From 91ea0bfc4a0ccbc3f605d92202e510fa7d101c95 Mon Sep 17 00:00:00 2001
From: Jose Raul Barreras <barreras@unl.edu>
Date: Fri, 20 Sep 2019 09:15:46 -0500
Subject: [PATCH] refactor dependency-check

---
 README.md                             |  2 +-
 dependency-check/Dockerfile           |  6 ++---
 dependency-check/docker-entrypoint.sh | 32 +++------------------------
 dependency-check/entrypoint.sh        | 21 ------------------
 4 files changed, 7 insertions(+), 54 deletions(-)
 delete mode 100644 dependency-check/entrypoint.sh

diff --git a/README.md b/README.md
index 33fb738..f839051 100644
--- a/README.md
+++ b/README.md
@@ -25,4 +25,4 @@ This file is automatically updated after execute `git commit` based on the conte
 - its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:android
 - its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:latest
 - its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:php
-- its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:python \n    \n\n\r_Last update: Thu Sep 19 16:28:10 CDT 2019_\n
+- its-registry.unl.edu/unl-its/docker-ci/static-code-analysis:python \n    \n\n\r_Last update: Fri Sep 20 09:15:46 CDT 2019_\n
diff --git a/dependency-check/Dockerfile b/dependency-check/Dockerfile
index f2e77c8..eff4386 100644
--- a/dependency-check/Dockerfile
+++ b/dependency-check/Dockerfile
@@ -17,7 +17,7 @@ ENV DEPENDENCY_CHECK_VERSION 5.2.1-release
 
 WORKDIR /opt
 
-RUN apk add --no-cache curl jq su-exec && \
+RUN apk add --no-cache curl jq su-exec bash && \
     curl --insecure -o ./dependency-check.zip -L https://dl.bintray.com/jeremy-long/owasp/dependency-check-${DEPENDENCY_CHECK_VERSION}.zip  && \
     unzip dependency-check.zip  && \
     rm dependency-check.zip && \
@@ -31,6 +31,6 @@ WORKDIR /work
 
 COPY docker-entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/docker-entrypoint.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 
-CMD ["/bin/sh"]
+CMD ["/bin/bash"]
diff --git a/dependency-check/docker-entrypoint.sh b/dependency-check/docker-entrypoint.sh
index 01a5735..14aea3c 100644
--- a/dependency-check/docker-entrypoint.sh
+++ b/dependency-check/docker-entrypoint.sh
@@ -1,34 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 set -e
 
-if [ "${1#-}" != "$1" ]; then
-  echo "OK"
-  set -- dependency-check "$@"
-fi
+USER_ID=${LOCAL_USER_ID:-9001}
 
-exec "$@"
+su-exec user "$@"
 
 
-#VERSION=0.1
-
-#echo ${VERSION}
-
-#if [ $1 == '-v' ]; then
-#  dependency-check.sh -v
-#  exit 0
-#fi
-
-#DEPENDENCY_CHECK_OUT_DIR=${DEPENDENCY_CHECK_OUT_DIR-"`pwd`/dependency-check-report/"}
-#SRC_DIR=${SRC_DIR-"./"}
-
-#mkdir -p ${DEPENDENCY_CHECK_OUT_DIR}
-#dependency-check.sh --format ALL -s ${SRC_DIR} --out ${DEPENDENCY_CHECK_OUT_DIR} --project ${CI_PROJECT_NAMESPACE} -n
-
-#cat ${DEPENDENCY_CHECK_OUT_DIR}/dependency-check-report.json | jq '.dependencies | .[] | select (.vulnerabilities) | [.fileName, .filePath, .vulnerabilities]' | sed -e "s/\"\/work\///g"
-#RESULT=`cat ${DEPENDENCY_CHECK_OUT_DIR}/dependency-check-report.json | jq '.dependencies | .[] | select (.vulnerabilities) | [.fileName, .filePath, .vulnerabilities] | length == 0' | sed -e "s/\"\/work\///g"`
-
-#if [ "${RESULT}" = "" ]; then
-#  exit 0
-#else
-#  exit 1
-#fi
diff --git a/dependency-check/entrypoint.sh b/dependency-check/entrypoint.sh
deleted file mode 100644
index 28b3652..0000000
--- a/dependency-check/entrypoint.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ $1 == '-v' ]; then
-	dependency-check.sh -v
-	exit 0
-fi
-
-DEPENDENCY_CHECK_OUT_DIR=${DEPENDENCY_CHECK_OUT_DIR-"`pwd`/dependency-check-report/"}
-
-mkdir -p ${DEPENDENCY_CHECK_OUT_DIR}
-dependency-check.sh --format ALL -s ./ --out ${DEPENDENCY_CHECK_OUT_DIR} --project ${CI_PROJECT_NAMESPACE} -n
-
-cat ${DEPENDENCY_CHECK_OUT_DIR}/dependency-check-report.json | jq '.dependencies | .[] | select (.vulnerabilities) | [.fileName, .filePath, .vulnerabilities]' | sed -e "s/\"\/work\///g"
-RESULT=`cat ${DEPENDENCY_CHECK_OUT_DIR}/dependency-check-report.json | jq '.dependencies | .[] | select (.vulnerabilities) | [.fileName, .filePath, .vulnerabilities] | length == 0' | sed -e "s/\"\/work\///g"`
-
-if [ "${RESULT}" = "" ]; then
-	exit 0
-else
-    exit 1
-fi
-- 
GitLab