Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Multi-Stage-Build For Nikto #642

Merged
merged 3 commits into from
Sep 14, 2021
Merged

Use Multi-Stage-Build For Nikto #642

merged 3 commits into from
Sep 14, 2021

Conversation

fuhrmeistery
Copy link
Member

@fuhrmeistery fuhrmeistery commented Sep 13, 2021
edited

If applied, this PR will:

Signed-off-by: Yannik Fuhrmeister yannik.fuhrmeister@iteratec.com

@fuhrmeistery fuhrmeistery added ci Changes to the continuous integration setup enhancement New feature or request maintenance scanner Implement or update a security scanner labels Sep 13, 2021
@fuhrmeistery fuhrmeistery self-assigned this Sep 13, 2021
@fuhrmeistery fuhrmeistery added this to In progress in secureCodeBox v3 via automation Sep 13, 2021
@fuhrmeistery fuhrmeistery marked this pull request as draft September 13, 2021 10:39
@fuhrmeistery fuhrmeistery force-pushed the nikto-custom-dockerfile branch 5 times, most recently from 54a4575 to 90f1213 Compare September 13, 2021 11:54
@fuhrmeistery fuhrmeistery marked this pull request as ready for review September 13, 2021 11:57
secureCodeBox v3 automation moved this from In progress to Reviewer approved Sep 13, 2021
SebieF
SebieF previously approved these changes Sep 13, 2021
View reviewed changes
scanners/nikto/scanner/Dockerfile Outdated Show resolved Hide resolved
secureCodeBox v3 automation moved this from Reviewer approved to To Review Sep 13, 2021
@fuhrmeistery
Use Multi-Stage-Build For Nikto
55fc5f3 
As described in #610 the build for nikto was quite complicated and could
not be managed via matrix builds on GH.

To Fix this I created a multi-stage Dockerfile that clones the nikto
repo in the build stage and checks out the specified version.

The next stage installs all dependencies like in the Dockerfile provided
by the maintainer of nikto, copies nikto from the build stage and our
wrapper script.

I also noticed that the alpine version was a little behind so I changed
it from 3.12 to 3.14

Signed-off-by: Yannik Fuhrmeister <yannik.fuhrmeister@iteratec.com>
@fuhrmeistery
Add Nikto To Matrix Build
5be6d7b 
With the new multi-stage image it should be possible to add nikto to the
matrix build for 3rd-party scanners.

So I removed the build job for nikto and added nikto to the matrix

Signed-off-by: Yannik Fuhrmeister <yannik.fuhrmeister@iteratec.com>
@fuhrmeistery
Specify UID And GID For Nikto User
e18e2e5 
Signed-off-by: Yannik Fuhrmeister <yannik.fuhrmeister@protonmail.com>
secureCodeBox v3 automation moved this from To Review to Reviewer approved Sep 14, 2021
@fuhrmeistery fuhrmeistery merged commit b4df5f4 into main Sep 14, 2021
@fuhrmeistery fuhrmeistery deleted the nikto-custom-dockerfile branch September 14, 2021 10:10
secureCodeBox v3 automation moved this from Reviewer approved to Done Sep 14, 2021
@fuhrmeistery fuhrmeistery moved this from Done to counter in secureCodeBox v3 Sep 24, 2021
@Ilyesbdlala Ilyesbdlala mentioned this pull request Nov 24, 2021
Closed
7 tasks
@snyk-bot snyk-bot mentioned this pull request Sep 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J12934 J12934 J12934 left review comments

@SebieF SebieF SebieF approved these changes

Assignees

@fuhrmeistery fuhrmeistery

Labels
ci Changes to the continuous integration setup enhancement New feature or request maintenance scanner Implement or update a security scanner
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

🏗 Migrate Nikto Build to be in line with other 3rd party scanners
3 participants
@fuhrmeistery @J12934 @SebieF