diff --git a/sechub-pds-solutions/phan/README.adoc b/sechub-pds-solutions/phan/README.adoc index b5c729d9a1..69a80940b3 100644 --- a/sechub-pds-solutions/phan/README.adoc +++ b/sechub-pds-solutions/phan/README.adoc @@ -8,11 +8,7 @@ Phan is a static analyzer for PHP that prefers to minimize false-positives. Phan attempts to prove incorrectness rather than correctness. In addition, the combination of Phan and PDS allows both to run in a Kubernetes cluster or on virtual machines. -This folder contains the scripts necessary to run Phan Wrapper + PDS locally within a container. It also contains scripts to create the PDS + Phan container and push it to your container registry, as well as a helm chart to install and run Phan Wrapper + PDS in a Kubernetes cluster. - -== Current limitations - -- only docker images uploaded as `.tar` files can be scanned +This folder contains the scripts necessary to run Phan + PDS locally within a container. It also contains scripts to create the PDS + Phan container and push it to your container registry, as well as a helm chart to install and run Phan + PDS in a Kubernetes cluster. == Run Locally @@ -40,44 +36,39 @@ The folder contains a start script which does the manual steps for you: ./01-start-single-docker-compose.sh ---- -==== Together with SecHub +=== Scan + +The steps required to scan with the PDS. Scan manually if you are new to the PDS. Use the script, if you are tired of typing the same commands over and over again. -The container will be started and attached to the `sechub` network. +==== Scan Script -WARNING: Make sure the SecHub container is running and executor for Phan is set up. +It is recommended to start with a manual <<_scan>> the first time using the PDS. However, after some time typing in the commands becomes very tedious. To improve on the experience you can scan using this script. -. Start container: +. Set the environment variables + ---- -./05-start-single-sechub-network-docker-compose.sh +export PDS_SERVER=https://: +export PDS_USERID=admin +export PDS_APITOKEN="" +export PDS_PRODUCT_IDENTFIER=PDS_PHAN ---- + -You can now scan with the SecHub client downloaded from the SecHub release page on GitHub. -Example sechub.json, the phan wrapper takes docker images saved as tar archives + -You can save docker images with the command "save" to a tar file. + +For example: + ---- -docker save -o +export PDS_SERVER=https://localhost:8444 +export PDS_USERID=admin +export PDS_APITOKEN="pds-apitoken" +export PDS_PRODUCT_IDENTFIER=PDS_PHAN ---- +---- +cd ../../sechub-solutions-shared/scripts/ +./01-test-pds.sh +---- ++ +For example: + -[source,json] ---- -{ - "apiVersion": "1.0", - "licenseScan": { - "use": [ - "test-sources" - ] - }, - "data": { - "binaries": [ - { - "name": "test-sources", - "fileSystem" : { - "folders" : [ "my-docker-archive.tar" ] - } - } - ] - } -} +cd ../../sechub-solutions-shared/scripts/ +./01-test-pds.sh ~/myproject.zip ---- \ No newline at end of file diff --git a/sechub-pds-solutions/phan/composer.json b/sechub-pds-solutions/phan/composer.json deleted file mode 100644 index 900312183f..0000000000 --- a/sechub-pds-solutions/phan/composer.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "require": { - "phan/phan": "^5.4" - } -} diff --git a/sechub-pds-solutions/phan/docker/Phan-Debian.dockerfile b/sechub-pds-solutions/phan/docker/Phan-Debian.dockerfile index 07a7f76811..2bad1a0a47 100644 --- a/sechub-pds-solutions/phan/docker/Phan-Debian.dockerfile +++ b/sechub-pds-solutions/phan/docker/Phan-Debian.dockerfile @@ -9,13 +9,13 @@ FROM ${BASE_IMAGE} LABEL org.opencontainers.image.source="https://github.com/mercedes-benz/sechub" LABEL org.opencontainers.image.title="SecHub Phan+PDS Image" -LABEL org.opencontainers.image.description="A container which combines Phan Wrapper with the SecHub Product Delegation Server (PDS)" +LABEL org.opencontainers.image.description="A container which combines Phan with the SecHub Product Delegation Server (PDS)" LABEL maintainer="SecHub FOSS Team" USER root # Build Args -ARG PHAN_WRAPPER_VERSION="5.4.3" +ARG PHAN_VERSION="5.4.3" ARG PHP_VERSION="8.2" # Copy mock folder @@ -28,6 +28,10 @@ RUN chmod --recursive +x "$SCRIPT_FOLDER" # Copy PDS configfile COPY pds-config.json "$PDS_FOLDER/pds-config.json" +# Copy and modify composer.json +COPY composer.json "$PDS_FOLDER/composer.json" +RUN sed -i "s/PHAN_VERSION/${PHAN_VERSION}/g" "$PDS_FOLDER/composer.json" + RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ apt-get --assume-yes upgrade && \ diff --git a/sechub-pds-solutions/phan/docker/composer.json b/sechub-pds-solutions/phan/docker/composer.json new file mode 100644 index 0000000000..1064260010 --- /dev/null +++ b/sechub-pds-solutions/phan/docker/composer.json @@ -0,0 +1,5 @@ +{ + "require": { + "phan/phan": "PHAN_VERSION" + } +}