From bb43e750d2bba2c3ce4b543dd954c9c362b480a1 Mon Sep 17 00:00:00 2001
From: Jose Raul Barreras <barreras@unl.edu>
Date: Fri, 21 Sep 2018 13:28:45 -0500
Subject: [PATCH] add Tenable support

---
 .gitlab-ci.yml | 17 +++++++++++++----
 Makefile       | 13 ++++++++++++-
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 051d0d4..048f3f5 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,22 +2,23 @@ stages:
   - verify
   - build
   - test
+  - security
 
-Check Makefile:
+.Check Makefile:
   stage: verify
   tags:
     - linux, dockerd
   script:
     - docker run --rm -v "${PWD}:/work" -w /work mandrean/checkmake ./Makefile
 
-Lint and Validate dockerfiles:
+.Lint and Validate dockerfiles:
   stage: verify
   tags:
     - linux, dockerd
   script:
     - make test
 
-Make All Images:
+.Make All Images:
   stage: build
   image: projectatomic/dockerfile-lint
   tags:
@@ -25,9 +26,17 @@ Make All Images:
   script:
     - make 
     
-test:
+.test:
   stage: test
   tags:
     - dockerd
   script: 
     - docker run --rm unl-its/static-code-analysis sonar-scanner -v
+
+Push to Tenable:
+  stage: security
+  tags:
+    - linux, dockerd
+  script:
+    - make security
+
diff --git a/Makefile b/Makefile
index dec5bb7..6fa3a88 100644
--- a/Makefile
+++ b/Makefile
@@ -19,7 +19,7 @@ GIT_COMMIT = $(strip $(shell git rev-parse --short HEAD))
 ####################
 BUILD_ARGS := --build-arg VCS_REF=$(GIT_COMMIT)
 
-.PHONY: all clean test $(DOCKERFILES) clean_images $(IMAGES_TO_CLEAN) static-code-analysis delete_dangling_images
+.PHONY: all clean test $(DOCKERFILES) clean_images $(IMAGES_TO_CLEAN) static-code-analysis delete_dangling_images security
 
 all: \
 	php-lint_5.6 php-lint_7.0 php-lint_7.1 php-lint_7.2 php-lint_latest \
@@ -74,6 +74,16 @@ $(IMAGES_TO_CLEAN):
 	@echo "Uninstalling $@"
 	@docker rmi $(shell docker  images --format '{{.Repository}}:{{.Tag}}'  --filter reference=$@)
 
+IMAGES_TO_SCAN = $(shell docker images --format '{{.Repository}}:{{.Tag}}' | grep unl-its )
+security:
+	docker login -u ${TENABLE_IO_ACCESS_KEY} -p ${TENABLE_IO_SECRET_KEY} registry.cloud.tenable.com
+	@for image in $(IMAGES_TO_SCAN); do \
+		tenable_name=`echo $$image | cut -d "/" -f 2`; \
+		echo "$$image ---> $$tenable_name"; \
+		docker tag $$image registry.cloud.tenable.com/$$tenable_name; \
+		docker push registry.cloud.tenable.com/$$tenable_name; \
+	done
+
 delete_dangling_images:
 	@echo "Removing dangling images"
 	@docker image prune -f
@@ -85,3 +95,4 @@ help:
 debug:
 	@echo -e "DOCKERFILES: \t $(DOCKERFILES)"
 	@echo -e "IMAGES_TO_CLEAN:\t $(IMAGES_TO_CLEAN)"
+	@echo -e "IMAGES_TO_SCAN:\t $(IMAGES_TO_SCAN)"
-- 
GitLab