Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
d00c15d2e7
PromucFlow_constructor/scripts/scout_vulnerabilities_data.sh

72 lines
2.5 KiB
Bash
Raw Normal View History

chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
#!/bin/bash
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
# Check required environment variables
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
required_vars=("DB_HOST" "DB_NAME" "DB_USER" "DB_PWD")
for var in "${required_vars[@]}"; do
if [ -z "${!var}" ] || [[ "${!var}" == "your_${var,,}" ]]; then
echo "Error: Required environment variable $var is missing or not set correctly."
exit 1
fi
done
DB_HOST="${DB_HOST}"
DB_NAME="${DB_NAME}"
DB_USER="${DB_USER}"
DB_PWD="${DB_PWD}"
# Assign the parameters from the workflow
IMAGE="$1"
GITHUB_PR_ID="$2"
GITHUB_PR_LINK="$3"
GITHUB_RUN_ID="$4"
OLD_VULN_FILE="${5:-vulnerability_base_data.csv}"
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# Compare each vulnerability with the database and store new ones in a CSV file
compare_and_store_vulns() {
local new_vulns_file="scout_new_vulnerabilities.csv"
echo "vurn_id,product,scanner_tool,priority" > "$new_vulns_file" # CSV header
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
while IFS=, read -r vurn_id product scanner_tool priority; do
if [[ -z "$vurn_id" || -z "$priority" || -z "$product" || -z "$scanner_tool" ]]; then
echo "Skipping empty vulnerability entry"
continue
fi
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# Clean up and trim spaces from input values
vurn_id=$(echo "$vurn_id" | sed "s/'/''/g" | sed 's/^[ \t]*//;s/[ \t]*$//')
priority=$(echo "$priority" | sed "s/'/''/g" | sed 's/^[ \t]*//;s/[ \t]*$//')
product=$(echo "$product" | sed "s/'/''/g" | sed 's/^[ \t]*//;s/[ \t]*$//' | tr -d '[:space:]')
scanner_tool=$(echo "$scanner_tool" | sed "s/'/''/g" | sed 's/^[ \t]*//;s/[ \t]*$//' | tr -d '[:space:]')
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# Check if vurn_id exists in the database
existing_entry=$(psql -t -c "SELECT vurn_id FROM vulnerability_tracking WHERE vurn_id = '$vurn_id'" "postgresql://$DB_USER:$DB_PWD@$DB_HOST/$DB_NAME" 2>/dev/null)
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
if [[ -z "$existing_entry" ]]; then
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# If vurn_id doesn't exist, store data in CSV file
echo "$vurn_id,$product,$scanner_tool,$priority" >> "$new_vulns_file"
echo "New vulnerability detected: $vurn_id"
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
else
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
echo "Skipping existing vulnerability: $vurn_id"
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
fi
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
done < "$CSV_OUTPUT_FILE"
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# Print the contents of new vulnerabilities
if [ -s "$new_vulns_file" ]; then
echo "****************************************************************"
echo "New vulnerabilities stored in $new_vulns_file:"
cat "$new_vulns_file"
echo "****************************************************************"
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
else
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
echo "No new vulnerabilities to store."
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
fi
}
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
# Check if there are vulnerabilities to process
chore: New schema change for vulnerabilities test (#37204) ## Description optimise the view for large number of records Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11677745846> > Commit: 083266c8bdd82c3ff2aa0d58c1acb57d974cd46d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11677745846&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Tue, 05 Nov 2024 05:12:55 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Enhanced error handling and functionality in vulnerability data scripts. - Introduced a new function for inserting vulnerabilities into the database, improving data management. - **Bug Fixes** - Improved reliability of database insertion and handling of existing records. - Streamlined installation processes for Docker Scout and Trivy with increased retry attempts. - **Refactor** - Simplified scripts by removing old vulnerability comparisons and unnecessary comments. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-11-05 06:41:51 +00:00
if [ -s "$CSV_OUTPUT_FILE" ]; then
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
compare_and_store_vulns
chore: Added scout & trivy scan to github workflow (#37022) ## Description Run trivy and scout scanner with image name Fixes #`37036` ## Automation /ok-to-test tags="@tag.IDE" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/11480586298> > Commit: 5ebbcd37ec177c781d8b0be38a83ce695d211c9d > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=11480586298&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.IDE` > Spec: > <hr>Wed, 23 Oct 2024 13:36:44 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced two new scripts for automated vulnerability scanning of Docker images: `scout_vulnerabilities_data.sh` and `trivy_vulnerabilities_data.sh`. - Added a GitHub Actions workflow to automate vulnerability scanning and update pull requests with results. - **Bug Fixes** - Improved error handling for missing environment variables in the new scripts. - **Documentation** - Added details on the new workflow and its steps for user reference. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2024-10-23 14:31:40 +00:00
else
chore: new update for failing job on new vulnerabilities (#37273) ## Description Failing job if new vurn found Fixes #`37036` ## Automation /ok-to-test tags="" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!CAUTION] > If you modify the content in this section, you are likely to disrupt the CI result for your PR. <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No
2024-11-07 07:59:35 +00:00
echo "No vulnerabilities to process."
fi
Reference in New Issue Copy Permalink