From d8431550f3f7abe57945428b3d73c622b131e169 Mon Sep 17 00:00:00 2001 From: oscarzhou Date: Mon, 26 Dec 2022 01:10:16 +1300 Subject: [PATCH] task: add code security scan option --- go/main.go | 1 + go/tasks/code_security_scan.go | 35 ++++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 go/tasks/code_security_scan.go diff --git a/go/main.go b/go/main.go index f70a3f5..16c38c2 100644 --- a/go/main.go +++ b/go/main.go @@ -22,6 +22,7 @@ func main() { taskItems := []tasks.Tasker{ tasks.NewGenerateJwtTokenTask(config), tasks.NewCurlLookupTask(), + tasks.NewCodeSecurityScanTask(), tasks.NewExitTask(), } diff --git a/go/tasks/code_security_scan.go b/go/tasks/code_security_scan.go new file mode 100644 index 0000000..63b6411 --- /dev/null +++ b/go/tasks/code_security_scan.go @@ -0,0 +1,35 @@ +package tasks + +import ( + "ocl/portainer-devtool/utils" +) + +type CodeSecurityScanTask struct { +} + +func NewCodeSecurityScanTask() *CodeSecurityScanTask { + return &CodeSecurityScanTask{} +} + +func (task *CodeSecurityScanTask) Execute() error { + utils.SuccessPrint(` + 1. Scan client with snyk: "snyk test" + 2. Scan server with snyk: "cd api && snyk test" + 3. If snyk is not authenticated: "snyk auth" + 4. Specify the severity threshold: "snyk test --severity-threshold=" + 5. Other commands with snyk: "snyk --help" + `) + + utils.SuccessPrint(` + Steps to scan portainer image with Trivy: + 1. Build the local image: "docker build -t oscarzhou/portainer:dev-ee -f build/linux/Dockfile ." + 2. Scan with trivy: 'docker run --rm -v "/var/run/docker.sock":"/var/run/docker.sock" aquasec/trivy:latest image oscarzhou/portainer:dev-ee' + 3. Other commands with trivy: 'docker run --rm -v "/var/run/docker.sock":"/var/run/docker.sock" aquasec/trivy:latest --help' + `) + + return nil +} + +func (task *CodeSecurityScanTask) String() string { + return "Code Security Scan" +}