Fixing security pipeline in horusec (#61)

* Fixing security pipeline in horusec * Fixing security pipeline in horusec * Fixing security pipeline in horusec * Fixing security pipeline in horusec * Fixing readme cli * Fixing readme cli
ZupIT · Oct 15, 2020 · 24983bc · 24983bc
1 parent 73fc6ad
commit 24983bc
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 2 deletions.
diff --git a/.github/workflows/security-pipeline.yml b/.github/workflows/security-pipeline.yml
@@ -14,8 +14,15 @@ jobs:
     steps:
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2
-      - name: Running Horusec Security
+      - name: Running Horusec Security Download latest version
         shell: bash
         run: |
           curl -fsSL https://horusec-cli.s3.amazonaws.com/install.sh | bash
           horusec start -p="./"
+      - name: Running Horusec Security Running current version
+        shell: bash
+        run: |
+          go build -o horusec ./horusec-cli/cmd/horusec/main.go
+          chmod +x horusec
+          sudo mv horusec /usr/local/bin
+          horusec start -p="./" -e="true"
diff --git a/horusec-cli/README.md b/horusec-cli/README.md
@@ -232,6 +232,8 @@ All available flags are:
 | HORUSEC_CLI_ENABLE_GIT_HISTORY_ANALYSIS         | horusecCliEnableGitHistoryAnalysis         | enable-git-history       |               | false                                   | This setting is to know if I want enable run gitleaks tools and analysis in all git history searching vulnerabilities. |
 | HORUSEC_CLI_ENABLE_COMMIT_AUTHOR                | horusecCliEnableCommitAuthor               | enable-commit-author     | G             | false                                   | Used to enable and disable commit author. Ex.: `G="true"`|
 | HORUSEC_CLI_REPOSITORY_NAME                     | horusecCliRepositoryName                   | repository-name          | n             |                                         | Used to send the repository name to the server, must be used together with the company token. |
+| HORUSEC_CLI_FALSE_POSITIVE_HASHES               | horusecCliFalsePositiveHashes              | false-positive           | R             |                                         | Used to ignore vulnerability on analysis and setup with type `False positive`. ATTENTION when you add this configuration directly to the CLI, the configuration performed via the Horusec graphical interface will be overwritten. |
+| HORUSEC_CLI_RISK_ACCEPT_HASHES                  | horusecCliRiskAcceptHashes                 | risk-accept              | F             |                                         | Used to ignore vulnerability on analysis and setup with type `Risk accept`. ATTENTION when you add this configuration directly to the CLI, the configuration performed via the Horusec graphical interface will be overwritten. |
 |                                                 | horusecCliWorkDir                          |                          |               |                                         | This setting tells to horusec the right directory to run a specific language. |
 
 #### Authorization

diff --git a/horusec-config.json b/horusec-config.json
@@ -7,9 +7,11 @@
   "horusecCliPrintOutputType": "text",
   "horusecCliJsonOutputFilepath": "",
   "horusecCliTypesOfVulnerabilitiesToIgnore": "",
-  "horusecCliFilesOrPathsToIgnore": "**/*.toml, **/*_test.go, **/*_mock.go, **/*README.md, development-kit/pkg/enums/engine/advisories/**",
+  "horusecCliFilesOrPathsToIgnore": "**/examples/**, **/*.toml, **/*_test.go, **/*_mock.go, **/*README.md, **/development-kit/pkg/enums/engine/advisories/**",
   "horusecCliReturnErrorIfFoundVulnerability": false,
   "horusecCliProjectPath": "./",
+  "horusecCliFalsePositiveHashes": "071e62026e7dd7c3d7d44ed34ace50f166e0d4f55b6a552a54fe6e5e008494ca, 34c8b589aa59af2544fea78abe7f4a8c46c13cc503aa8bcc9a9d10244602939e, 20dab730333c95223757e11e22374d5c59019b93d1ceb6ffaed5db89bcd75707, 8e3d223747c7799754558eeb9dd368bc2b2f26024b47deefa773b9214cfdc132, 785959df09a162f19c253a501928666143086f8e514c950a57ce8d216038296d, e2eaa19612eed0124b1fec396f8d41381c618c677c2025fc07c1cd0ccbe92b3c, 49d92b5a5deadbb206bf6b5721048664837402ca60fac7ffca7b8482e36ec64c, 8f4a865db2aaa8fecd1f7d02584e4f01ebf4d44d0933207d24e3fb345e406b0a, ed6f171efc5db235f395170a0113d7ccbb3de283381d8f6026fc86366dc23971, 2290683f67b9636f9516029b5ed66b68b6613370f5265d5941194c9f540503a6, 66c089ae308637618c1872239999f3cf0937b2005d1a30f4a3664056aa643aa7, 02a69fb25ba0e26328281f985680681c50208d3744fcda75507bd5313f65236e, 32a1e96e1adca8d0334107438393a9d88ae3e75cee3e871b0da71fd6bf3cfdf4, b0d65bf174db977f155f64a961602e156ed68896ff86a29b8b8d3926f2606ea7, 5b981f9746f2aee9a182dcfd8b756ced335c7a07e345637d50ec7bb1f0518514, 7f436b3ef2656c3a1f6da4079aac8dfe3313f2d375748f4d0aea40e715d3ce2b, 26f799b248b2bd7279bb199ee109622fb147e3df6f1f39b0e47eba5d6ac1e095",
+  "horusecCliRiskAcceptHashes": "0d450aa9cbf8e103a4156d2ea6ad35d0b1f6d2aece857fbe1c54fece720c4382, 0870cfa59cfe7ef087e45762ce1d66cb6fdc85196323fcfae2e90167f242e4b3, 3198f2595d15ba1a01174329c944e3af9f7b3a7af7914e857eb9b82684633236, a3661718648379e90547895725ad5e1d8021aa48f105ae236427972957a2705f, 3a0c53aae9a54d01e97417f2e495ca74c1f8874b0e4805fc622e50f7633838a8, a452ff6d2565d67f118c80866a38a25871606751421347211b8932eb55aed85b, b85977d0bc430b00f17bc9f431d70b272110afea2549ee41bf03369bf99572d2, 312a4ee6b6b74a8c667e6f907568d9feaa0f0a69091f322abbcdf0562b9a3914, 0ffc51a6b0187bec02837cb1e8dddfa05519e83d861af3fbd553bc4d0fbe852d, 4294bf00b848d82c4e012f45e0747996eb75109e089a626af930580a7a179ea4, fa41e0534388707279458969d1dcdb58ff932357660e8855d2bb4170fdbcb391, f48ffee4aa54549ef31150fbcd75a28e62a17d4b890859dd90cf2f52c34aa936, de76819bfffe3282f388c1db1421b6378c2a1e450d058d1fb64d6dc1177703b6, 4c7ad6feac210f7c447cd65756e08dd5df96d4070545cdc76c5bfaec846b8fe7",
   "horusecCliWorkDir": {
     "go":         [],
     "netCore":    [],