diff --git a/Jenkinsfile b/Jenkinsfile index a2c5650..300d5d3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,17 +45,25 @@ pipeline { // Führt den Build-Befehl im spezialisierten Container aus container('dotnet8') { sh 'dotnet --version' // Zur Bestätigung der Version - sh 'dotnet build' + + sh 'dotnet build --configuration Release' // optimierter Build Prozess ohne Debug und ungenutzt Pfade } } } stage('Security: Trivy Scan') { steps { + // Wiederherstellen der project.assets.json in obj/ für Trivy zum finden der transtiven Abhängigkeiten + container('dotnet8') { + sh 'dotnet restore' + } + container('trivy') { // Wir erstellen ein Verzeichnis für den Report sh 'mkdir -p reports' + // Wichtig: trivy ersetzt -> dotnet list package --vulnerable --include-transitive + // Der Befehl erzeugt die HTML-Datei // --format template: Nutzt ein Layout // --template "@/contrib/html.tpl": Das Standard-Trivy-Layout @@ -118,6 +126,8 @@ pipeline { } } + + stage('Security: Trivy Image Scan') { when { branch 'master' diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.deps.json b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.deps.json index 5d3a4d0..6c784ed 100644 --- a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.deps.json +++ b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.deps.json @@ -10,6 +10,7 @@ "dependencies": { "JunitXml.TestLogger": "8.0.0", "Microsoft.NET.Test.Sdk": "17.8.0", + "Newtonsoft.Json": "13.0.3", "SecDevOpsLab": "1.0.0", "coverlet.collector": "6.0.0", "xunit": "2.5.3", @@ -140,7 +141,7 @@ "Microsoft.TestPlatform.TestHost/17.8.0": { "dependencies": { "Microsoft.TestPlatform.ObjectModel": "17.8.0", - "Newtonsoft.Json": "13.0.1" + "Newtonsoft.Json": "13.0.3" }, "runtime": { "lib/netcoreapp3.1/Microsoft.TestPlatform.CommunicationUtilities.dll": { @@ -339,11 +340,11 @@ "System.Xml.XDocument": "4.3.0" } }, - "Newtonsoft.Json/13.0.1": { + "Newtonsoft.Json/13.0.3": { "runtime": { - "lib/netstandard2.0/Newtonsoft.Json.dll": { + "lib/net6.0/Newtonsoft.Json.dll": { "assemblyVersion": "13.0.0.0", - "fileVersion": "13.0.1.25517" + "fileVersion": "13.0.3.27908" } } }, @@ -1109,12 +1110,12 @@ "path": "netstandard.library/1.6.1", "hashPath": "netstandard.library.1.6.1.nupkg.sha512" }, - "Newtonsoft.Json/13.0.1": { + "Newtonsoft.Json/13.0.3": { "type": "package", "serviceable": true, - "sha512": "sha512-ppPFpBcvxdsfUonNcvITKqLl3bqxWbDCZIzDWHzjpdAHRFfZe0Dw9HmA0+za13IdyrgJwpkDTDA9fHaxOrt20A==", - "path": "newtonsoft.json/13.0.1", - "hashPath": "newtonsoft.json.13.0.1.nupkg.sha512" + "sha512": "sha512-HrC5BXdl00IP9zeV+0Z848QWPAoCr9P3bDEZguI+gkLcBKAOxix/tLEAAHC+UvDNPv4a2d18lOReHMOagPa+zQ==", + "path": "newtonsoft.json/13.0.3", + "hashPath": "newtonsoft.json.13.0.3.nupkg.sha512" }, "NuGet.Frameworks/6.5.0": { "type": "package", diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.dll b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.dll index be2fe99..9ad7253 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.dll and b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.dll differ diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.pdb b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.pdb index 60ef956..b8cb957 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.pdb and b/MyHelloWorld.Tests/bin/Debug/net8.0/MyHelloWorld.Tests.pdb differ diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/Newtonsoft.Json.dll b/MyHelloWorld.Tests/bin/Debug/net8.0/Newtonsoft.Json.dll index 1ffeabe..d035c38 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/Newtonsoft.Json.dll and b/MyHelloWorld.Tests/bin/Debug/net8.0/Newtonsoft.Json.dll differ diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.dll b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.dll index 96bcf8b..146b208 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.dll and b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.dll differ diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.exe b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.exe index b1b8135..002f654 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.exe and b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.exe differ diff --git a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.pdb b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.pdb index 1d425ce..df3bc96 100644 Binary files a/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.pdb and b/MyHelloWorld.Tests/bin/Debug/net8.0/SecDevOpsLab.pdb differ diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs index 99062d7..3bdb0f4 100644 --- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs +++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs @@ -13,7 +13,7 @@ using System.Reflection; [assembly: System.Reflection.AssemblyCompanyAttribute("MyHelloWorld.Tests")] [assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")] [assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")] -[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+2a2cda83516ce65663761989b33a809969a5a453")] +[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+47ea86224afdcca89c69895ee50e86576822c790")] [assembly: System.Reflection.AssemblyProductAttribute("MyHelloWorld.Tests")] [assembly: System.Reflection.AssemblyTitleAttribute("MyHelloWorld.Tests")] [assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")] diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache index 8f3ee4b..175d6bd 100644 --- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache +++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache @@ -1 +1 @@ -848ea101e6b9dce5b48f1bd51dc9674bd80f476562e7a438fd7f5aafc5724865 +cf62497c726616d92aa32f6c0bca226de923d9d8477e812572c01323b4d305c5 diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.AssemblyReference.cache b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.AssemblyReference.cache index 6ed17fb..3c479dd 100644 Binary files a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.AssemblyReference.cache and b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.AssemblyReference.cache differ diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.CoreCompileInputs.cache b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.CoreCompileInputs.cache index 082e617..15491dc 100644 --- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.CoreCompileInputs.cache +++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.CoreCompileInputs.cache @@ -1 +1 @@ -c5b18054f385823d2be37ebb0a1a6d0f531e14ffe9ac1374b0c8862827dbd306 +57cb4b9676f210c113acd3e711bdbd2aed56e014f9740547715fbec00148c8d5 diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.dll b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.dll index be2fe99..9ad7253 100644 Binary files a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.dll and b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.dll differ diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.genruntimeconfig.cache b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.genruntimeconfig.cache index 3861cd8..e4907e2 100644 --- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.genruntimeconfig.cache +++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.genruntimeconfig.cache @@ -1 +1 @@ -663fefc1a27a2bfb43fa913207cd1c4487b91b6320189bfb2cd6d51a2154885f +26463ae7c847c9643dd32d4ee2707e884d6df2af1738d0d5c4e1bc249ec75629 diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.pdb b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.pdb index 60ef956..b8cb957 100644 Binary files a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.pdb and b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.pdb differ diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/ref/MyHelloWorld.Tests.dll b/MyHelloWorld.Tests/obj/Debug/net8.0/ref/MyHelloWorld.Tests.dll index 21ecec6..f759b52 100644 Binary files a/MyHelloWorld.Tests/obj/Debug/net8.0/ref/MyHelloWorld.Tests.dll and b/MyHelloWorld.Tests/obj/Debug/net8.0/ref/MyHelloWorld.Tests.dll differ diff --git a/MyHelloWorld.Tests/obj/Debug/net8.0/refint/MyHelloWorld.Tests.dll b/MyHelloWorld.Tests/obj/Debug/net8.0/refint/MyHelloWorld.Tests.dll index 21ecec6..f759b52 100644 Binary files a/MyHelloWorld.Tests/obj/Debug/net8.0/refint/MyHelloWorld.Tests.dll and b/MyHelloWorld.Tests/obj/Debug/net8.0/refint/MyHelloWorld.Tests.dll differ diff --git a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.dll b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.dll index 96bcf8b..146b208 100644 Binary files a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.dll and b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.dll differ diff --git a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.exe b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.exe index b1b8135..002f654 100644 Binary files a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.exe and b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.exe differ diff --git a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.pdb b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.pdb index 1d425ce..df3bc96 100644 Binary files a/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.pdb and b/MyHelloWorld/bin/Debug/net8.0/SecDevOpsLab.pdb differ diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfo.cs b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfo.cs index 38492ca..35853aa 100644 --- a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfo.cs +++ b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfo.cs @@ -13,7 +13,7 @@ using System.Reflection; [assembly: System.Reflection.AssemblyCompanyAttribute("SecDevOpsLab")] [assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")] [assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")] -[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+848e51c5555bb6073abd5ea3c0d9542490da8a0b")] +[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+47ea86224afdcca89c69895ee50e86576822c790")] [assembly: System.Reflection.AssemblyProductAttribute("SecDevOpsLab")] [assembly: System.Reflection.AssemblyTitleAttribute("SecDevOpsLab")] [assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")] diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfoInputs.cache b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfoInputs.cache index d8e7743..b42c78f 100644 --- a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfoInputs.cache +++ b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.AssemblyInfoInputs.cache @@ -1 +1 @@ -140b48efb50b7894d1dcb0441e1dc7dd9676a8d37094d9287d21002bea60c215 +0263a9496fc94fde1179073b83b16a639ba1fa4b7ab3c21cbde0cfecf80daecc diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.GeneratedMSBuildEditorConfig.editorconfig b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.GeneratedMSBuildEditorConfig.editorconfig index 1dfedd7..adebeb6 100644 --- a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.GeneratedMSBuildEditorConfig.editorconfig +++ b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.GeneratedMSBuildEditorConfig.editorconfig @@ -8,6 +8,6 @@ build_property.PlatformNeutralAssembly = build_property.EnforceExtendedAnalyzerRules = build_property._SupportedPlatformList = Linux,macOS,Windows build_property.RootNamespace = SecDevOpsLab -build_property.ProjectDir = c:\Users\HermanH\SecDevOpsLab\MyHelloWorld\ +build_property.ProjectDir = C:\Users\HermanH\SecDevOpsLab\MyHelloWorld\ build_property.EnableComHosting = build_property.EnableGeneratedComInterfaceComImportInterop = diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.assets.cache b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.assets.cache index 6208c9e..6242d14 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.assets.cache and b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.assets.cache differ diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.dll b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.dll index 96bcf8b..146b208 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.dll and b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.dll differ diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.genruntimeconfig.cache b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.genruntimeconfig.cache index e725073..efa8785 100644 --- a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.genruntimeconfig.cache +++ b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.genruntimeconfig.cache @@ -1 +1 @@ -926145697d59c66226a21e736a827372d54ed4f75715c3db1a65b25131637a48 +125282d0cf117b8c3b0068b0868f8969c375dd98b549c1b4f80bf79c1f9cca80 diff --git a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.pdb b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.pdb index 1d425ce..df3bc96 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.pdb and b/MyHelloWorld/obj/Debug/net8.0/SecDevOpsLab.pdb differ diff --git a/MyHelloWorld/obj/Debug/net8.0/apphost.exe b/MyHelloWorld/obj/Debug/net8.0/apphost.exe index b1b8135..002f654 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/apphost.exe and b/MyHelloWorld/obj/Debug/net8.0/apphost.exe differ diff --git a/MyHelloWorld/obj/Debug/net8.0/ref/SecDevOpsLab.dll b/MyHelloWorld/obj/Debug/net8.0/ref/SecDevOpsLab.dll index 1126819..d7840cf 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/ref/SecDevOpsLab.dll and b/MyHelloWorld/obj/Debug/net8.0/ref/SecDevOpsLab.dll differ diff --git a/MyHelloWorld/obj/Debug/net8.0/refint/SecDevOpsLab.dll b/MyHelloWorld/obj/Debug/net8.0/refint/SecDevOpsLab.dll index 1126819..d7840cf 100644 Binary files a/MyHelloWorld/obj/Debug/net8.0/refint/SecDevOpsLab.dll and b/MyHelloWorld/obj/Debug/net8.0/refint/SecDevOpsLab.dll differ