forked from crashtest-security/devsecops-example-heroku
-
Notifications
You must be signed in to change notification settings - Fork 0
/
start_crashtest_codeship.sh
54 lines (34 loc) · 1.21 KB
/
start_crashtest_codeship.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/usr/bin/env bash
#### Setup variables ####
# Stop the script as soon as the first command fails
set -euo pipefail
# Set WEBHOOK to webhook secret (without URL)
WEBHOOK=$1
# Set the API endpoint
API_ENDPOINT="https://api.crashtest.cloud/webhook"
#### Start Security Scan ####
# Start Scan and get scan ID
SCAN_ID=`curl --silent -X POST --data "" $API_ENDPOINT/$WEBHOOK | jq .data.scanId`
# Check if a positive integer was returned as SCAN_ID
if ! [ $SCAN_ID -ge 0 ] 2>/dev/null
then
echo "Could not start Scan for Webhook $WEBHOOK."
exit 1
fi
echo "Started Scan for Webhook $WEBHOOK. Scan ID is $SCAN_ID."
#### Check Security Scan Status ####
# Set status to Queued (100)
STATUS=100
# Run the scan until the status is not queued (100) or running (101) anymore
while [ $STATUS -le 101 ]
do
echo "Scan Status currently is $STATUS (101 = Running)"
# Only poll every minute
sleep 60
# Refresh status
STATUS=`curl --silent $API_ENDPOINT/$WEBHOOK/scans/$SCAN_ID/status | jq .data.status.status_code`
done
echo "Scan finished with status $STATUS."
#### Download Scan Report ####
curl --silent $API_ENDPOINT/$WEBHOOK/scans/$SCAN_ID/report/junit -o report.xml
echo "Downloaded Report to report.xml"