cr0hn · tamirdahan · Jul 5, 2021 · Jul 5, 2021 · Nov 9, 2021 · Nov 10, 2021
diff --git a/.whitesource b/.whitesource
@@ -0,0 +1,41 @@
+{
+  "scanSettings": {
+    "configMode": "AUTO",
+    "configExternalURL": "",
+    "projectToken": "",
+    "baseBranches": []
+  },
+  "scanSettingsSAST": {
+    "enableScan": false,
+    "scanPullRequests": false,
+    "incrementalScan": true,
+    "baseBranches": [],
+    "snippetSize": 10
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff",
+    "useMendCheckNames": true
+  },
+  "checkRunSettingsSAST": {
+    "checkRunConclusionLevel": "failure",
+    "severityThreshold": "high"
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW",
+    "issueType": "DEPENDENCY"
+  },
+  "remediateSettings": {
+    "workflowRules": {
+      "enabled": true
+    }
+  },
+   "imageSettings":{
+       "imageTracing":{
+           "enableImageTracingPR": false,
+           "addRepositoryCoordinate": false,
+           "addDockerfilePath": false,
+           "addMendIdentifier": false
+       }
+   }
+}
diff --git a/Dockerfile b/Dockerfile
@@ -1,3 +1,4 @@
+
 #FROM library/node:6
 FROM ubuntu:xenial
 
@@ -27,4 +28,4 @@ RUN chmod +x /app/start.sh
 EXPOSE 3000
 
 CMD [ "/app/start.sh" ]
-#CMD [ "npm", "start" ]
+#CMD [ "npm", "start" ]
diff --git a/azure-pipelines-1.yml b/azure-pipelines-1.yml
@@ -0,0 +1,39 @@
+# Docker
+# Build and push an image to Azure Container Registry
+# https://docs.microsoft.com/azure/devops/pipelines/languages/docker
+
+trigger:
+- master
+
+resources:
+- repo: self
+
+variables:
+  # Container registry service connection established during pipeline creation
+  dockerRegistryServiceConnection: 'bd5bee4f-9c9b-43a3-9875-1646a70c0632'
+  imageRepository: 'tamirdahanvulnerablenode'
+  containerRegistry: 'wsscontainerregistry.azurecr.io'
+  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
+  tag: '$(Build.BuildId)'
+
+  # Agent VM image name
+  vmImageName: 'ubuntu-latest'
+
+stages:
+- stage: Build
+  displayName: Build and push stage
+  jobs:
+  - job: Build
+    displayName: Build
+    pool:
+      vmImage: $(vmImageName)
+    steps:
+    - task: Docker@2
+      displayName: Build and push an image to container registry
+      inputs:
+        command: buildAndPush
+        repository: $(imageRepository)
+        dockerfile: $(dockerfilePath)
+        containerRegistry: $(dockerRegistryServiceConnection)
+        tags: |
+          $(tag)
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -0,0 +1,54 @@
+# Docker
+# Build and push an image to Azure Container Registry
+# https://docs.microsoft.com/azure/devops/pipelines/languages/docker
+
+trigger:
+- master
+
+resources:
+- repo: self
+
+variables:
+  # Container registry service connection established during pipeline creation
+  dockerRegistryServiceConnection: '7a7e03b5-8510-4096-b0ae-a9d96a202624'
+  imageRepository: 'VulnerableNode'
+  containerRegistry: 'wsscontainerregistry.azurecr.io'
+  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
+  tag: '$(Build.BuildId)'
+
+  # Agent VM image name
+  vmImageName: 'ubuntu-latest'
+
+stages:
+- stage: Build
+  displayName: Build and push stage
+  jobs:
+  - job: Build
+    displayName: Build
+    pool:
+      vmImage: $(vmImageName)
+    steps:
+    - task: Docker@2
+      displayName: Build and push an image to container registry
+      inputs:
+        command: buildAndPush
+        repository: $(imageRepository)
+        dockerfile: $(dockerfilePath)
+        containerRegistry: $(dockerRegistryServiceConnection)
+        tags: |
+          $(tag)
+    - task: CmdLine@2
+      displayName:  OS Scanned By WhiteSource
+      inputs:
+       script: |
+        curl -LJO https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar
+        echo Unified Agent downloaded successfully
+        java -jar wss-unified-agent.jar
+      env:
+        WS_APIKEY: 096db8ec-fefa-4e58-b9a0-e3413373d807
+        WS_WSS_URL: https://saas.whitesourcesoftware.com/agent
+        WS_PRODUCTNAME: AZDO_$(System.TeamProject)
+        #WS_PROJECTNAME: $(Build.Repository.Name)_$(Build.SourceBranchName )
+        WS_DOCKER_PROJECTNAMEFORMAT: "repositoryName" 
+        WS_DOCKER_SCANIMAGES: true
+        WS_DOCKER_INCLUDES: ".*$(imageRepository).*" 
diff --git a/server.js b/server.js
@@ -0,0 +1,13 @@
+const express = require('express');
+const app = express();
+const port = 3000;
+
+// Route to serve the HTML page
+app.get('/', (req, res) => {
+  res.sendFile(__dirname + '/index.html');
+});
+
+// Start the server
+app.listen(port, () => {
+  console.log(`Server running at http://localhost:${port}`);
+});