OWASP dependency-check for codecommit repositories
Project description
@cloudcomponents/cdk-dependency-check
OWASP dependency-check for codecommit repositories
Install
TypeScript/JavaScript:
npm i @cloudcomponents/cdk-dependency-check
Python:
pip install cloudcomponents.cdk-dependency-check
How to use
import { CodeCommitDependencyCheck } from '@cloudcomponents/cdk-dependency-check';
import { Stack, StackProps } from 'aws-cdk-lib';
import { Repository } from 'aws-cdk-lib/aws-codecommit';
import { Schedule } from 'aws-cdk-lib/aws-events';
import { SnsTopic } from 'aws-cdk-lib/aws-events-targets';
import { Bucket } from 'aws-cdk-lib/aws-s3';
import { Topic } from 'aws-cdk-lib/aws-sns';
import { EmailSubscription } from 'aws-cdk-lib/aws-sns-subscriptions';
import { Construct } from 'constructs';
export class DependencyCheckStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
if (typeof process.env.REPOSITORY_NAME === 'undefined') {
throw new Error('environment variable REPOSITORY_NAME undefined');
}
const repository = Repository.fromRepositoryName(this, 'Repository', process.env.REPOSITORY_NAME);
const reportsBucket = new Bucket(this, 'Bucket');
// The following example runs a task every day at 4am
const check = new CodeCommitDependencyCheck(this, 'CodeCommitDependencyCheck', {
repository,
reportsBucket,
preCheckCommand: 'npm i',
schedule: Schedule.cron({
minute: '0',
hour: '4',
}),
});
const checkTopic = new Topic(this, 'CheckTopic');
if (process.env.DEVSECOPS_TEAM_EMAIL) {
checkTopic.addSubscription(new EmailSubscription(process.env.DEVSECOPS_TEAM_EMAIL));
}
check.onCheckStarted('started', {
target: new SnsTopic(checkTopic),
});
check.onCheckSucceeded('succeeded', {
target: new SnsTopic(checkTopic),
});
check.onCheckFailed('failed', {
target: new SnsTopic(checkTopic),
});
}
}
Upload HTML Reports
const reportsBucket = new Bucket(this, 'Bucket');
// The following example runs a task every day at 4am
const check = new CodeCommitDependencyCheck(this, 'CodeCommitDependencyCheck', {
repository,
reportsBucket,
preCheckCommand: 'npm i',
schedule: Schedule.cron({
minute: '0',
hour: '4',
}),
});
API Reference
See API.md.
Example
See more complete examples.
License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for cloudcomponents.cdk-dependency-check-2.2.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 80bd3a2d022c1a4b23110e7ced0e27f133e04fe8bdd7f80c7a7f4f6886003c4c |
|
MD5 | 98b77a9499d2e0a9fe422927e5ff676a |
|
BLAKE2b-256 | f7786214c2fc05f63cfd1c9d969c7480657509ca58455db30e428f19b87904ef |
Close
Hashes for cloudcomponents.cdk_dependency_check-2.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b48618e919140c2a56fd131e29f0a1893aac9f9319a28e1cc68b7e7804516218 |
|
MD5 | 5b8c8d319b2c54b2ec8b67afb1439345 |
|
BLAKE2b-256 | e75bdd2fdf484ecc5b04868a88d83e28ded714f8539ae90392b85b38aa50d025 |