diff --git a/.circleci/test-deploy.yml b/.circleci/test-deploy.yml index a2e35c4..aa85c3f 100644 --- a/.circleci/test-deploy.yml +++ b/.circleci/test-deploy.yml @@ -42,7 +42,7 @@ jobs: echo "Scan found dependencies with high vulnerability level" fi scan_dockerfile: - executor: security/trivy + executor: security/node steps: - checkout - security/scan_dockerfile: diff --git a/src/examples/dockerfile_misconfigurations.yaml b/src/examples/dockerfile_misconfigurations.yaml index 5ad86f0..9f7a5d2 100644 --- a/src/examples/dockerfile_misconfigurations.yaml +++ b/src/examples/dockerfile_misconfigurations.yaml @@ -9,7 +9,7 @@ usage: security: studion/security@x.y.z jobs: scan_app_dockerfile: - executor: security/trivy + executor: security/node steps: - security/scan_dockerfile: dockerfile_dir: ~/app diff --git a/src/executors/gitleaks.yml b/src/executors/gitleaks.yml deleted file mode 100644 index f2c6037..0000000 --- a/src/executors/gitleaks.yml +++ /dev/null @@ -1,19 +0,0 @@ -description: > - A Docker executor using the official Gitleaks image based on Alpine Linux. - -parameters: - tag: - type: string - default: latest - description: > - Choose a specific zricethezav/gitleaks image tag: - https://hub.docker.com/r/zricethezav/gitleaks/tags - resource_class: - type: enum - enum: ['small', 'medium', 'medium+', 'large', 'xlarge', '2xlarge', '2xlarge+'] - default: 'medium' - description: Choose the executor resource class - -docker: - - image: zricethezav/gitleaks:<> -resource_class: <> diff --git a/src/executors/semgrep.yml b/src/executors/semgrep.yml deleted file mode 100644 index ff56252..0000000 --- a/src/executors/semgrep.yml +++ /dev/null @@ -1,19 +0,0 @@ -description: > - A Docker executor using the official Semgrep image based on Alpine Linux. - -parameters: - tag: - type: string - default: latest - description: > - Choose a specific semgrep/semgrep image tag: - https://hub.docker.com/r/semgrep/semgrep/tags - resource_class: - type: enum - enum: ['small', 'medium', 'medium+', 'large', 'xlarge', '2xlarge', '2xlarge+'] - default: 'medium' - description: Choose the executor resource class - -docker: - - image: semgrep/semgrep:<> -resource_class: <> diff --git a/src/executors/trivy.yml b/src/executors/trivy.yml deleted file mode 100644 index b91a817..0000000 --- a/src/executors/trivy.yml +++ /dev/null @@ -1,19 +0,0 @@ -description: > - A Docker executor using the official Trivy image based on Alpine Linux. - -parameters: - tag: - type: string - default: latest - description: > - Choose a specific aquasec/trivy image tag: - https://hub.docker.com/r/aquasec/trivy/tags - resource_class: - type: enum - enum: ['small', 'medium', 'medium+', 'large', 'xlarge', '2xlarge', '2xlarge+'] - default: 'medium' - description: Choose the executor resource class - -docker: - - image: aquasec/trivy:<> -resource_class: <> diff --git a/src/jobs/analyze_code_diff.yml b/src/jobs/analyze_code_diff.yml index 8505938..860a840 100644 --- a/src/jobs/analyze_code_diff.yml +++ b/src/jobs/analyze_code_diff.yml @@ -1,7 +1,7 @@ description: > Run a diff-aware scan on the codebase and report findings. -executor: semgrep +executor: node parameters: verbose: diff --git a/src/jobs/analyze_code_full.yml b/src/jobs/analyze_code_full.yml index e5e3925..1ef4953 100644 --- a/src/jobs/analyze_code_full.yml +++ b/src/jobs/analyze_code_full.yml @@ -1,7 +1,7 @@ description: > Run a full scan on the codebase and report findings. -executor: semgrep +executor: node parameters: verbose: diff --git a/src/jobs/detect_secrets_dir.yml b/src/jobs/detect_secrets_dir.yml index bff4ece..7d7579c 100644 --- a/src/jobs/detect_secrets_dir.yml +++ b/src/jobs/detect_secrets_dir.yml @@ -1,7 +1,7 @@ description: > Detect secrets leak inside a project at the directory level. -executor: gitleaks +executor: node parameters: source: diff --git a/src/jobs/detect_secrets_git.yml b/src/jobs/detect_secrets_git.yml index 275a3f2..2f035e2 100644 --- a/src/jobs/detect_secrets_git.yml +++ b/src/jobs/detect_secrets_git.yml @@ -1,7 +1,7 @@ description: > Detect secrets leak inside a project at the repository level. -executor: gitleaks +executor: node parameters: config: