-
Notifications
You must be signed in to change notification settings - Fork 0
/
not(.travis.yml)
42 lines (35 loc) · 1.31 KB
/
not(.travis.yml)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
language: generic
services:
- docker
before_script:
# Install Trivy
- wget https://github.com/aquasecurity/trivy/releases/latest/download/trivy_0.56.2_Linux-64bit.deb
- sudo dpkg -i trivy_0.56.2_Linux-64bit.deb
- pwd
- ls -al
script:
# Build Docker image
- docker build -t trivy-travis:latest .
# Update Trivy database
- trivy db update
# Scan Docker image with Trivy and save the report in json format
- trivy image --exit-code 1 --severity HIGH,CRITICAL --format json -o trivy1-report.json trivy-travis:latest || true
# Check if the report file was created
- if [ -f trivy1-report.json ]; then echo "Report generated successfully."; else echo "Report not generated."; fi
# Ensure proper permissions for the report file
- chmod 644 trivy1-report.json || echo "Report file missing, skipping chmod."
after_script:
- echo "Uploading report to DefectDojo..."
- |
if [ -f trivy1-report.json ]; then
curl -X POST "$DEFECTDOJO_URL/api/v2/import-scan/" \
-H "Authorization: Token $DEFECTDOJO_API_TOKEN" \
-F "[email protected]" \
-F "scan_type=Trivy" \
-F "engagement=10" \
-F "product=33" \
-F "version=None" \
-F "notes=Trivy report uploaded from Travis CI";
else
echo "Report not found, skipping upload.";
fi