chore: SDA-1635: add snyk to builds (#839)

* SDA-1635: add support for running snyk tests on builds

* SDA-1635: remove command checks for windows scripts

* SDA-1635: fix windows batch scripts

* SDA-1635: remove windows node version check
This commit is contained in:
Vishwas Shashidhar 2019-12-30 21:06:47 +05:30 committed by GitHub
parent e4eb19dc30
commit c3cff2e67a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 61 additions and 43 deletions

4
package-lock.json generated
View File

@ -13065,8 +13065,8 @@
"optional": true "optional": true
}, },
"screen-snippet": { "screen-snippet": {
"version": "1.0.0", "version": "1.0.1",
"resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#4bd0f9b76d3d99f341b344ef4d9264a0a6bc62a8", "resolved": "git+https://github.com/symphonyoss/ScreenSnippet2.git#b018f7b00ed4a63e77afea9db647c21510ed722a",
"optional": true "optional": true
}, },
"semver": { "semver": {

View File

@ -1,6 +1,7 @@
#!/bin/bash #!/bin/bash
NODE_REQUIRED_VERSION=v12.13.1 NODE_REQUIRED_VERSION=v12.13.1
SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
if ! [ -x "$(command -v git)" ]; then if ! [ -x "$(command -v git)" ]; then
echo 'GIT does not exist! Please set it up before running this script!' >&2 echo 'GIT does not exist! Please set it up before running this script!' >&2
@ -34,8 +35,14 @@ if ! [ -x "$(command -v npm)" ]; then
fi fi
if ! [ -x "$(command -v gulp)" ]; then if ! [ -x "$(command -v gulp)" ]; then
echo 'Gulp does not exist! Install it for setting expiry!' >&2 echo 'Gulp does not exist! Installing it!' >&2
exit 1 npm install -g gulp
fi
if ! [ -x "$(command -v snyk)" ]; then
echo 'Snyk does not exist! Installing and setting it up' >&2
npm install -g snyk
snyk config set api=$SNYK_API_TOKEN
fi fi
if [ -z "$PARENT_BUILD_VERSION" ]; then if [ -z "$PARENT_BUILD_VERSION" ]; then
@ -55,8 +62,13 @@ fi
PKG_VERSION=$(node -e "console.log(require('./package.json').version);") PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
# Install app dependencies # Install app dependencies
echo "Installing dependencies"
npm install npm install
# Run Snyk Security Tests
echo "Running snyk security tests"
snyk test --file=package.json
# replace url in config # replace url in config
echo "Setting default pod url to https://corporate.symphony.com" echo "Setting default pod url to https://corporate.symphony.com"
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config

View File

@ -1,6 +1,7 @@
#!/bin/bash #!/bin/bash
NODE_REQUIRED_VERSION=v12.13.1 NODE_REQUIRED_VERSION=v12.13.1
SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
# Check basic dependencies # Check basic dependencies
if ! [ -x "$(command -v git)" ]; then if ! [ -x "$(command -v git)" ]; then
@ -35,8 +36,14 @@ if ! [ -x "$(command -v npm)" ]; then
fi fi
if ! [ -x "$(command -v gulp)" ]; then if ! [ -x "$(command -v gulp)" ]; then
echo 'Gulp does not exist! Install it for setting expiry!' >&2 echo 'Gulp does not exist! Installing it!' >&2
exit 1 npm install -g gulp
fi
if ! [ -x "$(command -v snyk)" ]; then
echo 'Snyk does not exist! Installing and setting it up' >&2
npm install -g snyk
snyk config set api=$SNYK_API_TOKEN
fi fi
if ! [ -x "$(command -v /usr/local/bin/packagesbuild)" ]; then if ! [ -x "$(command -v /usr/local/bin/packagesbuild)" ]; then
@ -63,8 +70,13 @@ fi
PKG_VERSION=$(node -e "console.log(require('./package.json').version);") PKG_VERSION=$(node -e "console.log(require('./package.json').version);")
# Install app dependencies # Install app dependencies
echo "Installing dependencies"
npm install npm install
# Run Snyk Security Tests
echo "Running snyk security tests"
snyk test --file=package.json
# Replace url in config # Replace url in config
echo "Setting default pod url to https://corporate.symphony.com" echo "Setting default pod url to https://corporate.symphony.com"
sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config sed -i -e 's/\"url\"[[:space:]]*\:[[:space:]]*\".*\"/\"url\":\"https:\/\/corporate.symphony.com\"/g' config/Symphony.config

View File

@ -6,6 +6,7 @@ echo %PATH%
set DISABLE_REBUILD=true set DISABLE_REBUILD=true
set NODE_REQUIRED_VERSION=12.13.1 set NODE_REQUIRED_VERSION=12.13.1
set SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
echo %PATH% echo %PATH%
@ -25,24 +26,22 @@ if %ERRORLEVEL% NEQ 0 (
EXIT /B 1 EXIT /B 1
) )
nvm install %NODE_REQUIRED_VERSION% call nvm install %NODE_REQUIRED_VERSION%
nvm use %NODE_REQUIRED_VERSION% call nvm use %NODE_REQUIRED_VERSION%
WHERE node WHERE gulp
if %ERRORLEVEL% NEQ 0 ( if %ERRORLEVEL% NEQ 0 (
echo "NODE does not exist. Please set it up before running this script." echo "GULP does not exist. Installing it."
EXIT /B 1 call npm i gulp -g
) )
WHERE npm WHERE snyk
if %ERRORLEVEL% NEQ 0 ( if %ERRORLEVEL% NEQ 0 (
echo "NPM does not exist. Please set it up before running this script." echo "Snyk does not exist! Installing and setting it up"
EXIT /B 1 call npm i snyk -g
call snyk config set api=%SNYK_API_TOKEN%
) )
echo "Node version is: "
call node --version
:: Below command replaces buildVersion with the appropriate build number from jenkins :: Below command replaces buildVersion with the appropriate build number from jenkins
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
@ -50,9 +49,13 @@ sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%
echo "Copying search libraries" echo "Copying search libraries"
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library" echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
echo "Running npm install..." echo "Installing dependencies..."
call npm install call npm install
# Run Snyk Security Tests
echo "Running snyk security tests"
call snyk test --file=package.json
:: Set expiry if required :: Set expiry if required
IF "%EXPIRY_PERIOD%"=="" ( IF "%EXPIRY_PERIOD%"=="" (
echo "Not setting expiry for the build!" echo "Not setting expiry for the build!"

View File

@ -6,6 +6,7 @@ echo %PATH%
set DISABLE_REBUILD=true set DISABLE_REBUILD=true
set NODE_REQUIRED_VERSION=12.13.1 set NODE_REQUIRED_VERSION=12.13.1
set SNYK_API_TOKEN=885953dc-9469-443c-984d-524352d54116
set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd set PATH=%PATH%;C:\Program Files\nodejs\;C:\Program Files\Git\cmd
echo %PATH% echo %PATH%
@ -13,36 +14,22 @@ echo %PATH%
set PATH=%PATH%;C:\Program Files (x86)\GnuWin32\bin set PATH=%PATH%;C:\Program Files (x86)\GnuWin32\bin
echo %PATH% echo %PATH%
WHERE git call nvm install %NODE_REQUIRED_VERSION%
call nvm use %NODE_REQUIRED_VERSION%
WHERE gulp
if %ERRORLEVEL% NEQ 0 ( if %ERRORLEVEL% NEQ 0 (
echo "GIT does not exist. Please set it up before running this script." echo "GULP does not exist. Installing it."
EXIT /B 1 call npm i gulp -g
) )
WHERE nvm WHERE snyk
if %ERRORLEVEL% NEQ 0 ( if %ERRORLEVEL% NEQ 0 (
echo "NVM does not exist. Please set it up before running this script." echo "Snyk does not exist! Installing and setting it up"
EXIT /B 1 call npm i snyk -g
call snyk config set api=%SNYK_API_TOKEN%
) )
nvm install %NODE_REQUIRED_VERSION%
nvm use %NODE_REQUIRED_VERSION%
WHERE node
if %ERRORLEVEL% NEQ 0 (
echo "NODE does not exist. Please set it up before running this script."
EXIT /B 1
)
WHERE npm
if %ERRORLEVEL% NEQ 0 (
echo "NPM does not exist. Please set it up before running this script."
EXIT /B 1
)
echo "Node version is: "
call node --version
:: Below command replaces buildVersion with the appropriate build number from jenkins :: Below command replaces buildVersion with the appropriate build number from jenkins
sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%PARENT_BUILD_VERSION%\"/g" package.json
@ -50,9 +37,13 @@ sed -i -e "s/\"buildNumber\"[[:space:]]*\:[[:space:]]*\".*\"/\"buildNumber\":\"%
echo "Copying search libraries" echo "Copying search libraries"
echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library" echo D | xcopy /y "C:\jenkins\workspace\tronlibraries\library" "library"
echo "Running npm install..." echo "Installing dependencies..."
call npm install call npm install
# Run Snyk Security Tests
echo "Running snyk security tests"
call snyk test --file=package.json
:: Set expiry if required :: Set expiry if required
IF "%EXPIRY_PERIOD%"=="" ( IF "%EXPIRY_PERIOD%"=="" (
echo "Not setting expiry for the build!" echo "Not setting expiry for the build!"