the build!"
|
echo "Not setting expiry for the build!"
|
||||||
|
@ -6,6 +6,7 @@ echo %PATH%
|
|||||||
|
|
||||||
set DISABLE_REBUILD=true
|
set DISABLE_REBUILD=true
|
||||||
set NODE_REQUIRED_VERSION=12.13.1
|
set NODE_REQUIRED_VERSION=12.13.1
|
||||||
|
set SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
|
||||||
|
|
||||||
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
|
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
|
||||||
echo %PATH%
|
echo %PATH%
|
||||||
@ -13,36 +14,22 @@ echo %PATH%
|
|||||||
set PATH=%PATH%;C:\Program Files (x86)\GnuWin32\bin
|
set PATH=%PATH%;C:\Program Files (x86)\GnuWin32\bin
|
||||||
echo %PATH%
|
echo %PATH%
|
||||||
|
|
||||||
WHERE git
|
call nvm install %NODE_REQUIRED_VERSION%
|
||||||
|
call nvm use %NODE_REQUIRED_VERSION%
|
||||||
|
|
||||||
|
WHERE gulp
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
if %ERRORLEVEL% NEQ 0 (
|
||||||
echo "GIT does not exist. Please set it up before running this script."
|
echo "GULP does not exist. Installing it."
|
||||||
EXIT /B 1
|
call npm i gulp -g
|
||||||
)
|
)
|
||||||
|
|
||||||
WHERE nvm
|
WHERE snyk
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
if %ERRORLEVEL% NEQ 0 (
|
||||||
echo "NVM does not exist. Please set it up before running this script."
|
echo "Snyk does not exist! Installing and setting it up"
|
||||||
EXIT /B 1
|
call npm i snyk -g
|
||||||
|
call snyk config set api=%SNYK_API_TOKEN%
|
||||||
)
|
)
|
||||||
|
|
||||||
nvm install %NODE_REQUIRED_VERSION%
|
|
||||||
nvm use %NODE_REQUIRED_VERSION%
|
|
||||||
|
|
||||||
WHERE node
|
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
|
||||||
echo "NODE does not exist. Please set it up before running this script."
|
|
||||||
EXIT /B 1
|
|
||||||
)
|
|
||||||
|
|
||||||
WHERE npm
|
|
||||||
if %ERRORLEVEL% NEQ 0 (
|
|
||||||
echo "NPM does not exist. Please set it up before running this script."
|
|
||||||
EXIT /B 1
|
|
||||||
)
|
|
||||||
|
|
||||||
echo "Node version is: "
|
|
||||||
call node --version
|
|
||||||
|
|
||||||
:: Below command replaces buildVersion with the appropriate build number from jenkins
|
:: Below command replaces buildVersion with the appropriate build number from jenkins
|
||||||
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
|
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
|
||||||
|
|
||||||
@ -50,9 +37,13 @@ sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%
|
|||||||
echo "Copying search libraries"
|
echo "Copying search libraries"
|
||||||
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
|
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
|
||||||
|
|
||||||
echo "Running npm install..."
|
echo "Installing dependencies..."
|
||||||
call npm install
|
call npm install
|
||||||
|
|
||||||
|
# Run Snyk Security Tests
|
||||||
|
echo "Running snyk security tests"
|
||||||
|
call snyk test --file=package.json
|
||||||
|
|
||||||
:: Set expiry if required
|
:: Set expiry if required
|
||||||
IF "%EXPIRY_PERIOD%"=="" (
|
IF "%EXPIRY_PERIOD%"=="" (
|
||||||
echo "Not setting expiry for the build!"
|
echo "Not setting expiry for the build!"
|
||||||
|
Loading…
Reference in New Issue
Block a user