-
Notifications
You must be signed in to change notification settings - Fork 21
100 lines (97 loc) · 5.89 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: Build and run heimdall_tools
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
test:
strategy:
matrix:
platform: [ubuntu-16.04, ubuntu-latest, macos-latest, windows-latest]
ruby: [ 2.5, 2.6, 2.7 ]
fail-fast: false
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- run: git fetch origin +refs/tags/*:refs/tags/*
- name: Test on Ruby ${{ matrix.ruby }}
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
- name: Build gem and run it
run: |
# Install gems required for building
gem install bundler git-lite-version-bump
gem build heimdall_tools.gemspec
gem install heimdall_tools*.gem
heimdall_tools help
heimdall_tools version
- name: Test burpsuite mapper
run: |
heimdall_tools burpsuite_mapper -x ./sample_jsons/burpsuite_mapper/sample_input_report/zero.webappsecurity.com.min -o burpsuite_output.json
jq 'del(.version, .platform.release)' burpsuite_output.json > burpsuite_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/burpsuite_mapper/zero.webappsecurity.json > burpsuite_sample.json
diff burpsuite_sample.json burpsuite_output_jq.json
- name: Test jfrog xray mapper
run: |
heimdall_tools jfrog_xray_mapper -j ./sample_jsons/jfrog_xray_mapper/sample_input_report/jfrog_xray_sample.json -o jfrog_output.json
jq 'del(.version, .platform.release)' jfrog_output.json > jfrog_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/jfrog_xray_mapper/jfrog_xray_hdf.json > jfrog_sample.json
diff jfrog_sample.json jfrog_output_jq.json
- name: Test nikto mapper
run: |
heimdall_tools nikto_mapper -j ./sample_jsons/nikto_mapper/sample_input_jsons/zero.webappsecurity.json -o nikto_output.json
jq 'del(.version, .platform.release)' nikto_output.json > nikto_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/nikto_mapper/zero.webappsecurity.json > nikto_sample.json
diff nikto_sample.json nikto_output_jq.json
- name: Test sarif mapper
run: |
heimdall_tools sarif_mapper -j ./sample_jsons/sarif_mapper/sample_input_jsons/sarif_input.sarif -o sarif_output.json
jq 'del(.version, .platform.release)' sarif_output.json > sarif_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/sarif_mapper/sarif_output.json > sarif_sample.json
diff sarif_sample.json sarif_output_jq.json
- name: Test xccdf mapper
run: |
heimdall_tools xccdf_results_mapper -x ./sample_jsons/xccdf_results_mapper/sample_input_report/xccdf-results.xml -o xccdf_output.json
jq 'del(.version, .platform.release)' xccdf_output.json > xccdf_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/xccdf_results_mapper/xccdf-hdf.json > xccdf_sample.json
diff xccdf_sample.json xccdf_output_jq.json
- name: Test zap mapper webgoat.json
run: |
heimdall_tools zap_mapper -j ./sample_jsons/zap_mapper/sample_input_jsons/webgoat.json -n "http://mymac.com:8191" -o zap_output_webgoat.json
jq 'del(.version, .platform.release)' zap_output_webgoat.json > zap_output_webgoat_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/zap_mapper/webgoat.json > zap_sample_webgoat.json
diff zap_sample_webgoat.json zap_output_webgoat_jq.json
- name: Test zap mapper zero.webappsecurity.json
run: |
heimdall_tools zap_mapper -j ./sample_jsons/zap_mapper/sample_input_jsons/zero.webappsecurity.json -n "http://zero.webappsecurity.com" -o zap_output.json
jq 'del(.version, .platform.release)' zap_output.json > zap_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/zap_mapper/zero.webappsecurity.json > zap_sample.json
diff zap_sample.json zap_output_jq.json
- name: Test nessus_mapper
run: |
heimdall_tools nessus_mapper -x ./sample_jsons/nessus_mapper/sample_input_report/nessus_sample.nessus -o nessus.json
jq 'del(.version, .platform.release)' nessus.json-ip-10-10-23-102.json > nessus_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/nessus_mapper/nessus_sample_hdf.json > nessus_sample_hdf.json
diff nessus_sample_hdf.json nessus_jq.json
- name: Test scoutsuite mapper
run: |
heimdall_tools scoutsuite_mapper -i ./sample_jsons/scoutsuite_mapper/sample_input_jsons/scoutsuite_sample.js -o scoutsuite_output.json
jq 'del(.version, .platform.release)' scoutsuite_output.json > scoutsuite_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/scoutsuite_mapper/scoutsuite_hdf.json > scoutsuite_sample.json
diff scoutsuite_sample.json scoutsuite_output_jq.json
- name: Test asff mapper
run: |
heimdall_tools asff_mapper -i ./sample_jsons/asff_mapper/sample_input_jsons/asff_sample.json --sh ./sample_jsons/asff_mapper/sample_input_jsons/aws_cis_standard.json -o asff_output.json
jq 'del(.version, .platform.release)' asff_output.json > asff_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/asff_mapper/asff_hdf.json > asff_sample.json
diff asff_sample.json asff_output_jq.json
- name: Test prowler mapper
run: |
heimdall_tools prowler_mapper -i ./sample_jsons/prowler_mapper/sample_input_jsons/prowler_sample.asff-json -o prowler_output.json
jq 'del(.version, .platform.release)' prowler_output.json > prowler_output_jq.json
jq 'del(.version, .platform.release)' ./sample_jsons/prowler_mapper/prowler_hdf.json > prowler_sample.json
diff prowler_sample.json prowler_output_jq.json