8000 VS-139: Generate ssdlc_compliance_report.md · mongodb/mongo-csharp-analyzer@16a00a1 · GitHub
[go: up one dir, main page]
Skip to content

Commit 16a00a1

Browse files
BorisDogBorisDog
authored
VS-139: Generate ssdlc_compliance_report.md
1 parent a6abe28 commit 16a00a1

File tree

4 files changed

+141
-27
lines changed

4 files changed

+141
-27
lines changed

evergreen/evergreen.yml

Lines changed: 45 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -169,11 +169,37 @@ functions:
169169
params:
170170
key_id: ${papertrail_key_id}
171171
secret_key: ${papertrail_secret_key}
172-
product: ${PRODUCT_NAME}
172+
product: "mongo-csharp-analyzer"
173173
version: ${PACKAGE_VERSION}
174174
filenames:
175175
- "mongo-csharp-analyzer/artifacts/nuget/MongoDB.Analyzer.${PACKAGE_VERSION}.nupkg"
176176

177+
generate-ssdlc-report:
178+
- command: shell.exec
179+
params:
180+
working_dir: "mongo-csharp-analyzer"
181+
env:
182+
PRODUCT_NAME: "mongo-csharp-analyzer"
183+
github_commit: ${github_commit}
184+
script: |
185+
${PREPARE_SHELL}
186+
./evergreen/generate-ssdlc-report.sh
187+
- command: ec2.assume_role
188+
params:
189+
role_arn: ${UPLOAD_SSDLC_RELEASE_ASSETS_ROLE_ARN}
190+
- command: s3.put
191+
params:
192+
aws_key: ${AWS_ACCESS_KEY_ID}
193+
aws_secret: ${AWS_SECRET_ACCESS_KEY}
194+
aws_session_token: ${AWS_SESSION_TOKEN}
195+
local_file: ./mongo-csharp-analyzer/artifacts/ssdlc/ssdlc_compliance_report.md
196+
remote_file: mongo-csharp-analyzer/${PACKAGE_VERSION}/ssdlc_compliance_report.md
197+
bucket: csharp-driver-release-assets
198+
region: us-west-2
199+
permissions: private
200+
content_type: text/markdown
201+
display_name: ssdlc_compliance_report.md
202+
177203
cleanup:
178204
- command: shell.exec
179205
params:
@@ -253,27 +279,23 @@ tasks:
253279
commands:
254280
- func: package-pack
255281

256-
- name: package-push_nuget
282+
- name: push-packages-nuget
257283
commands:
258284
- func: package-pack
259285
- func: package-push
260286
vars:
261287
PACKAGES_SOURCE: "https://api.nuget.org/v3/index.json"
262288
PACKAGES_SOURCE_KEY: ${nuget_api_key}
263289
- func: trace-artifacts
264-
vars:
265-
PRODUCT_NAME: "mongo-csharp-analyzer"
290+
- func: generate-ssdlc-report
266291

267-
- name: package-push_myget
292+
- name: push-packages-myget
268293
commands:
269294
- func: package-pack
270295
- func: package-push
271296
vars:
272297
PACKAGES_SOURCE: "https://www.myget.org/F/mongodb/api/v3/index.json"
273298
PACKAGES_SOURCE_KEY: ${myget_api_key}
274-
#- func: trace-artifacts
275-
# vars:
276-
# PRODUCT_NAME: "mongo-csharp-analyzer-dev"
277299

278300
axes:
279301
- id: driver
@@ -351,22 +373,20 @@ buildvariants:
351373
tasks:
352374
- name: test-netcoreapp31
353375

354-
- name: package-pack
355-
git_tag_only: true
356-
display_name: "Package Pack"
357-
run_on: ubuntu2004-small
376+
- matrix_name: push-packages-nuget
377+
matrix_spec:
378+
os: "ubuntu-2004"
379+
display_name: "Packages Push (NuGet)"
380+
tags: ["push-packages", "release-tag"]
358381
tasks:
359-
- name: package-pack
360-
361-
- name: package-push_nuget
362-
git_tag_only: true
363-
display_name: "Package Push (NuGet)"
364-
run_on: ubuntu2004-small
365-
tasks:
366-
- name: package-push_nuget
367-
368-
- name: package-push_myget
369-
display_name: "Package Push (MyGet)"
370-
run_on: ubuntu2004-small
382+
- name: push-packages-nuget
383+
git_tag_only: true
384+
priority: 10
385+
386+
- matrix_name: push-packages-myget
387+
matrix_spec:
388+
os: "ubuntu-2004"
389+
display_name: "Packages Push (MyGet)"
390+
tags: ["push-packages-myget"]
371391
tasks:
372-
- name: package-push_myget
392+
- name: push-packages-myget

evergreen/generate-ssdlc-report.sh

Lines changed: 35 additions & 0 deletions
< A3E2 /div>
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
#!/usr/bin/env bash
2+
set -o errexit # Exit the script with error if any of the commands fail
3+
4+
# Environment variables used as input:
5+
# PRODUCT_NAME
6+
# PACKAGE_VERSION
7+
# github_commit
8+
9+
echo "$PRODUCT_NAME"
10+
echo "$PACKAGE_VERSION"
11+
echo "$github_commit"
12+
13+
echo "Creating SSDLC reports"
14+
15+
declare -r SSDLC_PATH="./artifacts/ssdlc"
16+
mkdir -p "${SSDLC_PATH}"
17+
18+
echo "Creating SSDLC compliance report"
19+
declare -r TEMPLATE_SSDLC_REPORT_PATH="./evergreen/template_ssdlc_compliance_report.md"
20+
declare -r SSDLC_REPORT_PATH="${SSDLC_PATH}/ssdlc_compliance_report.md"
21+
cp "${TEMPLATE_SSDLC_REPORT_PATH}" "${SSDLC_REPORT_PATH}"
22+
23+
declare -a SED_EDIT_IN_PLACE_OPTION
24+
if [[ "$OSTYPE" == "darwin"* ]]; then
25+
SED_EDIT_IN_PLACE_OPTION=(-i '')
26+
else
27+
SED_EDIT_IN_PLACE_OPTION=(-i)
28+
fi
29+
sed "${SED_EDIT_IN_PLACE_OPTION[@]}" \
30+
-e "s/\${PRODUCT_NAME}/${PRODUCT_NAME}/g" \
31+
-e "s/\${PACKAGE_VERSION}/$PACKAGE_VERSION/g" \
32+
-e "s/\${github_commit}/$github_commit/g" \
33+
-e "s/\${REPORT_DATE_UTC}/$(date -u +%Y-%m-%d)/g" \
34+
"${SSDLC_REPORT_PATH}"
35+
ls "${SSDLC_REPORT_PATH}"

evergreen/template_ssdlc_compliance_report.md

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
# ${PRODUCT_NAME} SSDLC compliance report
2+
3+
This report is available
4+
<a href=https://us-west-2.console.aws.amazon.com/s3/object/csharp-driver-release-assets?region=us-west-2&bucketType=general&prefix=${PRODUCT_NAME}/${PACKAGE_VERSION}/ssdlc_compliance_report.md>here</a>.
5+
6+
<table>
7+
<tr>
8+
<th>Product name</th>
9+
<td><a href="https://github.com/mongodb/mongo-csharp-analyzer">${PRODUCT_NAME}</a></td>
10+
</tr>
11+
<tr>
12+
<th>Product version</th>
13+
<td>${PACKAGE_VERSION}</td>
14+
</tr>
15+
<tr>
16+
<th>Report date, UTC</th>
17+
<td>${REPORT_DATE_UTC}</td>
18+
</tr>
19+
</table>
20+
21+
## Release creator
22+
23+
This information is available in multiple ways:
24+
25+
<table>
26+
<tr>
27+
<th>Evergreen</th>
28+
<td>
29+
See the "Submitted by" field in <a href="https://spruce.mongodb.com/version/mongo-csharp-analyzer_v${PACKAGE_VERSION}_${github_commit}">Evergreen release patch</a>.
30+
</td>
31+
</tr>
32+
<tr>
33+
<th>Papertrail</th>
34+
<td>
35+
Refer to data in Papertrail. There is currently no official way to serve that data.
36+
</td>
37+
</tr>
38+
</table>
39+
40+
## Process document
41+
42+
Blocked on <https://jira.mongodb.org/browse/DRIVERS-2892>.
43+
44+
The MongoDB SSDLC policy is available at
45+
<https://docs.google.com/document/d/1u0m4Kj2Ny30zU74KoEFCN4L6D_FbEYCaJ3CQdCYXTMc>.
46+
47+
## Third-darty dependency information
48+
49+
There are no dependencies to report vulnerabilities of.
50+
Our [SBOM](https://docs.devprod.prod.corp.mongodb.com/mms/python/src/sbom/silkbomb/docs/CYCLONEDX/) lite
51+
is <https://github.com/mongodb/mongo-csharp-analyzer/blob/v${PACKAGE_VERSION}/sbom.json>.
52+
53+
## Static analysis findings
54+
55+
Coverity static analysis report is available <a href="https://coverity.corp.mongodb.com/login">here</a>, under mongodb-csharp-driver project.
56+
57+
## Signature information
58+
59+
Blocked on <https://jira.mongodb.org/browse/VS-124>.

src/MongoDB.Analyzer/Core/Telemetry/ITelemetryServiceExtensions.cs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,11 @@
1414

1515
namespace MongoDB.Analyzer.Core;
1616

17-
internal static class ITelemetryServicExtensions
17+
internal static class ITelemetryServiceExtensions
1818
{
1919
private static readonly string s_version;
2020

21-
static ITelemetryServicExtensions()
21+
static ITelemetryServiceExtensions()
2222
{
2323
try
2424
{

0 commit comments

Comments
 (0)
0