Merge pull request #72 from kaakaww/feature/progress-and-artifact-tes…

…ting

azure extension dev hawk version testing

azure-pipelines.yml

@@ -39,7 +39,7 @@ steps:
   # install the latest version of hawkscan
   - task: HawkScanInstall@1
     inputs:
-      version: "latest"
+      version: "3.5.28"
       installerType: "$(installerType)"
 
   # azure pipelines default jdk is 8, so we upgrade to 11 to run JavaSpringVulny
@@ -69,8 +69,9 @@ steps:
   - task: RunHawkScan@1
     inputs:
       configFile: "stackhawk.yml"
-      version: "latest"
+      version: "3.5.28"
     env:
       HAWK_API_KEY: $(HAWK_API_KEY) # use variables in the azure devops ui to configure secrets and env vars
       APP_ENV: $(imageName)
       APP_ID: $(appId2)
+      SARIF_ARTIFACT: true

ci-examples/azure-devops/azure-pipelines.yml

@@ -0,0 +1,39 @@
+# HawkScan Scanning in Azure Pipelines
+
+pool:
+  vmImage: ubuntu-latest
+
+trigger: none
+
+steps:
+  - checkout: self
+
+  # install the latest version of hawkscan
+  - task: HawkScanInstall@1
+    inputs:
+      version: "3.5.28"
+      installerType: "auto"
+
+  # azure pipelines default jdk is 8, so we upgrade to 17 to run JavaSpringVulny
+  - task: JavaToolInstaller@0
+    inputs:
+      versionSpec: "17"
+      jdkArchitectureOption: "x64"
+      jdkSourceOption: "PreInstalled"
+
+  # download, then start javaspringVulny in the background
+  - script: |
+      curl -Ls https://github.com/kaakaww/javaspringvulny/releases/download/0.1.0/java-spring-vuly-0.1.0.jar -o ./java-spring-vuly-0.1.0.jar
+      java -jar ./java-spring-vuly-0.1.0.jar &
+    displayName: Download and Start JavaSpringVulny
+
+  # run hawkscan with the StackHawk Azure Extension
+  - task: RunHawkScan@1
+    inputs:
+      configFile: "stackhawk.yml"
+      version: "3.5.28"
+    env:
+      HAWK_API_KEY: $(HAWK_API_KEY) # use variables in the azure devops ui to configure secrets and env vars
+      APP_ENV: 'Azure Pipeline'
+      APP_ID: $(appId2)
+      SARIF_ARTIFACT: true

ci-examples/github/hawkscan.yml

@@ -0,0 +1,26 @@
+name: HawkScan
+
+jobs:
+  hawkscan:
+    name: HawkScan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Download and run JavaSpringVulny release jar
+        run: |
+          curl -Ls https://github.com/kaakaww/javaspringvulny/releases/download/0.1.0/java-spring-vuly-0.1.0.jar -o ./java-spring-vuly-0.1.0.jar
+          java -jar ./java-spring-vuly-0.1.0.jar &
+#      - name: Build and run JavaSpringVulny (slower)
+#        run: |
+#          ./gradlew build
+#          ./gradlew bootRun &
+      - name: Run HawkScan
+        id: run-hawkscan
+        uses: stackhawk/hawkscan-action@main
+        with:
+          apiKey: ${{ secrets.HAWK_API_KEY }}
+          sourceURL: https://download.stackhawk.com/dev/hawk/cli
+          version: 3.5.28
+        env:
+          APP_ID: ${{ secrets.appId }}
+          SARIF_ARTIFACT: true