mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-04-25 12:24:42 +02:00
e83a380c09
* Update configuration.md * Update build.md * Update cloneRepositories.md * Update integrationTest.md * Update post.md * Update prepareSystem.md * Update publish.md * Update configuration.md * Update configuration.md * Update introduction.md * Update build.md * Update CAP_Scenario.md * Update CAP_Scenario.md * Update abapEnvironmentAddons.md * Update abapEnvironmentAddons.md * Update abapEnvironmentTest.md * Update changeManagement.md * Update Readme.md * Update Readme.md * Update introduction.md * Update abapEnvironmentAssembleConfirm.md * Update abapEnvironmentAssemblePackages.md * Update abapEnvironmentCheckoutBranch.md * Update abapEnvironmentCloneGitRepo.md * Update abapEnvironmentCreateSystem.md * Update abapEnvironmentPullGitRepo.md * Update abapEnvironmentRunATCCheck.md * Update cloudFoundryCreateService.md * Update cloudFoundryCreateSpace.md * Update cloudFoundryDeleteSpace.md * Update mtaBuild.md * Update neoDeploy.md * Update protecodeExecuteScan.md * Update uiVeri5ExecuteTests.md * Update guidedtour.md * Update index.md * Update configuration.md * Update guidedtour.md * Update configuration.md * Update build.md * Update CAP_Scenario.md * Update TMS_Extension.md * Update TMS_Extension.md * Update abapEnvironmentAddons.md * Update abapEnvironmentTest.md * Update Readme.md * Update Readme.md * Update cloudFoundryDeploy.md * Update influxWriteData.md * Update neoDeploy.md * Update CAP_Scenario.md * Update TMS_Extension.md * Update Readme.md * Update Readme.md * Update guidedtour.md * Update guidedtour.md * Update guidedtour.md * Update configuration.md Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
26 lines
1.5 KiB
Markdown
26 lines
1.5 KiB
Markdown
# ${docGenStepName}
|
|
|
|
## ${docGenDescription}
|
|
|
|
## Prerequisites
|
|
|
|
1. Create a Username / Password credential with the Protecode user in your Jenkins credential store
|
|
1. Look up your Group ID using REST API via `curl -u <username> "https://<protecode host>/api/groups/"`.
|
|
|
|
If the image is on a protected registry you can provide a Docker `config.json` file containing the credential information for the registry.
|
|
You can create it like explained in the Docker Success Center in the article about [how to generate a new auth in the config.json file](https://success.docker.com/article/generate-new-auth-in-config-json-file).
|
|
|
|
## ${docGenParameters}
|
|
|
|
### Details
|
|
|
|
* The Protecode scan step is able to send a file addressed via parameter `filePath` to the backend for scanning it for known vulnerabilities.
|
|
* Alternatively an HTTP URL can be specified via `fetchUrl`. Protecode will then download the artifact from there and scan it.
|
|
* To support docker image scanning please provide `scanImage` with a docker like URL poiting to the image tag within the docker registry being used.
|
|
* To receive the result it polls until the job completes.
|
|
* Once the job has completed a PDF report is pulled from the backend and archived in the build
|
|
* Finally the scan result is being analysed for critical findings with a CVSS v3 score >= 7.0 and if such findings are detected the build is failed based on the configuration setting `failOnSevereVulnerabilities`.
|
|
* During the analysis all CVEs which are triaged are ignored and will not provoke the build to fail.
|
|
|
|
## ${docGenConfiguration}
|