mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-04-23 12:19:04 +02:00
e83a380c09
* Update configuration.md * Update build.md * Update cloneRepositories.md * Update integrationTest.md * Update post.md * Update prepareSystem.md * Update publish.md * Update configuration.md * Update configuration.md * Update introduction.md * Update build.md * Update CAP_Scenario.md * Update CAP_Scenario.md * Update abapEnvironmentAddons.md * Update abapEnvironmentAddons.md * Update abapEnvironmentTest.md * Update changeManagement.md * Update Readme.md * Update Readme.md * Update introduction.md * Update abapEnvironmentAssembleConfirm.md * Update abapEnvironmentAssemblePackages.md * Update abapEnvironmentCheckoutBranch.md * Update abapEnvironmentCloneGitRepo.md * Update abapEnvironmentCreateSystem.md * Update abapEnvironmentPullGitRepo.md * Update abapEnvironmentRunATCCheck.md * Update cloudFoundryCreateService.md * Update cloudFoundryCreateSpace.md * Update cloudFoundryDeleteSpace.md * Update mtaBuild.md * Update neoDeploy.md * Update protecodeExecuteScan.md * Update uiVeri5ExecuteTests.md * Update guidedtour.md * Update index.md * Update configuration.md * Update guidedtour.md * Update configuration.md * Update build.md * Update CAP_Scenario.md * Update TMS_Extension.md * Update TMS_Extension.md * Update abapEnvironmentAddons.md * Update abapEnvironmentTest.md * Update Readme.md * Update Readme.md * Update cloudFoundryDeploy.md * Update influxWriteData.md * Update neoDeploy.md * Update CAP_Scenario.md * Update TMS_Extension.md * Update Readme.md * Update Readme.md * Update guidedtour.md * Update guidedtour.md * Update guidedtour.md * Update configuration.md Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
1.5 KiB
1.5 KiB
${docGenStepName}
${docGenDescription}
Prerequisites
- Create a Username / Password credential with the Protecode user in your Jenkins credential store
- Look up your Group ID using REST API via
curl -u <username> "https://<protecode host>/api/groups/".
If the image is on a protected registry you can provide a Docker config.json file containing the credential information for the registry.
You can create it like explained in the Docker Success Center in the article about how to generate a new auth in the config.json file.
${docGenParameters}
Details
- The Protecode scan step is able to send a file addressed via parameter
filePathto the backend for scanning it for known vulnerabilities. - Alternatively an HTTP URL can be specified via
fetchUrl. Protecode will then download the artifact from there and scan it. - To support docker image scanning please provide
scanImagewith a docker like URL poiting to the image tag within the docker registry being used. - To receive the result it polls until the job completes.
- Once the job has completed a PDF report is pulled from the backend and archived in the build
- Finally the scan result is being analysed for critical findings with a CVSS v3 score >= 7.0 and if such findings are detected the build is failed based on the configuration setting
failOnSevereVulnerabilities. - During the analysis all CVEs which are triaged are ignored and will not provoke the build to fail.