diff --git a/jenkins/vulnerability-scan/whitesource-scan.jenkinsfile b/jenkins/vulnerability-scan/whitesource-scan.jenkinsfile index dae99bae92..d1be640a6b 100644 --- a/jenkins/vulnerability-scan/whitesource-scan.jenkinsfile +++ b/jenkins/vulnerability-scan/whitesource-scan.jenkinsfile @@ -1,7 +1,7 @@ pipeline { agent none options { - timeout(time: 5, unit: 'HOURS') + timeout(time: 7, unit: 'HOURS') } triggers { cron('H 3 * * *') diff --git a/tools/vulnerability-scan/wss-scan.config b/tools/vulnerability-scan/wss-scan.config index b2b5a81c2a..bbd06fb495 100644 --- a/tools/vulnerability-scan/wss-scan.config +++ b/tools/vulnerability-scan/wss-scan.config @@ -1,3 +1,3 @@ baseDirPath=$(pwd) gitBasePath=https://github.com/opensearch-project/ -gitRepos=OpenSearch,OpenSearch-Dashboards,alerting,alerting-dashboards-plugin,anomaly-detection,anomaly-detection-dashboards-plugin,asynchronous-search,common-utils,cross-cluster-replication,dashboards-reports,dashboards-visualizations,data-prepper,index-management,index-management-dashboards-plugin,job-scheduler,k-NN,opensearch-java,opensearch-js,opensearch-py,opensearch-dsl-py,performance-analyzer,performance-analyzer-rca,perftop,security,security-dashboards-plugin,sql,observability,opensearch-build +gitRepos=OpenSearch,OpenSearch-Dashboards,alerting,alerting-dashboards-plugin,anomaly-detection,anomaly-detection-dashboards-plugin,asynchronous-search,common-utils,cross-cluster-replication,dashboards-reports,dashboards-visualizations,data-prepper,index-management,index-management-dashboards-plugin,job-scheduler,k-NN,opensearch-java,opensearch-js,opensearch-py,opensearch-dsl-py,performance-analyzer,performance-analyzer-rca,perftop,security,security-dashboards-plugin,sql,observability,opensearch-build,ml-commons,notifications diff --git a/tools/vulnerability-scan/wss-scan.sh b/tools/vulnerability-scan/wss-scan.sh index fcf76b9cab..24f6d27d31 100755 --- a/tools/vulnerability-scan/wss-scan.sh +++ b/tools/vulnerability-scan/wss-scan.sh @@ -33,7 +33,7 @@ java -version; gradle -v; mvn -v; node -v; npm -v; yarn -v if [ ! -f "wss-unified-agent.jar" ] then # Download the WhiteSource Agent - curl https://unified-agent.s3.amazonaws.com/wss-unified-agent-21.11.2.1.jar --output wss-unified-agent.jar + curl https://unified-agent.s3.amazonaws.com/wss-unified-agent-22.3.3.jar --output wss-unified-agent.jar fi # scan the config file for the user configurations @@ -60,8 +60,8 @@ do echo "Cloning repo "$gitBasePath$repo if [ ${repo} == "OpenSearch" ] then - echo "Cloning "$repo" at branch 1.x" - git clone -b 1.x "$gitBasePath$repo".git ${basepath}/${repo} + echo "Cloning "$repo" at branch 2.x" + git clone -b 2.x "$gitBasePath$repo".git ${basepath}/${repo} # /qa/ in OpenSearch repo contains all files related to the previous version of ODFE. # WhiteSource will attept to download them and take hours to build or timeout error. # Remove /qa/ because it's irrelevant to OpenSearch. @@ -73,7 +73,8 @@ do done echo -n > info.txt -target='OpenSearch' +target_main='OpenSearch' +target_1_3='OpenSearch_1_3' # scan the Repos using the WhiteSource Unified Agent for repo in $gitRepos @@ -103,7 +104,9 @@ do echo "build.gradle for $repo not exist, either dashboards repo or missing necessary files" fi fi - java -jar $baseDirPath/wss-unified-agent.jar -c $baseDirPath/wss-unified-agent.config -d $repo_path -apiKey $wss_apikey -product "$target" -project $repo + java -jar $baseDirPath/wss-unified-agent.jar -c $baseDirPath/wss-unified-agent.config -d $repo_path -apiKey $wss_apikey -product "$target_main" -project $repo + cd $repo_path && git checkout 1.3 && cd - + java -jar $baseDirPath/wss-unified-agent.jar -c $baseDirPath/wss-unified-agent.config -d $repo_path -apiKey $wss_apikey -product "$target_1_3" -project $repo cd $baseDirPath && pwd else echo "Scanning failed for repo: "$gitBasePath$repo " Project: " $repo