Loading templates/gitlab-ci-defectdojo.yml +5 −5 Original line number Diff line number Diff line Loading @@ -170,7 +170,7 @@ variables: fi log_info "call to API v2 ${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_init_findings.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_init_findings.json init_vulns=$(jq ".results[] | .id" api_init_findings.json) nb_reports=0 Loading Loading @@ -353,7 +353,7 @@ variables: echo "{\"engagement_type\": \"CI/CD\", \"product\": \"${dd_product_pk}\", \"name\": \"${_engname}\", \"source_code_management_uri\": \"${CI_PROJECT_URL}\", \"commit_hash\": \"${CI_COMMIT_SHA}\", \"branch_tag\": \"${branch_tag}\", \"status\": \"In Progress\", \"target_start\": \"${_today}\", \"target_end\": \"${_end}\", \"description\": \"${commit_info}\"}" > api_input.json # post request to create engagement curl -LX POST -d @api_input.json "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_output.txt curl -LX POST -d @api_input.json "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_output.txt engagement_id=$(jq ".id" api_output.txt) echo "engagement_id: $engagement_id" Loading Loading @@ -485,7 +485,7 @@ variables: # Close the engagement curl -L -X POST "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/$engagement_id/close/" --header "Authorization: Token $DEFECTDOJO_API_KEY" -d '' curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_final_findings.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_final_findings.json final_vulns=$(jq ".results[] | .id" api_final_findings.json) nb_new_vulns=0 for final_id in ${final_vulns}; do Loading Loading @@ -535,13 +535,13 @@ variables: # get test_type id curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/test_types/?limit=200" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_test_type.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/test_types/?limit=200" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_test_type.json dd_test_type_pk=$(jq '.results[] | select(.name == "'"${_type}"'") | .id' api_test_type.json) log_info "dd_test_type_pk: ${dd_test_type_pk}" # post request to import scan log_info "try to import scan ${_file} ${_scan_date} ${_type}" curl -LX POST "${DEFECTDOJO_SERVER_URL}/api/v2/import-scan/" -H "Content-Type: multipart/form-data" -H "Authorization: Token $DEFECTDOJO_API_KEY" -F file=@"${_file}" -F scan_date="${_scan_date}" -F scan_type="${_type}" -F engagement="${_engagement_id}" -F close_old_findings="true" -F close_old_findings_product_scope="true" -F service="${_service}" --verbose 1> test.txt curl -LX POST "${DEFECTDOJO_SERVER_URL}/api/v2/import-scan/" -H "Content-Type: multipart/form-data" -H "Authorization: Token $DEFECTDOJO_API_KEY" -F file=@"${_file}" -F scan_date="${_scan_date}" -F scan_type="${_type}" -F engagement="${_engagement_id}" -F close_old_findings="true" -F close_old_findings_product_scope="true" -F service="${_service}" ${TRACE+--verbose} 1> test.txt test_pk=$(jq ".test" test.txt) log_info "test_pk: ${test_pk}" if [[ -z "${test_pk}" ]]; then Loading Loading
templates/gitlab-ci-defectdojo.yml +5 −5 Original line number Diff line number Diff line Loading @@ -170,7 +170,7 @@ variables: fi log_info "call to API v2 ${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_init_findings.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_init_findings.json init_vulns=$(jq ".results[] | .id" api_init_findings.json) nb_reports=0 Loading Loading @@ -353,7 +353,7 @@ variables: echo "{\"engagement_type\": \"CI/CD\", \"product\": \"${dd_product_pk}\", \"name\": \"${_engname}\", \"source_code_management_uri\": \"${CI_PROJECT_URL}\", \"commit_hash\": \"${CI_COMMIT_SHA}\", \"branch_tag\": \"${branch_tag}\", \"status\": \"In Progress\", \"target_start\": \"${_today}\", \"target_end\": \"${_end}\", \"description\": \"${commit_info}\"}" > api_input.json # post request to create engagement curl -LX POST -d @api_input.json "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_output.txt curl -LX POST -d @api_input.json "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_output.txt engagement_id=$(jq ".id" api_output.txt) echo "engagement_id: $engagement_id" Loading Loading @@ -485,7 +485,7 @@ variables: # Close the engagement curl -L -X POST "${DEFECTDOJO_SERVER_URL}/api/v2/engagements/$engagement_id/close/" --header "Authorization: Token $DEFECTDOJO_API_KEY" -d '' curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_final_findings.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/findings/?test__engagement__product=${dd_product_pk}&severity=$DEFECTDOJO_NOTIFICATION_SEVERITIES&limit=100&false_p=false&duplicate=false&active=true" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_final_findings.json final_vulns=$(jq ".results[] | .id" api_final_findings.json) nb_new_vulns=0 for final_id in ${final_vulns}; do Loading Loading @@ -535,13 +535,13 @@ variables: # get test_type id curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/test_types/?limit=200" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" --verbose 1> api_test_type.json curl -L "${DEFECTDOJO_SERVER_URL}/api/v2/test_types/?limit=200" --header "Content-Type: application/json" --header "Authorization: Token $DEFECTDOJO_API_KEY" ${TRACE+--verbose} 1> api_test_type.json dd_test_type_pk=$(jq '.results[] | select(.name == "'"${_type}"'") | .id' api_test_type.json) log_info "dd_test_type_pk: ${dd_test_type_pk}" # post request to import scan log_info "try to import scan ${_file} ${_scan_date} ${_type}" curl -LX POST "${DEFECTDOJO_SERVER_URL}/api/v2/import-scan/" -H "Content-Type: multipart/form-data" -H "Authorization: Token $DEFECTDOJO_API_KEY" -F file=@"${_file}" -F scan_date="${_scan_date}" -F scan_type="${_type}" -F engagement="${_engagement_id}" -F close_old_findings="true" -F close_old_findings_product_scope="true" -F service="${_service}" --verbose 1> test.txt curl -LX POST "${DEFECTDOJO_SERVER_URL}/api/v2/import-scan/" -H "Content-Type: multipart/form-data" -H "Authorization: Token $DEFECTDOJO_API_KEY" -F file=@"${_file}" -F scan_date="${_scan_date}" -F scan_type="${_type}" -F engagement="${_engagement_id}" -F close_old_findings="true" -F close_old_findings_product_scope="true" -F service="${_service}" ${TRACE+--verbose} 1> test.txt test_pk=$(jq ".test" test.txt) log_info "test_pk: ${test_pk}" if [[ -z "${test_pk}" ]]; then Loading
