42 lines
1.3 KiB
Go
42 lines
1.3 KiB
Go
package tasks
|
|
|
|
import (
|
|
"ocl/portainer-devtool/tasks/common"
|
|
"ocl/portainer-devtool/utils"
|
|
)
|
|
|
|
type CodeSecurityScanTask struct {
|
|
ParentTasks []common.Tasker
|
|
}
|
|
|
|
func NewCodeSecurityScanTask() *CodeSecurityScanTask {
|
|
return &CodeSecurityScanTask{}
|
|
}
|
|
|
|
func (task *CodeSecurityScanTask) Execute() error {
|
|
utils.SuccessPrint(`
|
|
1. Scan client with snyk: "snyk test"
|
|
2. Scan server with snyk: "cd api && snyk test"
|
|
3. If snyk is not authenticated: "snyk auth"
|
|
4. Specify the severity threshold: "snyk test --severity-threshold=<low|medium|high|critical>"
|
|
5. Other commands with snyk: "snyk --help"
|
|
`)
|
|
|
|
utils.SuccessPrint(`
|
|
Steps to scan portainer image with Trivy:
|
|
1. Build the local image: "docker build -t oscarzhou/portainer:dev-ee -f build/linux/Dockfile ."
|
|
2. Scan with trivy: 'docker run --rm -v "/var/run/docker.sock":"/var/run/docker.sock" aquasec/trivy:latest image oscarzhou/portainer:dev-ee'
|
|
3. Other commands with trivy: 'docker run --rm -v "/var/run/docker.sock":"/var/run/docker.sock" aquasec/trivy:latest --help'
|
|
`)
|
|
|
|
return nil
|
|
}
|
|
|
|
func (task *CodeSecurityScanTask) SetParentTaskers(tasks []common.Tasker) {
|
|
task.ParentTasks = tasks
|
|
}
|
|
|
|
func (task *CodeSecurityScanTask) String() string {
|
|
return "Code Security Scan"
|
|
}
|