Updated nowsecure and dockerfile to use environment variable for jar …

…file
nowsecure · Nov 16, 2020 · 020fb50 · 020fb50
1 parent f86e354
commit 020fb50
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,10 +1,13 @@
 FROM openjdk:8
 # plugin version from https://github.com/nowsecure/auto-circleci-plugin/releases
-ENV PLUGIN_VERSION 1.2.0d
+ENV PLUGIN_VERSION 1.2.0e
 #
 # Download nowsecure plugin source
 RUN mkdir -p /usr/local/share/nowsecure
 RUN curl -Ls https://github.com/nowsecure/auto-circleci-plugin/archive/${PLUGIN_VERSION}.tar.gz | tar -xzf - -C /usr/local/share/nowsecure
+RUN cp /usr/local/share/nowsecure/bin/nowsecure.sh /usr/local/bin/nowsecure.sh
+
+ENV PLUGIN_JAR /usr/local/share/nowsecure/dist/all-in-one-jar-${PLUGIN_VERSION}.jar
 #
 ### Execute script to execute nowsecure plugin
 ### You can customize plugin using following environment variables:
@@ -16,7 +19,7 @@ RUN curl -Ls https://github.com/nowsecure/auto-circleci-plugin/archive/${PLUGIN_
 ### ARTIFACTS_DIR - (Optional) artifacts directory where json files are stored
 #
 
-CMD /usr/local/share/nowsecure/auto-circleci-plugin-${PLUGIN_VERSION}/bin/nowsecure.sh
+CMD /usr/local/bin/nowsecure.sh
 
 ## EXAMPLE FOR EXECUTING DOCKER IMAGE
 # docker run -v ~/Desktop/apk:/source -v /tmp:/artifacts -e AUTO_TOKEN=$AUTO_TOKEN -e AUTO_GROUP=$AUTO_GROUP -e BINARY_FILE=/source/test.apk -e ARTIFACTS_DIR=/artifacts -e MAX_WAIT=30 -e MIN_SCORE=50 -it --rm $IMAGE_ID

diff --git a/bin/nowsecure.sh b/bin/nowsecure.sh
@@ -3,10 +3,14 @@
 # Nowsecure Plugin to upload binary file, run assessment and retrieve scores
 # This script will fail if the job fails or score is below minimum threshold.
 ###
-BIN_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 
 if [[ -z "${PLUGIN_VERSION}" ]]; then
-  PLUGIN_VERSION="1.2.0d"
+  PLUGIN_VERSION="1.2.0e"
+fi
+
+if [[ -z "${PLUGIN_JAR}" ]]; then
+  BIN_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+  PLUGIN_JAR=${BIN_DIR}/../dist/all-in-one-jar-${PLUGIN_VERSION}.jar
 fi
 
 if [[ -z "${AUTO_URL}" ]]; then
@@ -45,4 +49,4 @@ if [[ -z "${SHOW_STATUS_MESSAGES}" ]]; then
   SHOW_STATUS_MESSAGES=true
 fi
 
-exec java -jar ${BIN_DIR}/../dist/all-in-one-jar-${PLUGIN_VERSION}.jar --plugin-name circleci-nowsecure-auto-security-test --plugin-version ${PLUGIN_VERSION} --auto-url $AUTO_URL --auto-token $AUTO_TOKEN --auto-dir $ARTIFACTS_DIR --auto-file $BINARY_FILE --auto-group $AUTO_GROUP --auto-wait $MAX_WAIT --auto-score $MIN_SCORE --auto-show-status-messages $SHOW_STATUS_MESSAGES --debug
+exec java -jar ${PLUGIN_JAR} --plugin-name circleci-nowsecure-auto-security-test --plugin-version ${PLUGIN_VERSION} --auto-url $AUTO_URL --auto-token $AUTO_TOKEN --auto-dir $ARTIFACTS_DIR --auto-file $BINARY_FILE --auto-group $AUTO_GROUP --auto-wait $MAX_WAIT --auto-score $MIN_SCORE --auto-show-status-messages $SHOW_STATUS_MESSAGES --debug
diff --git a/dist/all-in-one-jar-1.2.0d.jar → dist/all-in-one-jar-1.2.0e.jar b/dist/all-in-one-jar-1.2.0d.jar → dist/all-in-one-jar-1.2.0e.jar