From 97560632bf60ebde0eb66e81639f59560452759e Mon Sep 17 00:00:00 2001 From: Luke Brogan <87319782+lukebroganws@users.noreply.github.com> Date: Tue, 15 Feb 2022 11:35:15 +0000 Subject: [PATCH 1/3] Create azure-pipelines_maven_cached_ua.yml Create a cached UA Maven example for Azure DevOps. --- .../azure-pipelines_maven_cached_ua.yml | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml diff --git a/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml b/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml new file mode 100644 index 0000000..acbf5c7 --- /dev/null +++ b/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml @@ -0,0 +1,48 @@ +name: 'whitesource-cached-ua-azdo-maven' + +trigger: +- master + +pool: + vmImage: 'ubuntu-latest' + +steps: +- task: Maven@3 + inputs: + mavenPomFile: 'pom.xml' + goals: 'clean install' + mavenOptions: -DskipTests=true + publishJUnitResults: false + javaHomeOption: 'JDKVersion' + jdkVersionOption: '1.11' + mavenVersionOption: 'Default' + mavenAuthenticateFeed: false + effectivePomSkip: false + sonarQubeRunAnalysis: false + +- script: | + echo "Checking for the newer versions for WhiteSource Unified Agent" + res="$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/whitesource/unified-agent-distribution/releases")" + latestRelease="$(echo "$res" | jq -s '.[] | sort_by(.published_at) | last')" + latestVer="$(echo "$latestRelease" | jq -rs '.[] | .tag_name')" + latestVerDate="$(date -d "$(echo "$latestRelease" | jq -rs '.[] | .published_at')" +%s)" + if [ -f "${CI_PROJECT_DIR}/wss-unified-agent.jar" ] ; then + curVerDate="$(stat -c %Y "${CI_PROJECT_DIR}/wss-unified-agent.jar" 2>/dev/null)" + else + curVerDate=0 + fi + if [ $latestVerDate -gt $curVerDate ] ; then + echo "Downloading WhiteSource Unified Agent latest version ($latestVer)" + curl -LJO https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar + else + echo "Already using the latest version of the WhiteSource Unified Agent" + fi + echo "WhiteSource Scan" + java -jar ./wss-unified-agent.jar + env: + WS_APIKEY: $(APIKEY) + WS_USERKEY: $(USERKEY) + WS_WSS_URL: https://saas.whitesourcesoftware.com/agent + WS_PRODUCTNAME: AZDO_$(System.TeamProject) + WS_PROJECTNAME: $(Build.Repository.Name)_$(Build.SourceBranchName) + displayName: 'WhiteSource Scan' From ab9d1160aa2a5328873dd213cff2be57cedb7cee Mon Sep 17 00:00:00 2001 From: Luke Brogan <87319782+lukebroganws@users.noreply.github.com> Date: Sun, 3 Apr 2022 10:31:36 +0100 Subject: [PATCH 2/3] Update azure-pipelines_maven_cached_ua.yml Adding UA integrity check. --- CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml b/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml index acbf5c7..2672e14 100644 --- a/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml +++ b/CI-CD/AzureDevOps/azure-pipelines_maven_cached_ua.yml @@ -37,6 +37,10 @@ steps: else echo "Already using the latest version of the WhiteSource Unified Agent" fi + if [[ "$(curl -sL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar.sha256)" != "$(sha256sum wss-unified-agent.jar)" ]] ; then + echo "Integrity Check Failed" + else + echo "Integrity Check Passed" echo "WhiteSource Scan" java -jar ./wss-unified-agent.jar env: From ef200ec99b0662a20acd87e9862d7e68009bbecb Mon Sep 17 00:00:00 2001 From: Luke Brogan <87319782+lukebroganws@users.noreply.github.com> Date: Sun, 3 Apr 2022 10:40:13 +0100 Subject: [PATCH 3/3] Update gitlab-maven-cached-ua.yml Adding UA integrity check. --- CI-CD/GitLab/gitlab-maven-cached-ua.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CI-CD/GitLab/gitlab-maven-cached-ua.yml b/CI-CD/GitLab/gitlab-maven-cached-ua.yml index 8ddae43..a1f0f71 100644 --- a/CI-CD/GitLab/gitlab-maven-cached-ua.yml +++ b/CI-CD/GitLab/gitlab-maven-cached-ua.yml @@ -48,7 +48,10 @@ ws_scan: else echo "Already using the latest version of the WhiteSource Unified Agent" fi - + if [[ "$(curl -sL https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar.sha256)" != "$(sha256sum wss-unified-agent.jar)" ]] ; then + echo "Integrity Check Failed" + else + echo "Integrity Check Passed" echo "WhiteSource Scan" java -jar ./wss-unified-agent.jar tags: