diff --git a/development/WebGoat-GHAzDo-starter-pipeline.yml b/development/WebGoat-GHAzDo-starter-pipeline.yml index 269326d..a03514f 100644 --- a/development/WebGoat-GHAzDo-starter-pipeline.yml +++ b/development/WebGoat-GHAzDo-starter-pipeline.yml @@ -112,7 +112,7 @@ steps: # For polyglot codebases, multiple languages can be specified in a comma-separated # list, such as: 'csharp, javascript, ruby' # https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/ - languages: 'csharp' + languages: 'csharp, javascript' # In Code Scanning, Query Suites are packages of queries (scanning rules) that configure the types of # security and quality inspections that will be run against your application's codebase. # diff --git a/make.ps1 b/make.ps1 index 5a5e9f3..ceab231 100644 --- a/make.ps1 +++ b/make.ps1 @@ -10,7 +10,10 @@ $projectName = "GHAzDo%20Internal%20Bootcamp" $apiVersion = "api-version=7.1" $apiVersionAdvSec = "api-version=7.1-preview.1" $sourceRepo = "https://github.com/rajbos/WebGoat.NETCore.git" +$sourceRepo2 = "https://xpirit@dev.azure.com/xpirit/TailWindTraders/_git/TailwindTraders-Website" + $tempFolder = "$($env:TEMP)\ghazdo-WebGoatSource" +$tempFolder2 = "$($env:TEMP)\ghazdo-TailwindSource" function Get-Project { param ( @@ -55,7 +58,8 @@ function New-Repository { ( [object] $project, [string] $repoName, - [string] $AccessToken + [string] $AccessToken, + [string] $tempFolder ) $repoURL = "$baseurl/$($project.Name)/_apis/git/repositories?$apiVersion" @@ -74,7 +78,7 @@ function New-Repository { # get the git url for this new repo $gitUrl = $repo.remoteUrl - PushLocalRepoToRemote -gitUrl $gitUrl -repoName $repoName + PushLocalRepoToRemote -gitUrl $gitUrl -repoName $repoName -tempFolder $tempFolder # enable GHAzDo on this repo Update-GHAzDoSettings -teamProject $project.name -repoName $repoName -AccessToken $AccessToken -repoId $repo.id -projectId $project.id @@ -107,6 +111,10 @@ function Get-Repository } function GetSourceRepo { + param ( + [string] $sourceRepo, + [string] $tempFolder + ) # create a temp folder locally if it does not exists if (!(Test-Path $tempFolder)) { New-Item -ItemType Directory -Path $tempFolder @@ -114,9 +122,15 @@ function GetSourceRepo { # git clone the repo from $sourceRepo git clone $sourceRepo $tempFolder + $subfolder = ".azure-devops" + if (!(Test-Path "$tempFolder/$($subfolder)")) { + New-Item -ItemType Directory -Path "$tempFolder\$($subfolder)" | Out-Null + } + # overwrite the file in the .azure-devops/build.yml with the content from /development/WebGoat-GHAzDo-starter-pipeline.yml file - Copy-Item -Path $PSScriptRoot\development\WebGoat-GHAzDo-starter-pipeline.yml -Destination $tempFolder\.azure-devops\build.yml -Force + Copy-Item -Path $PSScriptRoot\development\WebGoat-GHAzDo-starter-pipeline.yml -Destination $tempFolder\$subfolder\build.yml -Force git status + git add .\.azure-devops\ git add .\.azure-devops\build.yml git commit -m "Updated build.yml" } @@ -125,7 +139,8 @@ function GetSourceRepo { function PushLocalRepoToRemote { param ( [string] $repoName, - [string] $gitUrl + [string] $gitUrl, + [string] $tempFolder ) Write-Host "Pushing repo contents to remote" @@ -163,27 +178,39 @@ function New-BuildDefinition { name = "$repoName Build" } - $json = (ConvertTo-Json $body) - $response = Invoke-RestMethod -Uri $url -Headers @{Authorization = $AccessToken} -ContentType "application/json" -Method Post -Body $json - - Write-Host "Created build definition [$($response.name)]" - $pipelineId = $response.id - - # trigger the pipeline to run - $url = "$baseurl/$teamProject/_apis/pipelines/$pipelineId/runs?$apiVersion" - $triggerBody = @{ - resources = @{ - repositories= @{ - self = @{ - refName = "refs/heads/main" + try + { + $json = (ConvertTo-Json $body) + $response = Invoke-RestMethod -Uri $url -Headers @{Authorization = $AccessToken} -ContentType "application/json" -Method Post -Body $json + + Write-Host "Created build definition [$($response.name)]" + $pipelineId = $response.id + + # trigger the pipeline to run + $url = "$baseurl/$teamProject/_apis/pipelines/$pipelineId/runs?$apiVersion" + $triggerBody = @{ + resources = @{ + repositories= @{ + self = @{ + refName = "refs/heads/main" + } + } } } - } - } - $json = (ConvertTo-Json $triggerBody -Depth 10) - $response = Invoke-RestMethod -Uri $url -Headers @{Authorization = $AccessToken} -ContentType "application/json" -Method Post -Body $json + $json = (ConvertTo-Json $triggerBody -Depth 10) + $response = Invoke-RestMethod -Uri $url -Headers @{Authorization = $AccessToken} -ContentType "application/json" -Method Post -Body $json - Write-Host "Triggered build definition [$($response.name)]" + Write-Host "Triggered build definition [$($response.name)]" + } + catch { + if ($_.Exception.Message -like "*already exists*") { + Write-Debug "Build definition [$($response.name)] already exists" + } + else { + Write-Host "Error creating build definition [$($response.name)]" + Write-Host $_.Exception.Message + } + } } function New-VSTSAuthenticationToken { @@ -244,12 +271,14 @@ if ("provision" -eq $command) { exit } - GetSourceRepo + # choose what the source repo will be + GetSourceRepo -sourceRepo $sourceRepo -tempFolder $tempFolder # the AutoBuild for tailwindtraders fails :-() + #GetSourceRepo -sourceRepo $sourceRepo2 -tempFolder $tempFolder2 $AccessToken = New-VSTSAuthenticationToken -PersonalAccessToken $env:AZURE_DEVOPS_CREATE_PAT $project = Get-Project -teamProject $projectName -AccessToken $AccessToken $createdCount = 0 - $maxCount = 15 + $maxCount = 1 while ($createdCount -lt $maxCount) { # create a random list of generated repo names starting with "ghazdo" $repoName = "ghazdo-$((Get-Random -Minimum 1000 -Maximum 9999).ToString())" @@ -267,7 +296,7 @@ if ("provision" -eq $command) { } # create a new repo - $repo = New-Repository -AccessToken $AccessToken -repoName $repoName -project $project + $repo = New-Repository -AccessToken $AccessToken -repoName $repoName -project $project -tempFolder $tempFolder if ($null -ne $repo) { $createdCount++ Write-Host "Created repo $createdCount/$maxCount [$($repo.name)]"