Fix to dependency track running scripts

siewrgrz · siewrgrz · commit 6cea1b59fb2d · 2020-03-17T14:06:57.000+01:00
diff --git a/DependencyTrackScripts/dTrackJs b/DependencyTrackScripts/dTrackJs
@@ -1,12 +1,12 @@
-#!/bin/sh
+#!/bin/bash
 PROJECT=$1
 URL=$2
 TOKEN=$3
 npm install --save ignore-errors
 cyclonedx-bom -o bom.xml
 BOM=$(base64 bom.xml |tr -d \\n)
 POSTDATA="{\"project\":\"$PROJECT\",\"bom\":\"$BOM\"}"
-curl -X "PUT" $URL \
+curl -X "PUT" "$URL/api/v1/bom" \
      -k \
      --noproxy "*" \
      -H 'Content-Type: application/json' \
diff --git a/DependencyTrackScripts/dTrackMvn b/DependencyTrackScripts/dTrackMvn
@@ -1,11 +1,11 @@
-#!/bin/sh
+#!/bin/bash
 PROJECT=$1
 URL=$2
 TOKEN=$3
 mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom
 BOM=$(base64 target/bom.xml |tr -d \\n)
 POSTDATA="{\"project\":\"$PROJECT\",\"bom\":\"$BOM\"}"
-curl -X "PUT" $URL \
+curl -X "PUT" "$URL/api/v1/bom" \
      -k \
      --noproxy "*" \
      -H 'Content-Type: application/json' \
diff --git a/DependencyTrackScripts/dTrackPHP b/DependencyTrackScripts/dTrackPHP
@@ -1,12 +1,12 @@
-#!/bin/sh
+#!/bin/bash
 PROJECT=$1
 URL=$2
 TOKEN=$3
 composer require --dev cyclonedx/cyclonedx-php-composer --ignore-platform-reqs
 composer make-bom
 BOM=$(base64 bom.xml |tr -d \\n)
 POSTDATA="{\"project\":\"$PROJECT\",\"bom\":\"$BOM\"}"
-curl -X "PUT" $URL \
+curl -X "PUT" "$URL/api/v1/bom" \
      -k \
      --noproxy "*" \
      -H 'Content-Type: application/json' \
diff --git a/DependencyTrackScripts/dTrackPy b/DependencyTrackScripts/dTrackPy
@@ -1,12 +1,12 @@
-#!/bin/sh
+#!/bin/bash
 PROJECT=$1
 URL=$2
 TOKEN=$3
 pip freeze > requirements.txt
 cyclonedx-py -i requirements.txt -o bom.xml
 BOM=$(base64 bom.xml |tr -d \\n)
 POSTDATA="{\"project\":\"$PROJECT\",\"bom\":\"$BOM\"}"
-curl -X "PUT" $PROJECT \
+curl -X "PUT" "$URL/api/v1/bom" \
      -k \
      --noproxy "*" \
      -H 'Content-Type: application/json' \
diff --git a/src/main/java/io/mixeway/fortifyscaapi/dtrack/DependencyTrackScriptExecutor.java b/src/main/java/io/mixeway/fortifyscaapi/dtrack/DependencyTrackScriptExecutor.java
@@ -15,7 +15,7 @@ public void runDTrackScript(CreateScanRequest createScanRequest, Project project
         logger.info("Starting to generate BOM for {}", project.getProjectName());
 
         ProcessBuilder builder = new ProcessBuilder();
-        builder.command("sh", "-c", script,project.getdTrackUuid(), createScanRequest.getdTrackUrl(), createScanRequest.getdTrackToken());
+        builder.command("/bin/sh", script,project.getdTrackUuid(), createScanRequest.getdTrackUrl(), createScanRequest.getdTrackToken());
         logger.info("Running {} inside {}",String.join(" ",
                 Arrays.asList("sh", "-c", script,project.getdTrackUuid(), createScanRequest.getdTrackUrl(), createScanRequest.getdTrackToken())),
                 path.toFile());
