metadata: name: malwareExecuteScan description: Performs a malware scan using the [SAP Malware Scanning Service](https://help.sap.com/viewer/b416237f818c4e2e827f6118640079f8/LATEST/en-US/b7c9b86fe724458086a502df3160f380.html). longDescription: | Performs a malware scan using the [SAP Malware Scanning Service](https://help.sap.com/viewer/b416237f818c4e2e827f6118640079f8/LATEST/en-US/b7c9b86fe724458086a502df3160f380.html). spec: inputs: secrets: - name: malwareScanCredentialsId description: Jenkins 'Username with password' credentials ID containing the technical user/password credential used to communicate with the malwarescanning service. type: jenkins params: - name: buildTool type: string description: "Defines the tool which is used for building the artifact." mandatory: true scope: - GENERAL - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: buildTool - name: dockerConfigJSON type: string description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/). scope: - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: commonPipelineEnvironment param: custom/dockerConfigJSON - name: dockerConfigJsonCredentialsId type: secret - type: vaultSecretFile name: dockerConfigFileVaultSecretName default: docker-config - name: containerRegistryPassword description: "For `buildTool: docker`: Password for container registry access - typically provided by the CI/CD environment." type: string scope: - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: commonPipelineEnvironment param: container/repositoryPassword - name: commonPipelineEnvironment param: custom/repositoryPassword - name: containerRegistryUser description: "For `buildTool: docker`: Username for container registry access - typically provided by the CI/CD environment." type: string scope: - PARAMETERS - STAGES - STEPS secret: true resourceRef: - name: commonPipelineEnvironment param: container/repositoryUsername - name: commonPipelineEnvironment param: custom/repositoryUsername - name: host type: string description: "malware scanning host." scope: - PARAMETERS - STAGES - STEPS mandatory: true - name: username type: string description: "User" scope: - PARAMETERS - STAGES - STEPS mandatory: true secret: true resourceRef: - name: malwareScanCredentialsId type: secret param: username - name: malwareScanUsernameVaultSecretName type: vaultSecret default: malware-scan - name: password type: string description: "Password" scope: - PARAMETERS - STAGES - STEPS mandatory: true secret: true resourceRef: - name: malwareScanCredentialsId type: secret param: password - name: malwareScanPasswordVaultSecretName type: vaultSecret default: malware-scan - name: scanImage type: string description: "For `buildTool: docker`: Defines the docker image which should be scanned." resourceRef: - name: commonPipelineEnvironment param: container/imageNameTag scope: - PARAMETERS - STAGES - STEPS - name: scanImageRegistryUrl type: string description: "For `buildTool: docker`: Defines the registry where the scanImage is located." resourceRef: - name: commonPipelineEnvironment param: container/registryUrl scope: - PARAMETERS - STAGES - STEPS - name: scanFile aliases: - name: file deprecated: true type: string description: "The file which is scanned for malware" scope: - PARAMETERS - STAGES - STEPS - name: timeout type: string description: "timeout for http layer in seconds" scope: - PARAMETERS - STAGES - STEPS mandatory: false default: 600 - name: reportFileName type: string description: The file name of the report to be created scope: - PARAMETERS - STAGES - STEPS default: malwarescan_report.json outputs: resources: - name: reports type: reports params: - filePattern: "**/toolrun_malwarescan_*.json" type: malwarescan - paramRef: reportFileName type: malwarescan