Please use Docker instead of downloading manually the files

[miguelfreitas93]

Expected Behavior

Have CI examples using docker instead of using complicated downloads on this folder https://github.com/Checkmarx/kics/tree/master/examples

Actual Behavior

Examples presented using wget, not docker

Specifications

• Version: latest
• Platform: docker
• Subsystem: Linux

[miguelfreitas93]

For example, for Gitlab:

image: docker:git

services:
- docker:dind

stages:
  - kics

before_script:
  - docker pull checkmarx/kics:$KICS_VERSION

kics:
  stage: kics
  script:
    - > 
        docker run
        -v $CI_PROJECT_DIR:/code
        checkmarx/kics:$KICS_VERSION
        scan 
        -p /code

For example for Azure Dev Ops Pipelines:
(CxVariables needs to be defined under Pipelines -> Library where variables will be globally stored to all pipelines)

trigger:
- main

variables:
- group: CxVariables

pool:
  vmImage: 'ubuntu-latest'
  
steps:
- script: |
    docker run \
    -v $(Build.Repository.LocalPath):/code \
    checkmarx/kics:$(KICS_VERSION) \
    scan \
    -p /code
  displayName: 'KICS Scan'

For example for Bitbucket Pipelines:

image:
  name: atlassian/default-image:2

pipelines:

  default:
  
  - step:
      name: KICS Scan
      script:
        - docker run
          -v $BITBUCKET_CLONE_DIR:/code
          checkmarx/kics:$KICS_VERSION
          scan
          -p /code
      services:
      - docker

[miguelfreitas93]

Also it is required to have a README.md explaining which variables you need to define and which are default variables already defined on the pipeline for example:
For Gitlab example:

- Gitlab Default Variables:
  - CI_PROJECT_DIR -> Folder where Source code can be found

- CI/CD Pipeline variables required to be created:
  - KICS_VERSION -> Docker Tag of kics docker image to be used

For Azure example:

- Azure Default Variables:
  - Build.Repository.LocalPath -> Folder where Source code can be found

- CI/CD Pipeline variables required to be created (on this case, under Library Group):
  - KICS_VERSION -> Docker Tag of kics docker image to be used

For Bitbucket Pipelines example:

- Bitbucket Pipelines Default Variables:
  - BITBUCKET_CLONE_DIR -> Folder where Source code can be found

- CI/CD Pipeline variables required to be created:
  - KICS_VERSION -> Docker Tag of kics docker image to be used

[jbrotsos]

@miguelfreitas93 I was about to file the same FR but is it necessary to run docker pull & docker run? I believe this would work instead:

image:
name: checkmarx/kics:${KICS_VERSION}

[miguelfreitas93]

Yeah, that might work @jbrotsos for some build servers

[rogeriopeixotocx]

@miguelfreitas93 @jbrotsos your feedback is greatly appreciated. We'll take a look at those improvements. But then again, you're also welcome to contribute.

We want to promote community engagement! ✌🏻

[rogeriopeixotocx]

It's good to provide the option for our users to use docker in their CI/CD pipelines.

We already have integration examples using docker for:

• Jenkins.
• CircleCI
• Github Actions

Currently, those are WIP:

• Gitlab
• Azure DevOps

TBD in the near future:

• Bitbucket

cc: @StanislavPolovnyi @elit-cx @nunoocx @markmishaevcx

[roock]

@rogeriopeixotocx are you still accepting community contribution for an updated template for Gitlab CI using the docker images?

[rogeriopeixotocx]

Hi @roock, yes we are :)

[roock]

This has already been implemented and can be closed

[nunoocx]

Thank you @roock !