cxMiguelSilva · cxMiguelSilva · Mar 13, 2024 · Mar 8, 2024 · Mar 8, 2024 · Mar 8, 2024
diff --git a/.github/workflows/kics.yaml b/.github/workflows/kics.yaml
@@ -2,7 +2,7 @@ name: scan with KICS and upload SARIF
 
 on:
   pull_request:
-    branches: [master]
+    branches: [main]
 
 jobs:
   kics-job:
@@ -17,16 +17,15 @@ jobs:
       - name: Run KICS Scan with SARIF result
         uses: checkmarx/[email protected]
         with:
-          path: 'terraform'
+          path: vulns
           # when provided with a directory on output_path
           # it will generate the specified reports file named 'results.{extension}'
           # in this example it will generate:
           # - results-dir/results.json
           # - results-dir/results.sarif
           output_path: results-dir
-          platform_type: terraform
           output_formats: 'json,sarif'
-          exclude_paths: "terraform/gcp/big_data.tf,terraform/azure"
+          ignore_on_exit: results
           # seek query id in it's metadata.json
           exclude_queries: 0437633b-daa6-4bbc-8526-c0d2443b946e
       - name: Show results

diff --git a/positive.dockerfile b/positive.dockerfile
@@ -4,4 +4,5 @@ WORKDIR /app
 ONBUILD COPY . /app
 ONBUILD RUN virtualenv /env && /env/bin/pip install -r /app/requirements.txt
 EXPOSE 8080
+EXPOSE 8081
 CMD ["/env/bin/python", "main.py"]
diff --git a/vulns/positive.dockerfile b/vulns/positive.dockerfile
@@ -0,0 +1,8 @@
+FROM gliderlabs/alpine:3.3
+RUN apk add --update-cache python
+WORKDIR /app
+ONBUILD COPY . /app
+ONBUILD RUN virtualenv /env && /env/bin/pip install -r /app/requirements.txt
+EXPOSE 8080
+EXPOSE 8081
+CMD ["/env/bin/python", "main.py"]
diff --git a/vulns/positive2.dockerfile b/vulns/positive2.dockerfile
@@ -0,0 +1,8 @@
+FROM gliderlabs/alpine:3.3
+RUN apk add --update-cache python
+WORKDIR /app
+ONBUILD COPY . /app
+ONBUILD RUN virtualenv /env; \
+    /env/bin/pip install -r /app/requirements.txt
+EXPOSE 8080
+CMD ["/env/bin/python", "main.py"]