added trivy scanning

2026-05-05 14:05:39 +02:00
parent cf992d544c
commit d00ad9cddc
10 changed files with 43 additions and 28 deletions
--- a/15
+++ b/15
@@ -12,6 +12,11 @@ pipeline {
                    command:
                    - cat
                    tty: true
+                  - name: trivy
+                    image: aquasec/trivy:latest
+                    command:
+                    - cat
+                    tty: true    
                '''
        }
    }
@@ -35,6 +40,16 @@ pipeline {
 			}	
 		}

+        stage('Security: Trivy Scan') {
+            steps {
+                container('trivy') {
+                    // Scannt das Dateisystem auf Schwachstellen (NuGet) und Secrets
+                    // --exit-code 1 lässt die Pipeline bei kritischen Fehlern abbrechen
+                    sh 'trivy fs --exit-code 1 --severity HIGH,CRITICAL .'
+                }
+            }
+        }
+		
 		stage('Unit Tests') {
            steps {
                container('dotnet8') {
--- a/MyHelloWorld.Tests/bin/Debug/net8.0/CoverletSourceRootsMapping_MyHelloWorld.Tests
+++ b/MyHelloWorld.Tests/bin/Debug/net8.0/CoverletSourceRootsMapping_MyHelloWorld.Tests
--- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs
+++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs
@@ -13,7 +13,7 @@ using System.Reflection;
 [assembly: System.Reflection.AssemblyCompanyAttribute("MyHelloWorld.Tests")]
 [assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")]
 [assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")]
-[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+848e51c5555bb6073abd5ea3c0d9542490da8a0b")]
+[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+cf992d544c838206c483289f3baa0c85552f7539")]
 [assembly: System.Reflection.AssemblyProductAttribute("MyHelloWorld.Tests")]
 [assembly: System.Reflection.AssemblyTitleAttribute("MyHelloWorld.Tests")]
 [assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")]
--- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache
+++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache
@@ -1 +1 @@
-43aaa2e5ce5666864645ad9941baede5657c25b7a1005f7aa3f39204eb00354d
+cd7cd6d89224ce4f2141ef3b9a0e34a6e8261f98f03df22fedfa5203ecf39536
--- a/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.GeneratedMSBuildEditorConfig.editorconfig
+++ b/MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.GeneratedMSBuildEditorConfig.editorconfig
@@ -8,6 +8,6 @@ build_property.PlatformNeutralAssembly =
 build_property.EnforceExtendedAnalyzerRules = 
 build_property._SupportedPlatformList = Linux,macOS,Windows
 build_property.RootNamespace = MyHelloWorld.Tests
-build_property.ProjectDir = c:\Users\HermanH\SecDevOpsLab\MyHelloWorld.Tests\
+build_property.ProjectDir = C:\Users\HermanH\SecDevOpsLab\MyHelloWorld.Tests\
 build_property.EnableComHosting = 
 build_property.EnableGeneratedComInterfaceComImportInterop = 
--- a/MyHelloWorld.Tests/obj/MyHelloWorld.Tests.csproj.nuget.dgspec.json
+++ b/MyHelloWorld.Tests/obj/MyHelloWorld.Tests.csproj.nuget.dgspec.json
@@ -1,17 +1,17 @@
 {
  "format": 1,
  "restore": {
-    "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj": {}
+    "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj": {}
  },
  "projects": {
-    "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj": {
+    "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj": {
      "version": "1.0.0",
      "restore": {
-        "projectUniqueName": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
+        "projectUniqueName": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
        "projectName": "MyHelloWorld.Tests",
-        "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
+        "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
        "packagesPath": "C:\\Users\\HermanH\\.nuget\\packages\\",
-        "outputPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\obj\\",
+        "outputPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\obj\\",
        "projectStyle": "PackageReference",
        "configFilePaths": [
          "C:\\Users\\HermanH\\AppData\\Roaming\\NuGet\\NuGet.Config"
@@ -26,8 +26,8 @@
          "net8.0": {
            "targetAlias": "net8.0",
            "projectReferences": {
-              "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
-                "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj"
+              "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
+                "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj"
              }
            }
          }
@@ -88,14 +88,14 @@
        }
      }
    },
-    "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
+    "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
      "version": "1.0.0",
      "restore": {
-        "projectUniqueName": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
+        "projectUniqueName": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
        "projectName": "SecDevOpsLab",
-        "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
+        "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
        "packagesPath": "C:\\Users\\HermanH\\.nuget\\packages\\",
-        "outputPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\obj\\",
+        "outputPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\obj\\",
        "projectStyle": "PackageReference",
        "configFilePaths": [
          "C:\\Users\\HermanH\\AppData\\Roaming\\NuGet\\NuGet.Config"
--- a/MyHelloWorld.Tests/obj/project.assets.json
+++ b/MyHelloWorld.Tests/obj/project.assets.json
@@ -5553,11 +5553,11 @@
  "project": {
    "version": "1.0.0",
    "restore": {
-      "projectUniqueName": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
+      "projectUniqueName": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
      "projectName": "MyHelloWorld.Tests",
-      "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
+      "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
      "packagesPath": "C:\\Users\\HermanH\\.nuget\\packages\\",
-      "outputPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\obj\\",
+      "outputPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\obj\\",
      "projectStyle": "PackageReference",
      "configFilePaths": [
        "C:\\Users\\HermanH\\AppData\\Roaming\\NuGet\\NuGet.Config"
@@ -5572,8 +5572,8 @@
        "net8.0": {
          "targetAlias": "net8.0",
          "projectReferences": {
-            "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
-              "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj"
+            "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
+              "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj"
            }
          }
        }
--- a/MyHelloWorld.Tests/obj/project.nuget.cache
+++ b/MyHelloWorld.Tests/obj/project.nuget.cache
@@ -1,8 +1,8 @@
 {
  "version": 2,
-  "dgSpecHash": "kD04QkFSt4E=",
+  "dgSpecHash": "cMCqBPi36D8=",
  "success": true,
-  "projectFilePath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
+  "projectFilePath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
  "expectedPackageFiles": [
    "C:\\Users\\HermanH\\.nuget\\packages\\coverlet.collector\\6.0.0\\coverlet.collector.6.0.0.nupkg.sha512",
    "C:\\Users\\HermanH\\.nuget\\packages\\junitxml.testlogger\\8.0.0\\junitxml.testlogger.8.0.0.nupkg.sha512",
--- a/MyHelloWorld/obj/SecDevOpsLab.csproj.nuget.dgspec.json
+++ b/MyHelloWorld/obj/SecDevOpsLab.csproj.nuget.dgspec.json
@@ -1,17 +1,17 @@
 {
  "format": 1,
  "restore": {
-    "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {}
+    "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {}
  },
  "projects": {
-    "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
+    "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj": {
      "version": "1.0.0",
      "restore": {
-        "projectUniqueName": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
+        "projectUniqueName": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
        "projectName": "SecDevOpsLab",
-        "projectPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
+        "projectPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
        "packagesPath": "C:\\Users\\HermanH\\.nuget\\packages\\",
-        "outputPath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\obj\\",
+        "outputPath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\obj\\",
        "projectStyle": "PackageReference",
        "configFilePaths": [
          "C:\\Users\\HermanH\\AppData\\Roaming\\NuGet\\NuGet.Config"
--- a/MyHelloWorld/obj/project.nuget.cache
+++ b/MyHelloWorld/obj/project.nuget.cache
@@ -1,8 +1,8 @@
 {
  "version": 2,
-  "dgSpecHash": "uoyT75+QbkQ=",
+  "dgSpecHash": "WtqJwqDQoLM=",
  "success": true,
-  "projectFilePath": "c:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
+  "projectFilePath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld\\SecDevOpsLab.csproj",
  "expectedPackageFiles": [],
  "logs": []
 }