Merge pull request #5 from matusso/sonarcloud-ghauri

Sonarcloud ghauri
matusso · Dec 8, 2024 · 55954c1 · 55954c1
2 parents 6537152 + 5a75ae0
commit 55954c1
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 14 deletions.
diff --git a/.github/workflows/ghauri.yml b/.github/workflows/ghauri.yml
@@ -4,15 +4,19 @@ on:
   push:
     branches:
       - main  # Change to your default branch if not main
+      - sonarcloud-ghauri
   pull_request:
-    branches:
-      - main  # Change to your default branch if not main
+    types: [opened, synchronize, reopened]
 
 permissions:
   contents: read
   packages: write
   security-events: write
 
+env:
+  PYTHON_VERSION: "3.13"
+  RELEASE_VERSION: "1.4.1"
+
 jobs:
   build-and-push:
     runs-on: ${{ matrix.os }}
@@ -21,13 +25,9 @@ jobs:
         os: [ubuntu-latest]
 
     steps:        
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: snyk/actions/setup@master
 
-      - name: Set release version
-        id: set_version
-        run: echo "RELEASE_VERSION=1.4.1" >> $GITHUB_ENV
-
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
         with:
@@ -48,7 +48,8 @@ jobs:
 
       - name: Build and push Docker image
         run: |
-          docker buildx build --push \
+          docker buildx build --push --build-context python=docker-image://python:${{ env.PYTHON_VERSION }}-alpine \
+            --build-arg "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" \
             --tag ghcr.io/${{ github.repository_owner }}/ghauri:${{ env.RELEASE_VERSION }} \
             --tag ghcr.io/${{ github.repository_owner }}/ghauri:latest \
             --platform linux/amd64,linux/arm64 ./files/ghauri
@@ -74,4 +75,57 @@ jobs:
       - name: Upload SARIF Report to GitHub Code Scanning
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: snyk.sarif
+          sarif_file: snyk.sarif
+
+  sonarcloud-ghauri:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+
+    steps:
+      # Checkout the kiterunner  repository
+      - name: Checkout kiterunner Repository
+        uses: actions/checkout@v4
+        with:
+          repository: r0oth3x49/ghauri
+          path: ghauri  # Optional: Clone into a specific directory
+          ref: ${{ env.RELEASE_VERSION }}
+
+      # Set up Python 3.13
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      # Install dependencies
+      - name: Install dependencies
+        run: |
+          cd ghauri
+          sudo apt update && sudo apt install -y \
+            build-essential \
+            git \
+            autoconf \
+            automake \
+            libtool-bin \
+            pkg-config \
+            libcurl4-openssl-dev \
+            libusb-1.0-0-dev \
+            libssl-dev \
+            udev \
+            && sudo rm -rf /var/lib/apt/lists/*
+            
+      # SonarCloud Scan
+      - name: SonarCloud Scan
+        uses: sonarsource/sonarqube-scan-action@v4
+        continue-on-error: true
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=matusso
+            -Dsonar.projectKey=docker-builds:ghauri
+            -Dsonar.verbose=true
+            -Dsonar.python.version=${{ env.PYTHON_VERSION }}
+            -Dsonar.projectName=ghauri
+            -Dsonar.sources=ghauri
diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml
@@ -49,7 +49,7 @@ jobs:
       - name: Build and push Docker image
         run: |
           docker buildx build --push \
-            --build-arg KR_DIR=${{ env.KR_DIR }} --build-arg RELEASE_VERSION=${{ env.RELEASE_VERSION }} \
+            --build-arg "KR_DIR=${{ env.KR_DIR }}" --build-arg "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" \
             --tag ghcr.io/${{ github.repository_owner }}/kiterunner:${{ env.RELEASE_VERSION }} \
             --tag ghcr.io/${{ github.repository_owner }}/kiterunner:latest \
             --platform linux/amd64,linux/arm64 ./files/kiterunner

diff --git a/.github/workflows/metasploit-framework.yml b/.github/workflows/metasploit-framework.yml
@@ -13,7 +13,6 @@ permissions:
   packages: write
   security-events: write
 
-
 env:
   RELEASE_VERSION: "6.4.39"
   RUBY_VERSION: "3.2.5"

diff --git a/files/ghauri/Dockerfile b/files/ghauri/Dockerfile
@@ -1,14 +1,16 @@
-# Use an official Python runtime as a parent image
-FROM python:3.13-alpine
+FROM python
 
+ARG RELEASE_VERSION="${RELEASE_VERSION}"
+
+ENV RELEASE_VERSION=${RELEASE_VERSION}
 # Install git
 RUN apk update && apk add --no-cache git
 
 # Set the working directory in the container
 WORKDIR /app
 
 # Clone the Ghauri repository
-RUN git clone --branch 1.4.1 https://github.com/r0oth3x49/ghauri.git .
+RUN RELEASE_VERSION="$RELEASE_VERSION" git clone --branch "$RELEASE_VERSION" https://github.com/r0oth3x49/ghauri.git .
 
 # Install any needed packages specified in requirements.txt
 RUN pip install setuptools