-
Notifications
You must be signed in to change notification settings - Fork 8
/
pipeline
87 lines (82 loc) · 3.32 KB
/
pipeline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
properties([
parameters([
string(defaultValue: '', description: 'DefectKey', name: 'DefectKey'),
string(defaultValue: '', description: 'SonarKey', name: 'SonarKey'),
]),
pipelineTriggers([])
])
pipeline {
agent any
stages {
stage('Crearproducto') {
steps {
withCredentials([string(credentialsId: 'defect', variable: 'defect')]) {
sh '''
curl -s -X 'POST' -H "Authorization: Token ${defect}" \
'http://localhost:8082/api/v2/products/' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"name": "demos",
"external_audience": true,
"prod_type": "1",
"description": "prueba producto"
}'
'''
}
}
}
stage('Crearengagement') {
steps {
withCredentials([string(credentialsId: 'defect', variable: 'defect')]) {
sh '''
PROYECTO=`curl -X 'GET' 'http://localhost:8082/api/v2/products/' -H 'accept: application/json' -H "Authorization: Token ${defect}" -s | jq '.results[] | select(.name=="demos") | .id'`
curl -X 'POST' -H "Authorization: Token ${defect}" \
'http://localhost:8082/api/v2/engagements/' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"name": "demosEng",
"target_start": "2021-10-15",
"target_end": "2021-10-31",
"test_strategy": "",
"deduplication_on_engagement": "on",
"lead": "1",
"product": "'"$PROYECTO"'"
}'
'''
}
}
}
stage('ScanSonarqube') {
steps {
sh '''
cd /home/demos/demos
git clone https://github.com/digininja/DVWA
cd DVWA
curl --include --request POST --header "Content-Type: application/x-www-form-urlencoded" -u "${SonarKey}:" -d 'project=demos&organization=demos&name=demos' 'http://localhost:9000/api/projects/create'
/home/demos/Descargas/sonar-scanner-cli-4.6.2.2472-linux/sonar-scanner-4.6.2.2472-linux/bin/sonar-scanner \
-Dsonar.projectKey=demos \
-Dsonar.sources=. \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=${SonarKey}
sleep 15
PROYECTO=`curl -X 'GET' 'http://localhost:8082/api/v2/products/' -H 'accept: application/json' -H "Authorization: Token ${DefectKey}" -s | jq '.results[] | select(.name=="demos") | .id'`
ENGA=`curl -X 'GET' http://localhost:8082/api/v2/engagements/?product=${PROYECTO} -H 'accept: application/json' -H "Authorization: Token ${DefectKey}" -s | jq '.results[] | select(.name=="demosEng") | .id'`
sleep 40
curl --location --request POST 'http://localhost:8082/api/v2/import-scan/' \
--header "Authorization: Token ${DefectKey}" \
--form 'engagement="'"$ENGA"'"' \
--form 'verified=true' \
--form 'active=true' \
--form 'scan_type=SonarQube API Import'
'''
}
}
stage('ScanOwaspzap') {
steps {
sh "/home/demos/demos/scan_zap.sh"
}
}
}
}