Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Plugin for image scanning in Pre/Post step #4021

Merged
merged 43 commits into from
Nov 3, 2023
Merged

feat: Plugin for image scanning in Pre/Post step #4021

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
43 commits
Select commit Hold shift + click to select a range
f6be749
image scanning plugin
Ashish-devtron Oct 5, 2023
7418f2b
check for active ci_pipeline_material
Ashish-devtron Oct 11, 2023
78b844f
t checkout ci-pipeMerge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 11, 2023
2b0ca95
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 12, 2023
d2596ae
Merge branch 'main' into image-scanning-plugin
Ashish-devtron Oct 12, 2023
647bf1d
sql script number change
Ashish-devtron Oct 12, 2023
cf95eaa
sql script number change
Ashish-devtron Oct 12, 2023
f7ce0ff
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 12, 2023
7a9a8a9
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 13, 2023
3b0ac36
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 17, 2023
804ee25
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 17, 2023
31cd8ff
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 18, 2023
29a213b
image scanning plugin check
Ashish-devtron Oct 20, 2023
46f76d6
image scanning plugin check
Ashish-devtron Oct 20, 2023
6211df2
check for err
Ashish-devtron Oct 20, 2023
84bc2c7
abort print response
Ashish-devtron Oct 23, 2023
1ad0605
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 23, 2023
6018be6
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 25, 2023
7156314
Merge branch 'main' into image-scanning-plugin
Ashish-devtron Oct 25, 2023
81166be
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 25, 2023
f76e2bd
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 25, 2023
628a7ed
add dockerregistryId
Ashish-devtron Oct 25, 2023
aefbaea
script number update
Ashish-devtron Oct 25, 2023
f759a91
image scanning plugin name
Ashish-devtron Oct 25, 2023
17b7f23
Image scanner endpoint for both CiCd
Ashish-devtron Oct 25, 2023
9311fd3
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 27, 2023
8750cdc
Main merge
Ashish-devtron Oct 27, 2023
88ecb8f
revert postgres port
Ashish-devtron Oct 27, 2023
1f7378b
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 30, 2023
b35bbab
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 30, 2023
38158cb
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 31, 2023
fa2e0db
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Oct 31, 2023
5911c2e
Main merge
Ashish-devtron Oct 31, 2023
f04551c
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 1, 2023
727da5d
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 1, 2023
68d923d
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 1, 2023
e708076
Main merge
Ashish-devtron Nov 1, 2023
8af751a
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 2, 2023
8c055cf
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 2, 2023
1fb0f61
Merge branch 'main' into image-scanning-plugin
Ashish-devtron Nov 2, 2023
8824445
Merge branch 'main' of github.com:devtron-labs/devtron
Ashish-devtron Nov 2, 2023
87a944f
Merge branch 'main' into image-scanning-plugin
Ashish-devtron Nov 2, 2023
b49cd8e
Code review changes
Ashish-devtron Nov 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
Binary file added assets/ic-plugin-vulnerability-scan.png
View file
Open in desktop
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
5 changes: 5 additions & 0 deletions scripts/sql/177_image_scan_plugin.down.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
DELETE FROM plugin_step_variable WHERE plugin_step_id =(SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false);
DELETE FROM plugin_stage_mapping WHERE plugin_id =(SELECT id FROM plugin_metadata WHERE name='Image Scanning');
DELETE FROM pipeline_stage_step_variable WHERE pipeline_stage_step_id in (SELECT id FROM pipeline_stage_step where ref_plugin_id =(SELECT id from plugin_metadata WHERE name ='Image Scanning'));
DELETE FROM pipeline_stage_step where ref_plugin_id in (SELECT id from plugin_metadata WHERE name ='Image Scanning');
DELETE FROM plugin_metadata WHERE name ='Image Scanning';
39 changes: 39 additions & 0 deletions scripts/sql/177_image_scan_plugin.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
INSERT INTO "plugin_metadata" ("id", "name", "description","type","icon","deleted", "created_on", "created_by", "updated_on", "updated_by")
VALUES (nextval('id_seq_plugin_metadata'), 'Image Scanning','Scan a image','PRESET','https://raw.githubusercontent.com/devtron-labs/devtron/main/assets/ic-plugin-vulnerability-scan.png','f', 'now()', 1, 'now()', 1);

INSERT INTO "plugin_stage_mapping" ("plugin_id","stage_type","created_on", "created_by", "updated_on", "updated_by")
VALUES ((SELECT id FROM plugin_metadata WHERE name='Image Scanning'),0,'now()', 1, 'now()', 1);

INSERT INTO "plugin_pipeline_script" ("id", "script", "type","deleted","created_on", "created_by", "updated_on", "updated_by")
VALUES (nextval('id_seq_plugin_pipeline_script'),
'#!/bin/sh
echo "IMAGE SCAN"
curl -X POST $IMAGE_SCANNER_ENDPOINT/scanner/image -H "Content-Type: application/json" -d "{\"image\": \"$DEST\", \"imageDigest\": \"$DIGEST\", \"pipelineId\" : $PIPELINE_ID, \"userId\":
$TRIGGERED_BY, \"dockerRegistryId\": \"$DOCKER_REGISTRY_ID\" }"
if [ $? != 0 ]
then
echo -e "\033[1m======== Image scanning request failed ========"
exit 1
fi',
'SHELL',
'f',
'now()',
1,
'now()',
1);




INSERT INTO "plugin_step" ("id", "plugin_id","name","description","index","step_type","script_id","deleted", "created_on", "created_by", "updated_on", "updated_by")
VALUES (nextval('id_seq_plugin_step'), (SELECT id FROM plugin_metadata WHERE name='Image Scanning'),'Step 1','Step 1 - Image Scanning','1','INLINE',(SELECT last_value FROM id_seq_plugin_pipeline_script),'f','now()', 1, 'now()', 1);


INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'DEST','STRING','image dest',false,true,'INPUT','GLOBAL',1 ,'DEST','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'DIGEST','STRING','Image Digest',false,true,'INPUT','GLOBAL',1 ,'DIGEST','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'PIPELINE_ID','STRING','Pipeline id',false,true,'INPUT','GLOBAL',1 ,'PIPELINE_ID','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'TRIGGERED_BY','STRING','triggered by user',false,true,'INPUT','GLOBAL',1 ,'TRIGGERED_BY','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'DOCKER_REGISTRY_ID','STRING','docker registry id',false,true,'INPUT','GLOBAL',1 ,'DOCKER_REGISTRY_ID','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Image Scanning' and ps."index"=1 and ps.deleted=false), 'IMAGE_SCANNER_ENDPOINT','STRING','image scanner endpoint',false,true,'INPUT','GLOBAL',1 ,'IMAGE_SCANNER_ENDPOINT','f','now()', 1, 'now()', 1);