Merge pull request #1 from secureCodeBox/feature/versioned-builds

Feature/versioned builds

.travis.yml

@@ -1,23 +1,23 @@
 language: ruby
 rvm:
-  - 2.5
+    - 2.5
 jobs:
-  include:
-    - stage: test
-      script: rake test
-    - stage: build docker image
-      if: branch IN (master, develop) AND type != pull_request
-      services:
-        - docker
-      script:
-        - export REPO=securecodebox/arachni
-        - export TAG=$TRAVIS_BRANCH
-        - docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD"
-        - echo -en "travis_fold:start:Docker_Build\r"
-        - docker build -t $REPO:$TAG --build-arg=COMMIT_ID=$TRAVIS_COMMIT --build-arg=BRANCH=$TRAVIS_BRANCH --build-arg=REPOSITORY_URL="https://github.com/secureCodeBox/scanner-webapplication-arachni" .
-        - docker tag $REPO:$TAG $REPO:oss;
-        - docker tag $REPO:$TAG $REPO:latest;
-        - docker tag $REPO:$TAG $REPO:$TRAVIS_BUILD_NUMBER;
-        - echo -en "travis_fold:end:Docker_Build\r"
-        - docker images
-        - docker push $REPO
+    include:
+        - stage: test
+          script: rake test
+        - stage: build docker image
+          services:
+              - docker
+          script:
+              - export REPO=securecodebox/arachni
+              - export TAG=$(echo $TRAVIS_BRANCH | sed 's/\//-/g')
+              - echo -en "travis_fold:start:Docker_Build\r"
+              - docker build -t $REPO:$TAG --build-arg="BUILD_DATE=$(date --rfc-3339=seconds)" --build-arg=VERSION=$TRAVIS_TAG --build-arg=COMMIT_ID=$TRAVIS_COMMIT --build-arg=BRANCH=$TRAVIS_BRANCH --build-arg=REPOSITORY_URL="https://github.com/secureCodeBox/scanner-webapplication-arachni" .
+              - echo -en "travis_fold:end:Docker_Build\r"
+              - docker images
+deploy:
+    - provider: script
+      skip_cleanup: true
+      script: bash .travis/deployDockerHub.sh
+      on:
+          all_branches: true

.travis/deployDockerHub.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+echo "Docker Login"
+echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+echo "Pushing to Dockerhub"
+
+if [[ $TRAVIS_BRANCH =~ ^develop$ ]]
+then
+    echo "Develop Build: Pushing develop tag"
+
+    echo $(docker tag $REPO:$TAG $REPO:develop)
+    echo $(docker tag $REPO:$TAG $REPO:develop-$TRAVIS_BUILD_NUMBER)
+
+    echo $(docker push $REPO:develop)
+    echo $(docker push $REPO:develop-$TRAVIS_BUILD_NUMBER)
+elif [ "$TRAVIS_BRANCH" = "$TRAVIS_TAG" ]
+then
+    echo "Tagged Release: Pushing versioned docker image." 
+    echo $(docker tag $REPO:$TAG $REPO:$TRAVIS_TAG)
+    echo $(docker tag $REPO:$TAG $REPO:latest)
+    echo $(docker push $REPO:$TRAVIS_TAG)
+    echo $(docker push $REPO:latest)
+else
+    echo "Feature Branch: Pushing only branch Tag"
+    echo $(docker push $REPO:$TAG)
+fi

Dockerfile

@@ -33,9 +33,23 @@ EXPOSE 8080
 ARG COMMIT_ID=unkown
 ARG REPOSITORY_URL=unkown
 ARG BRANCH=unkown
+ARG BUILD_DATE
+ARG VERSION
 
 ENV SCB_COMMIT_ID ${COMMIT_ID}
 ENV SCB_REPOSITORY_URL ${REPOSITORY_URL}
 ENV SCB_BRANCH ${BRANCH}
 
+LABEL org.opencontainers.image.title="secureCodeBox scanner-webapplication-arachni" \
+    org.opencontainers.image.description="Arachni integration for secureCodeBox" \
+    org.opencontainers.image.authors="iteratec GmbH" \
+    org.opencontainers.image.vendor="iteratec GmbH" \
+    org.opencontainers.image.documentation="https://github.com/secureCodeBox/secureCodeBox" \
+    org.opencontainers.image.licenses="Apache-2.0" \
+    org.opencontainers.image.version=$VERSION \
+    org.opencontainers.image.url=$REPOSITORY_URL \
+    org.opencontainers.image.source=$REPOSITORY_URL \
+    org.opencontainers.image.revision=$COMMIT_ID \
+    org.opencontainers.image.created=$BUILD_DATE
+
 ENTRYPOINT ["bash","/sectools/src/starter.sh"]

README.md

@@ -1,33 +1,38 @@
 ![Build Status](https://travis-ci.com/secureCodeBox/scanner-webapplication-arachni.svg?token=2Rsf2E9Bq3FduSxRf6tz&branch=develop)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![GitHub release](https://img.shields.io/github/release/secureCodeBox/scanner-webapplication-arachni.svg)](https://github.com/secureCodeBox/scanner-webapplication-arachni/releases/latest)
 
 # Important License information
+
 The code in this repository is licensed under Apache 2.0.
 
 Arachni is licensed under the [Arachni Public Source License](ARACHNI_LICENSE.md) with using this scanner you have to agree to the license!
 
 # About
+
 This is a self contained µService utilizing the Arachni Web Scanner for the secureBox Application.
 
 Further Documentation:
-* [Project Description][scb-project]
-* [Developer Guide][scb-developer-guide]
-* [User Guide][scb-user-guide]
+
+- [Project Description][scb-project]
+- [Developer Guide][scb-developer-guide]
+- [User Guide][scb-user-guide]
 
 ## Configuration Options
+
 To configure this service specify the following environment variables:
 
-| Environment Variable       | Value Example         |
-| -------------------------- | --------------------- |
-| ENGINE_ADDRESS             | http://engine         |
-| ENGINE_BASIC_AUTH_USER     | username              |
-| ENGINE_BASIC_AUTH_PASSWORD | 123456                |
+| Environment Variable       | Value Example |
+| -------------------------- | ------------- |
+| ENGINE_ADDRESS             | http://engine |
+| ENGINE_BASIC_AUTH_USER     | username      |
+| ENGINE_BASIC_AUTH_PASSWORD | 123456        |
 
 ## Build with docker
-To build the docker container run: `docker build -t CONTAINER_NAME:LABEL .`
 
+To build the docker container run: `docker build -t CONTAINER_NAME:LABEL .`
 
-[scb-project]:              https://github.com/secureCodeBox/secureCodeBox
-[scb-developer-guide]:      https://github.com/secureCodeBox/secureCodeBox/blob/develop/docs/developer-guide/README.md
+[scb-project]: https://github.com/secureCodeBox/secureCodeBox
+[scb-developer-guide]: https://github.com/secureCodeBox/secureCodeBox/blob/develop/docs/developer-guide/README.md
 [scb-developer-guidelines]: https://github.com/secureCodeBox/secureCodeBox/blob/develop/docs/developer-guide/README.md#guidelines
-[scb-user-guide]:           https://github.com/secureCodeBox/secureCodeBox/tree/develop/docs/user-guide
+[scb-user-guide]: https://github.com/secureCodeBox/secureCodeBox/tree/develop/docs/user-guide