chore(woodpecker): simplify audit file handling
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
- Removed redundant `/tmp/` paths for audit result and output files. - Ensured consistent file access in vulnerability checks and Discord notifications. - Added workspace file listing for better debugging in case of missing audit results.
This commit is contained in:
@ -3,8 +3,8 @@ steps:
|
||||
image: node:20
|
||||
commands:
|
||||
- npm install --package-lock-only
|
||||
- npm audit --audit-level=moderate --json > /tmp/audit-result.json 2>&1 || echo "Audit completed"
|
||||
- npm audit --audit-level=moderate > /tmp/audit-output.txt 2>&1 || echo "Audit completed"
|
||||
- npm audit --audit-level=moderate --json > audit-result.json 2>&1 || echo "Audit completed"
|
||||
- npm audit --audit-level=moderate > audit-output.txt 2>&1 || echo "Audit completed"
|
||||
when:
|
||||
- branch: main
|
||||
event: push
|
||||
@ -17,12 +17,12 @@ steps:
|
||||
commands:
|
||||
- apk add --no-cache curl jq
|
||||
- |
|
||||
if [ -f /tmp/audit-result.json ]; then
|
||||
TOTAL=$(jq -r '.metadata.vulnerabilities.total // 0' /tmp/audit-result.json 2>/dev/null || echo "0")
|
||||
CRITICAL=$(jq -r '.metadata.vulnerabilities.critical // 0' /tmp/audit-result.json 2>/dev/null || echo "0")
|
||||
HIGH=$(jq -r '.metadata.vulnerabilities.high // 0' /tmp/audit-result.json 2>/dev/null || echo "0")
|
||||
MODERATE=$(jq -r '.metadata.vulnerabilities.moderate // 0' /tmp/audit-result.json 2>/dev/null || echo "0")
|
||||
LOW=$(jq -r '.metadata.vulnerabilities.low // 0' /tmp/audit-result.json 2>/dev/null || echo "0")
|
||||
if [ -f audit-result.json ]; then
|
||||
TOTAL=$(jq -r '.metadata.vulnerabilities.total // 0' audit-result.json 2>/dev/null || echo "0")
|
||||
CRITICAL=$(jq -r '.metadata.vulnerabilities.critical // 0' audit-result.json 2>/dev/null || echo "0")
|
||||
HIGH=$(jq -r '.metadata.vulnerabilities.high // 0' audit-result.json 2>/dev/null || echo "0")
|
||||
MODERATE=$(jq -r '.metadata.vulnerabilities.moderate // 0' audit-result.json 2>/dev/null || echo "0")
|
||||
LOW=$(jq -r '.metadata.vulnerabilities.low // 0' audit-result.json 2>/dev/null || echo "0")
|
||||
|
||||
if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ] || [ "$MODERATE" -gt 0 ]; then
|
||||
COLOR=16744448
|
||||
@ -32,8 +32,8 @@ steps:
|
||||
STATUS="✅ No Vulnerabilities"
|
||||
fi
|
||||
|
||||
if [ -f /tmp/audit-output.txt ]; then
|
||||
VULNS=$(head -50 /tmp/audit-output.txt | tail -40 || echo "No details")
|
||||
if [ -f audit-output.txt ]; then
|
||||
VULNS=$(head -50 audit-output.txt | tail -40 || echo "No details")
|
||||
else
|
||||
VULNS="No audit output available"
|
||||
fi
|
||||
@ -73,7 +73,8 @@ steps:
|
||||
curl -H "Content-Type: application/json" -X POST \
|
||||
-d "$PAYLOAD" "$DISCORD_WEBHOOK"
|
||||
else
|
||||
echo "No audit results found"
|
||||
echo "No audit results found - listing workspace files:"
|
||||
ls -la
|
||||
fi
|
||||
when:
|
||||
- branch: main
|
||||
|
||||
Reference in New Issue
Block a user