Loading c/cppcheck.yml +4 −3 Original line number Diff line number Diff line Loading @@ -15,9 +15,10 @@ c:cppcheck: script: - !reference [".c:pre", script] - cppcheck --version - cppcheck --xml-version=2 ${CPPCHECK_DEFAULT_ARGS} ${CPPCHECK_EXTRA_ARGS} --enable=${CPPCHECK_ENABLE} --error-exitcode=${CPPCHECK_EXIT_CODE} . 2> ${CI_PROJECT_DIR}/cppcheck-result.xml - (set -x; cppcheck --xml-version=2 ${CPPCHECK_DEFAULT_ARGS} ${CPPCHECK_EXTRA_ARGS} --enable=${CPPCHECK_ENABLE} --error-exitcode=${CPPCHECK_EXIT_CODE} . 2> ${CI_PROJECT_DIR}/cppcheck-result.xml) after_script: - cppcheck_junit ${CI_PROJECT_DIR}/cppcheck-result.xml ${CI_PROJECT_DIR}/cppcheck-junit.xml Loading c/flawfinder.yml +3 −2 Original line number Diff line number Diff line Loading @@ -16,5 +16,6 @@ c:flawfinder: script: - !reference [".c:pre", script] - flawfinder --version - flawfinder ${FLAWFINDER_DEFAULT_ARGS} ${FLAWFINDER_EXTRA_ARGS} --minlevel ${FLAWFINDER_MIN_LEVEL} --error-level=${FLAWFINDER_ERROR_LEVEL} . - (set -x; flawfinder ${FLAWFINDER_DEFAULT_ARGS} ${FLAWFINDER_EXTRA_ARGS} --minlevel ${FLAWFINDER_MIN_LEVEL} --error-level=${FLAWFINDER_ERROR_LEVEL} .) container/buildah.yml +2 −2 Original line number Diff line number Diff line Loading @@ -21,10 +21,10 @@ variables: ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /tmp/auth.json - buildah --version - buildah build --authfile /tmp/auth.json -f ${IMAGE_CONTAINERFILE} - (set -x; buildah build --authfile /tmp/auth.json -f ${IMAGE_CONTAINERFILE} --tag=${IMAGE_NAME}:${IMAGE_DEV_TAG} --tag=${IMAGE_NAME}:${IMAGE_TAG} --layers=${IMAGE_CACHE} ${BUILDAH_DEFAULT_ARGS} ${BUILDAH_EXTRA_ARGS} ${IMAGE_CONTEXT} ${IMAGE_CONTEXT}) - | for IMAGE in "${IMAGE_NAME}:${IMAGE_TAG}" "${IMAGE_NAME}:${IMAGE_DEV_TAG}"; do buildah push --authfile /tmp/auth.json ${IMAGE} Loading container/docker.yml +2 −2 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ variables: echo "[*] Applying the extra arguments '${DOCKER_EXTRA_ARGS}'." fi - | docker buildx build --push \ (set -x; docker buildx build --push \ --tag ${IMAGE_NAME}:${IMAGE_TAG} \ --tag ${IMAGE_NAME}:${IMAGE_DEV_TAG} \ -f ${IMAGE_CONTAINERFILE} ${DOCKER_EXTRA_ARGS} . -f ${IMAGE_CONTAINERFILE} ${DOCKER_EXTRA_ARGS} .) container/grype.yml +2 −2 Original line number Diff line number Diff line Loading @@ -28,9 +28,9 @@ variables: - cat ${CI_PROJECT_DIR}/grype.txt | grep -E ${GRYPE_CVE_BLACKLIST_REGEX} && exit 1 || exit 0 # 3) fail job if vulnerabilities at or above GRYPE_FAIL_ON_THRESHOLD - grype sbom:${CI_PROJECT_DIR}/syft.json --output=table --file - (set -x; grype sbom:${CI_PROJECT_DIR}/syft.json --output=table --file ${CI_PROJECT_DIR}/grype.txt --fail-on ${GRYPE_FAIL_ON_THRESHOLD} ${GRYPE_DEFAULT_ARGS} ${GRYPE_EXTRA_ARGS} ${GRYPE_DEFAULT_ARGS} ${GRYPE_EXTRA_ARGS}) artifacts: paths: - syft.json Loading Loading
c/cppcheck.yml +4 −3 Original line number Diff line number Diff line Loading @@ -15,9 +15,10 @@ c:cppcheck: script: - !reference [".c:pre", script] - cppcheck --version - cppcheck --xml-version=2 ${CPPCHECK_DEFAULT_ARGS} ${CPPCHECK_EXTRA_ARGS} --enable=${CPPCHECK_ENABLE} --error-exitcode=${CPPCHECK_EXIT_CODE} . 2> ${CI_PROJECT_DIR}/cppcheck-result.xml - (set -x; cppcheck --xml-version=2 ${CPPCHECK_DEFAULT_ARGS} ${CPPCHECK_EXTRA_ARGS} --enable=${CPPCHECK_ENABLE} --error-exitcode=${CPPCHECK_EXIT_CODE} . 2> ${CI_PROJECT_DIR}/cppcheck-result.xml) after_script: - cppcheck_junit ${CI_PROJECT_DIR}/cppcheck-result.xml ${CI_PROJECT_DIR}/cppcheck-junit.xml Loading
c/flawfinder.yml +3 −2 Original line number Diff line number Diff line Loading @@ -16,5 +16,6 @@ c:flawfinder: script: - !reference [".c:pre", script] - flawfinder --version - flawfinder ${FLAWFINDER_DEFAULT_ARGS} ${FLAWFINDER_EXTRA_ARGS} --minlevel ${FLAWFINDER_MIN_LEVEL} --error-level=${FLAWFINDER_ERROR_LEVEL} . - (set -x; flawfinder ${FLAWFINDER_DEFAULT_ARGS} ${FLAWFINDER_EXTRA_ARGS} --minlevel ${FLAWFINDER_MIN_LEVEL} --error-level=${FLAWFINDER_ERROR_LEVEL} .)
container/buildah.yml +2 −2 Original line number Diff line number Diff line Loading @@ -21,10 +21,10 @@ variables: ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /tmp/auth.json - buildah --version - buildah build --authfile /tmp/auth.json -f ${IMAGE_CONTAINERFILE} - (set -x; buildah build --authfile /tmp/auth.json -f ${IMAGE_CONTAINERFILE} --tag=${IMAGE_NAME}:${IMAGE_DEV_TAG} --tag=${IMAGE_NAME}:${IMAGE_TAG} --layers=${IMAGE_CACHE} ${BUILDAH_DEFAULT_ARGS} ${BUILDAH_EXTRA_ARGS} ${IMAGE_CONTEXT} ${IMAGE_CONTEXT}) - | for IMAGE in "${IMAGE_NAME}:${IMAGE_TAG}" "${IMAGE_NAME}:${IMAGE_DEV_TAG}"; do buildah push --authfile /tmp/auth.json ${IMAGE} Loading
container/docker.yml +2 −2 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ variables: echo "[*] Applying the extra arguments '${DOCKER_EXTRA_ARGS}'." fi - | docker buildx build --push \ (set -x; docker buildx build --push \ --tag ${IMAGE_NAME}:${IMAGE_TAG} \ --tag ${IMAGE_NAME}:${IMAGE_DEV_TAG} \ -f ${IMAGE_CONTAINERFILE} ${DOCKER_EXTRA_ARGS} . -f ${IMAGE_CONTAINERFILE} ${DOCKER_EXTRA_ARGS} .)
container/grype.yml +2 −2 Original line number Diff line number Diff line Loading @@ -28,9 +28,9 @@ variables: - cat ${CI_PROJECT_DIR}/grype.txt | grep -E ${GRYPE_CVE_BLACKLIST_REGEX} && exit 1 || exit 0 # 3) fail job if vulnerabilities at or above GRYPE_FAIL_ON_THRESHOLD - grype sbom:${CI_PROJECT_DIR}/syft.json --output=table --file - (set -x; grype sbom:${CI_PROJECT_DIR}/syft.json --output=table --file ${CI_PROJECT_DIR}/grype.txt --fail-on ${GRYPE_FAIL_ON_THRESHOLD} ${GRYPE_DEFAULT_ARGS} ${GRYPE_EXTRA_ARGS} ${GRYPE_DEFAULT_ARGS} ${GRYPE_EXTRA_ARGS}) artifacts: paths: - syft.json Loading
