Skip to content

Commit

Permalink
fix: Fix GitLab instructions (fixes #30)
Browse files Browse the repository at this point in the history
  • Loading branch information
rsenden committed Jun 21, 2024
1 parent 73b912e commit ee02f0c
Showing 1 changed file with 12 additions and 4 deletions.
16 changes: 12 additions & 4 deletions doc-resources/repo-usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -425,9 +425,13 @@ The following sections describe how to use the `fortifydocker/fortify-vulnerabil
The following example illustrates how to utilize the `fortify/fortify-vulnerability-exporter`
Docker image to integrate FortifyVulnerabilityExporter into a GitLab CI/CD pipeline for exporting vulnerability data from FoD to GitLab.
Note that to avoid GitLab passing `sh` as an argument to FortifyVulnerabilityExporter (which will fail, as FortifyVulnerabilityExporter will interpret `sh` as the name of a configuration file), we need to override the image entrypoint and manually invoke the utility in the `script` section.
```
fortify_scanning:
image: fortifydocker/fortify-vulnerability-exporter
image:
name: fortifydocker/fortify-vulnerability-exporter
entrypoint: [""]
variables:
export_config: /config/FoDToGitLab.yml
fod_baseUrl: https://ams.fortify.com
Expand All @@ -437,7 +441,7 @@ fortify_scanning:
fod_release_name: MyApp:MyRelease
# Or use fod_release_id: 1234
script:
- echo Script entry is required but not used
- java -DpopulateContainerDirs=true -cp "/app/classpath/*:app/libs/*" com.fortify.vulnexport.FortifyVulnerabilityExporter
when: manual
allow_failure: true
artifacts:
Expand All @@ -455,17 +459,21 @@ As described in the [CI/CD Integration](#cicd-integration) section, you can opti
The following example illustrates how to utilize the `fortify/fortify-vulnerability-exporter` Docker image to integrate FortifyVulnerabilityExporter into a GitLab CI/CD pipeline for exporting vulnerability data from SSC to GitLab.
Note that to avoid GitLab passing `sh` as an argument to FortifyVulnerabilityExporter (which will fail, as FortifyVulnerabilityExporter will interpret `sh` as the name of a configuration file), we need to override the image entrypoint and manually invoke the utility in the `script` section.
```
fortify_scanning:
image: fortifydocker/fortify-vulnerability-exporter
image:
name: fortifydocker/fortify-vulnerability-exporter
entrypoint: [""]
variables:
export_config: /config/SSCToGitLab.yml
ssc_baseUrl: ${SSC_BASE_URL}
ssc_authToken: ${SSC_CI_TOKEN_DECODED}
ssc_version_name: MyApp:MyVersion
# Or use ssc_version_id: 1234
script:
- echo Script entry is required but not used
- java -DpopulateContainerDirs=true -cp "/app/classpath/*:app/libs/*" com.fortify.vulnexport.FortifyVulnerabilityExporter
when: manual
allow_failure: true
artifacts:
Expand Down

0 comments on commit ee02f0c

Please sign in to comment.