forked from DefectDojo/django-DefectDojo
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.travis.yml
63 lines (55 loc) · 2.04 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
sudo: required
language: python
install: true
env:
- COMMIT=${TRAVIS_COMMIT::8}
services:
- docker
before_script:
- "export DISPLAY=:99.0"
- "sh -e /etc/init.d/xvfb start"
- sleep 3 # give xvfb some time to start
before_install:
## Docker Build
- export DOJO_ADMIN_USER=test_user
- export DOJO_ADMIN_PASSWORD=test_password
- export REPO=appsecpipeline/django-defectdojo
- export TAG=`if [ "$TRAVIS_BRANCH" == "master" ]; then echo "latest"; else echo $TRAVIS_BRANCH ; fi`
- docker build -t $REPO:${TRAVIS_COMMIT::8} .
- docker run -e DOJO_ADMIN_USER=$DOJO_ADMIN_USER -e DOJO_ADMIN_PASSWORD=$DOJO_ADMIN_PASSWORD --name dojo -d -p 127.0.0.1:8000:8000 $REPO:${TRAVIS_COMMIT::8} bash /django-DefectDojo/docker/docker-startup.bash
- sleep 15 #allow dojo time to startup
- docker logs dojo
- docker run -d --name zap --link dojo -p 127.0.0.1:8080:8080 -i owasp/zap2docker-stable zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.disablekey=true
- docker ps -a
- docker logs dojo
- echo "Checking to see if dojo is running"
- curl http://localhost:8000/login?next=/
## Selenium and ZAP requirements
- pip install selenium==2.53.6
- pip install requests
- pip install python-owasp-zap-v2.4
- pip install prettytable
- pip install bandit
after_success:
## Run the SRC:CLR Scan
- curl -sSL https://download.sourceclear.com/ci.sh | bash
## Run Bandit python static code
- bandit -r * -x venv,tests,ansible
## Run Docker Bench for Security
- git clone https://github.com/docker/docker-bench-security.git
- cd docker-bench-security
- sh docker-bench-security.sh
#Push to docker repo
- cd ../
- sh docker/dojo-container-build-push.bash
script:
- python tests/check_status.py -v && python tests/smoke_test.py
notifications:
slack:
rooms:
secure: nPXwHnPcf37yGkCkLimx5UmY9LTtOHL0lw88cAQeXCNNjeZuhS2jS5xGUOwwp3SrsYE4tZhD0WuVEHGDcyIhmBZh9Qqk3NHKz+tQDD/e0GE/8uTTfR1Eh+pq1YOIcLYzzKA2khmJSeHqqDriVZZoWpn67oHtrui9FYesapZ8AX0=
on_success: change
on_failure: always
on_start: never
addons:
firefox: "45.0"