Commit cfe9aa17 authored by Cédric OLIVIER's avatar Cédric OLIVIER
Browse files

Merge branch 'feat/component' into 'master' 

feat: migrate to CI/CD component

See merge request to-be-continuous/mobsf!40
parents 2188ef8b 492968b0

.gitlab-ci.yml

+1 −1
Original line number Diff line number Diff line
@@ -10,7 +10,7 @@ include: 
    file: '/templates/validation.yml'

  - project: 'to-be-continuous/bash'

    ref: '3.3'

    file: 'templates/gitlab-ci-bash.yml'

    file: '/templates/gitlab-ci-bash.yml'

  - project: 'to-be-continuous/semantic-release'

    ref: '3.7'

    file: '/templates/gitlab-ci-semrel.yml'

README.md

+28 −5
Original line number Diff line number Diff line
@@ -5,24 +5,47 @@ security assessment for mobile applications with [Mobile Security Framework](htt 


## Usage



In order to include this template in your project, add the following to your `gitlab-ci.yml`:

This template can be used both as a [CI/CD component](https://docs.gitlab.com/ee/ci/components/#use-a-component-in-a-cicd-configuration) 

or using the legacy [`include:project`](https://docs.gitlab.com/ee/ci/yaml/index.html#includeproject) syntax.



### Use as a CI/CD component



Add the following to your `gitlab-ci.yml`:



```yaml

include:

  # 1: include the component

  - component: gitlab.com/to-be-continuous/mobsf/gitlab-ci-mobsf@2.2.0

    # 2: set/override component inputs

    inputs:

      app-file: "build/myapp.apk" # ⚠ this is only an example

```



### Use as a CI/CD template (legacy)



Add the following to your `gitlab-ci.yml`:



```yaml

include:

  # 1: include the template

  - project: 'to-be-continuous/mobsf'

    ref: '2.2.0'

    file: '/templates/gitlab-ci-mobsf.yml'



variables:

  # 2: set/override template variables

  MOBSF_APP_FILE: "build/myapp.apk" # ⚠ this is only an example

```



## Global configuration



The MobSF template uses some global configuration used throughout all jobs.



| Name                   | Description                                                | Default value                                  |

| Input / Variable | Description                                                | Default value                                  |

| ---------------------- | ---------------------------------------------------------- | ---------------------------------------------- |

| `MOBSF_CLIENT_IMAGE`   | The Docker image used to send requests to the MobSF server | `registry.hub.docker.com/badouralix/curl-jq` |

| `MOBSF_APP_FILE`       | Application package file (APK or IPA)                      | _none_                                         |

| `MOBSF_SERVER_URL`     | URL of MobSF server                                        | _none_ (runs the scan on a local server)       |

| `client-image` / `MOBSF_CLIENT_IMAGE` | The Docker image used to send requests to the MobSF server | `registry.hub.docker.com/badouralix/curl-jq` |

| `app-file` / `MOBSF_APP_FILE` | Application package file (APK or IPA)                      | _none_                                         |

| `server-url` / `MOBSF_SERVER_URL` | URL of MobSF server                                        | _none_ (runs the scan on a local server)       |

| :lock: `MOBSF_API_KEY` | API key of the MobSF server                                | _none_ (runs the scan on a local server)       |



## Jobs

bumpversion.sh

+2 −2
Original line number Diff line number Diff line
@@ -27,13 +27,13 @@ if [[ "$curVer" ]]; then 
  log_info "Bump version from \\e[33;1m${curVer}\\e[0m to \\e[33;1m${nextVer}\\e[0m (release type: $relType)..."



  # replace in README

  sed -e "s/ref: '$curVer'/ref: '$nextVer'/" README.md > README.md.next

  sed -e "s/ref: *'$curVer'/ref: '$nextVer'/" -e "s/ref: *\"$curVer\”/ref: \”$nextVer\”/" -e "s/component: *\(.*\)@$curVer/component: \1@$nextVer/" README.md > README.md.next

  mv -f README.md.next README.md



  # replace in template and variants

  for tmpl in templates/*.yml

  do

    sed -e "s/\"$curVer\"/\"$nextVer\"/" "$tmpl" > "$tmpl.next"

    sed -e "s/command: *\[\"--service\", \"\(.*\)\", \"$curVer\"\]/command: [\"--service\", \"\1\", \"$nextVer\"]/" "$tmpl" > "$tmpl.next"

    mv -f "$tmpl.next" "$tmpl"

  done

else

kicker.json

+3 −1
Original line number Diff line number Diff line
@@ -3,6 +3,8 @@ 
  "description": "Perform pen-testing, malware analysis and security assessment for mobile applications with [Mobile Security Framework](https://github.com/MobSF/Mobile-Security-Framework-MobSF) (MobSF)",

  "template_path": "templates/gitlab-ci-mobsf.yml",

  "kind": "analyse",

  "prefix": "mobsf",

  "is_component": true,

  "variables": [

    {

      "name": "MOBSF_CLIENT_IMAGE",
@@ -17,7 +19,7 @@ 
    {

      "name": "MOBSF_API_KEY",

      "description": "API key of the MobSF server",

      "secret": false

      "secret": true

    },

    {

      "name": "MOBSF_APP_FILE",

logo.png

+24.5 KiB (38.1 KiB)
Loading image diff...