Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2026-02-19 12:11:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add owasp

Browse source
This commit is contained in:
Yuxin Deng 2025-11-23 02:12:47 -05:00
parent 1607fb31f8
commit c275988019
4 changed files with 61 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.checkstyle-suppressions.xml Normal file
View file

@ -0,0 +1,10 @@
<?xml version="1.0"?>
<!DOCTYPE suppressions PUBLIC
"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
"https://checkstyle.org/dtds/suppressions_1_2.dtd">
<suppressions>
<suppress files="\.venv/.*"/>
<suppress files="env/.*"/>
<suppress files="venv/.*"/>
</suppressions>

36
Jenkinsfile vendored
View file

@ -73,7 +73,7 @@ pipeline {
stage('Quality Gate') {
steps {
echo 'Waiting for SonarQube quality gate result...'
sleep(15) // Wait 15 seconds
sleep(15)
timeout(time: 10, unit: 'MINUTES') {
script {
def qg = waitForQualityGate abortPipeline: true
@ -83,7 +83,6 @@ pipeline {
}
}
stage('Code Quality') {
steps {
echo 'Running Checkstyle analysis...'
@ -109,11 +108,35 @@ pipeline {
stage('Archive') {
steps {
echo 'Archiving artifacts...'
archiveArtifacts artifacts: '**/target/*.jar',
archiveArtifacts artifacts: '**/target/*.jar',
fingerprint: true,
allowEmptyArchive: false
}
}
stage('OWASP ZAP Scan') {
steps {
echo 'Running OWASP ZAP Baseline Scan...'
sh """
docker run --rm -v \$(pwd):/zap/wrk owasp/zap2docker-stable zap-baseline.py \
-t http://localhost:8080 \
-r zap_report.html \
-I
"""
}
}
stage('Publish ZAP Report') {
steps {
echo 'Publishing OWASP ZAP HTML report...'
publishHTML target: [
allowMissing: false,
reportDir: '.',
reportFiles: 'zap_report.html',
reportName: 'OWASP ZAP Security Report'
]
}
}
}
post {
@ -124,12 +147,7 @@ pipeline {
echo 'Build failed!'
}
always {
cleanWs(
cleanWhenNotBuilt: false,
deleteDirs: true,
disableDeferredWipeout: true,
notFailBuild: true
)
echo 'Cleanup after build...'
}
}
}

14
docker-compose.yml
View file

@ -4,7 +4,7 @@ services:
user: root
container_name: jenkins
ports:
- "8080:8080"
- "8082:8080"
- "50000:50000"
environment:
- JENKINS_OPTS=--prefix=/jenkins
@ -71,17 +71,25 @@ services:
"-host",
"0.0.0.0",
"-port",
"8081",
"8083",
"-config",
"api.disablekey=true",
]
ports:
- "8081:8081"
- "8083:8081"
volumes:
- ./zap/wrk:/zap/wrk
networks:
- devops-net
petclinic:
image: petclinic:latest
container_name: petclinic
ports:
- "8081:8080"
networks:
- devops-net
volumes:
jenkins_home:
sonarqube_data:

14
pom.xml
View file

@ -223,7 +223,19 @@
<configLocation>src/checkstyle/nohttp-checkstyle.xml</configLocation>
<sourceDirectories>${basedir}</sourceDirectories>
<includes>**/*</includes>
<excludes>**/.git/**/*,**/.idea/**/*,**/target/**/,**/.flattened-pom.xml,**/*.class</excludes>
<excludes>
**/.git/**/*,
**/.idea/**/*,
**/target/**/,
**/.flattened-pom.xml,
**/*.class,
**/.venv/**/*,
**/venv/**/*,
**/env/**/*,
**/.pythonlibs/**/*,
**/.pytest_cache/**/*,
**/.mypy_cache/**/*
</excludes>
<propertyExpansion>config_loc=${basedir}/src/checkstyle/</propertyExpansion>
</configuration>
</execution>