inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-05-26 17:25:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
alfresco-community-repo/scripts/ci/remove-sast-exclusions.sh
Sara 4eafb13ba6
ACS-9044 Remove excluded files from war file for SAST (#3084) 
* ACS-9044 Bump dependency.spring.version from 6.1.14 to 6.2.0

* ACS-9044 Bump spring-security to 6.4.1

* ACS-9044 Add file to hold excluded files list

* ACS-9044 POC - script to remove excluded files from alfresco.war

* ACS-9044 POC - change veracode SAST to scan reduced alfresco.war

* ACS-9044 POC - create reduced alfresco.war before SAST

* ACS-9044 POC - keep reduced alfresco.war in target dir

* ACS-9044 Use temporary directory and allow any war file

* ACS-9044 fix failing path

* ACS-9044 update from review

* ACS-9044 fix for temp dir

* ACS-9044 fix for temp dir

* ACS-9044 Revert spring and spring-security versions
2024-12-20 10:21:33 +00:00

25 lines
670 B
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
echo "=========================== Excluding Files from Veracode SAST ==========================="
set -ex
pushd "$(dirname "${BASH_SOURCE[0]}")/../../"
# Copy war file to temporary directory
cp -f "$1" "$2"
# Remove files to be excluded from Veracode SAST
exclusions="./scripts/ci/SAST-exclusion-list.txt"
if [ -e $exclusions ]
then
while read -r line
do
echo "Removing WEB-INF/lib/$line"
zip -d "$2" "WEB-INF/lib/$line" || true
done < "$exclusions"
else
echo "No files to be excluded from SAST"
fi
popd
set +ex
echo "=========================== Finishing Excluding Files from Veracode SAST =========================="
Reference in New Issue View Git Blame Copy Permalink