resolve conflict

quanted · Nov 14, 2023 · 9fe82b6 · 9fe82b6
2 parents 38fd9d6 + a45d5fe
commit 9fe82b6
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 26 deletions.
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -188,51 +188,54 @@ RestartPostGIS:
 
 PrismaScanDjango:
   stage: Image Scan
-  extends:
-    - .pcs_compute_scan
   tags:
     - twistcli
   when: manual
   allow_failure: false
   variables:
-      prisma_cloud_scan_image: "registry.epa.gov/qed/pisces_kube/pisces_django:dev-gl"
-      prisma_cloud_compute_url: "https://prismacloud.gitlab-prod.aws.epa.gov"
-      GIT_STRATEGY: clone
+      GIT_STRATEGY: none
   script:
-    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD registry.epa.gov
-    - docker pull $prisma_cloud_scan_image
-    - ./image_scan.sh
+    - 'export PRISMA_CI_TOKEN=$(curl -kH "Content-Type: application/json" -d "{\"username\":\"$prisma_cloud_compute_username\", \"password\":\"$prisma_cloud_compute_password\"}" https://prismacloud.epa.gov/api/v22.12/authenticate | jq -r .token)'
+    - 'curl --progress-bar -L -k --header "Authorization: Bearer $PRISMA_CI_TOKEN" https://prismacloud.epa.gov/api/v1/util/twistcli > twistcli; chmod a+x twistcli;'
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker pull $CI_REGISTRY_IMAGE/pisces_django:$CI_COMMIT_REF_NAME 
+    - ./twistcli images scan $CI_REGISTRY_IMAGE/pisces_django:$CI_COMMIT_REF_NAME --address=https://prismacloud.epa.gov --details --token=$PRISMA_CI_TOKEN
+  after_script:
+    - rm -rf $CI_PROJECT_DIR
+
 
 PrismaScanNginx:
   stage: Image Scan
-  extends:
-    - .pcs_compute_scan
   tags:
     - twistcli
   when: manual
   allow_failure: false
   variables:
-      prisma_cloud_scan_image: "registry.epa.gov/qed/pisces_kube/pisces_nginx:dev-gl"
-      prisma_cloud_compute_url: "https://prismacloud.gitlab-prod.aws.epa.gov"
-      GIT_STRATEGY: clone
+      GIT_STRATEGY: none
   script:
-    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD registry.epa.gov
-    - docker pull $prisma_cloud_scan_image
-    - ./image_scan.sh
+    - 'export PRISMA_CI_TOKEN=$(curl -kH "Content-Type: application/json" -d "{\"username\":\"$prisma_cloud_compute_username\", \"password\":\"$prisma_cloud_compute_password\"}" https://prismacloud.epa.gov/api/v22.12/authenticate | jq -r .token)'
+    - 'curl --progress-bar -L -k --header "Authorization: Bearer $PRISMA_CI_TOKEN" https://prismacloud.epa.gov/api/v1/util/twistcli > twistcli; chmod a+x twistcli;'
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker pull $CI_REGISTRY_IMAGE/pisces_nginx:$CI_COMMIT_REF_NAME 
+    - ./twistcli images scan $CI_REGISTRY_IMAGE/pisces_nginx:$CI_COMMIT_REF_NAME --address=https://prismacloud.epa.gov --details --token=$PRISMA_CI_TOKEN
+  after_script:
+    - rm -rf $CI_PROJECT_DIR
+
 
 PrismaScanPostgres:
   stage: Image Scan
-  extends:
-    - .pcs_compute_scan
   tags:
     - twistcli
   when: manual
   allow_failure: false
   variables:
-      prisma_cloud_scan_image: "registry.epa.gov/qed/pisces_kube/pisces_postgres:dev-gl"
-      prisma_cloud_compute_url: "https://prismacloud.gitlab-prod.aws.epa.gov"
-      GIT_STRATEGY: clone
+      GIT_STRATEGY: none
   script:
-    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD registry.epa.gov
-    - docker pull $prisma_cloud_scan_image
-    - ./image_scan.sh
+    - 'export PRISMA_CI_TOKEN=$(curl -kH "Content-Type: application/json" -d "{\"username\":\"$prisma_cloud_compute_username\", \"password\":\"$prisma_cloud_compute_password\"}" https://prismacloud.epa.gov/api/v22.12/authenticate | jq -r .token)'
+    - 'curl --progress-bar -L -k --header "Authorization: Bearer $PRISMA_CI_TOKEN" https://prismacloud.epa.gov/api/v1/util/twistcli > twistcli; chmod a+x twistcli;'
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker pull $CI_REGISTRY_IMAGE/pisces_postgres:$CI_COMMIT_REF_NAME
+    - ./twistcli images scan $CI_REGISTRY_IMAGE/pisces_postgres:$CI_COMMIT_REF_NAME --address=https://prismacloud.epa.gov --details --token=$PRISMA_CI_TOKEN
+  after_script:
+    - rm -rf $CI_PROJECT_DIR
+
diff --git a/pisces_nginx/Dockerfile b/pisces_nginx/Dockerfile
@@ -1,4 +1,5 @@
-FROM nginx:stable-alpine
+# FROM nginx:stable-alpine
+FROM nginx:stable-alpine3.17-slim
 
 ARG APP_USER=nginx
 

diff --git a/pisces_postgres/Dockerfile b/pisces_postgres/Dockerfile
@@ -1,4 +1,4 @@
-FROM postgis/postgis:11-2.5-alpine
+FROM postgis/postgis:11-3.3-alpine
 
 ARG APP_USER=postgres