feat: cache NVD Database in 4 hour segments

Ensono · Jul 19, 2024 · e01fabb · e01fabb
1 parent e0d344d
commit e01fabb
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 3 deletions.
diff --git a/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml b/build/azDevOps/azure/azure-pipelines-javaspring-k8s.yml
@@ -320,7 +320,7 @@ stages:
               functional_test_project_type: "${{ variables.functional_test_project_type }}"
 
           - bash: |
-              echo "Setting variable 'BUILD_ATTEMPT_NUMBER' with value '$(System.JobAttempt)"
+              echo "Setting variable 'BUILD_ATTEMPT_NUMBER' with value '$(System.JobAttempt)'"
               echo "##vso[task.setvariable variable=BUILD_ATTEMPT_NUMBER;isOutput=true]$(System.JobAttempt)"
             name: build_attempt_number
             displayName: "Output: Set Job Attempt Output Variable"
@@ -341,7 +341,7 @@ stages:
       - name: Environment.ShortName
         value: dev
       - name: BUILD_ATTEMPT_NUMBER
-        value: "$[ dependencies.Build.ApiBuild.outputs['build_attempt_number.BUILD_ATTEMPT_NUMBER'] ]"
+        value: "$[ stageDependencies.Build.ApiBuild.outputs['build_attempt_number.BUILD_ATTEMPT_NUMBER'] ]"
     jobs:
       - deployment: AppInfraDev
         container: terraform_custom
@@ -568,7 +568,7 @@ stages:
       - name: Environment.ShortName
         value: prod
       - name: BUILD_ATTEMPT_NUMBER
-        value: "$[ dependencies.Build.ApiBuild.outputs['build_attempt_number.BUILT_ATTEMPT_NUMBER'] ]"
+        value: "$[ stageDependencies.Build.ApiBuild.outputs['build_attempt_number.BUILD_ATTEMPT_NUMBER'] ]"
     jobs:
       - deployment: AppInfraProd
         container: terraform_custom

diff --git a/build/azDevOps/azure/templates/steps/build/build-java.yml b/build/azDevOps/azure/templates/steps/build/build-java.yml
@@ -25,6 +25,31 @@ steps:
       path: "${{ parameters.project_root_dir }}/${{ parameters.maven_cache_directory }}"
     displayName: Cache Maven packages (${{ parameters.project_type }})
 
+  - ${{ if eq(parameters.vulnerability_scan, true) }}:
+      - task: Bash@3
+        script: |
+          DATE="$(date "+%F")"
+          HOUR="$(date "+%H")"
+
+          # NVD Cache lasts 4 hours (240 mins) and so cache based on the hour's time
+          # in 24 hours. E.g. 0-3 are 0, 1-4 are 1, 20-23 are 5 etc..
+          HOUR_BY_FOUR="$(( ${HOUR} / 4 ))"
+
+          NVD_CACHE_FILE="${DATE}-${HOUR_BY_FOUR}"
+
+          echo "echoing to a file '${{ parameters.repo_root_dir }}/.nvd-cache' with value ''"
+          echo "${NVD_CACHE_FILE}" >> ${{ parameters.repo_root_dir }}/.nvd-cache
+        displayName: Set NVD Cache Variable
+
+      - task: Cache@2
+        inputs:
+          key: 'nvd | "$(Agent.OS)" | ${{ parameters.repo_root_dir }}/.nvd-cache'
+          restoreKeys: |
+            nvd | "$(Agent.OS)"
+            nvd
+          path: "${{ parameters.repo_root_dir }}"
+        displayName: Cache NVD Datatbase
+
   - task: Bash@3
     inputs:
       filePath: "${{ parameters.pipeline_scripts_directory }}/build-maven-install.bash"