diff --git a/Jenkinsfile b/Jenkinsfile index 52b47457..a2d43df6 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -51,7 +51,7 @@ pipeline { stage('Unit Testing') { agent { docker { - image 'securityuniversal/jenkins:latest' + image 'securityuniversal/jenkins-python-agent:latest' } } when { @@ -75,7 +75,7 @@ pipeline { stage('Secret Scanning') { agent { docker { - image 'securityuniversal/jenkins-secret-agent:latest' + image 'securityuniversal/jenkins-sectesting-agent:latest' } } when { @@ -99,7 +99,7 @@ pipeline { stage('Software Composition Analysis') { agent { docker { - image 'securityuniversal/jenkins:latest' + image 'securityuniversal/jenkins-sectesting-agent:latest' } } when { @@ -127,7 +127,7 @@ pipeline { stage('Static Application Security Testing') { agent { docker { - image 'securityuniversal/jenkins:latest' + image 'securityuniversal/jenkins-sectesting-agent:latest' } } when { @@ -155,7 +155,7 @@ pipeline { stage('Infrastructure-as-Code Security Testing') { agent { docker { - image 'securityuniversal/jenkins-iac-agent:latest' + image 'securityuniversal/jenkins-sectesting-agent:latest' args '--group-add 999' } } @@ -210,7 +210,7 @@ pipeline { stage('Docker Container Scanning') { agent { docker { - image 'securityuniversal/jenkins-iac-agent:latest' + image 'securityuniversal/jenkins-sectesting-agent:latest' args '--group-add 999' } } @@ -294,6 +294,12 @@ pipeline { ////////// Quality Gate ////////// stage("Quality Gate - Security") { + agent { + docker { + image 'securityuniversal/jenkins-sectesting-agent:latest' + args '--group-add 999' + } + } when { expression { def config = jslReadYamlConfig('securityQualityGate') diff --git a/pipeline-config.yaml b/pipeline-config.yaml index 55659e84..93ec1421 100644 --- a/pipeline-config.yaml +++ b/pipeline-config.yaml @@ -9,21 +9,21 @@ stages: branches: - release unitTesting: - enabled: false + enabled: true branches: [] secretScanning: enabled: true branches: - release sca: - enabled: false + enabled: true branches: - release codeLanguages: - Python - Javascript sast: - enabled: false + enabled: true branches: - release codeLanguages: @@ -37,19 +37,19 @@ stages: branches: - release containerScan: - enabled: false + enabled: true branches: - release containerName: secusphere containerTag: latest releaseToTest: - enabled: false + enabled: true branches: - release serviceName: secusphere containerTag: latest testRelease: - enabled: false + enabled: true branches: - release targetUrl: 'http://192.168.0.68:5010' diff --git a/src/vr/api/vulns/vulnerabilities.py b/src/vr/api/vulns/vulnerabilities.py index 7f0c000e..68360c8b 100644 --- a/src/vr/api/vulns/vulnerabilities.py +++ b/src/vr/api/vulns/vulnerabilities.py @@ -132,7 +132,7 @@ def update_vulnerabilities_status(app_cmdb_id, scan_id, req_raw): def add_vulns_background_process(req_raw): now = datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S") app_name = req_raw['appName'] - git_url = req_raw['giturl'] + git_url = req_raw['gitUrl'] git_branch = req_raw['branch'] findings = req_raw['findings'] scan_type = req_raw['scanType']