veracode-ci/lib/index.js

Veracode client for triggering scans in Continuous Integration

#!/usr/bin/env node
"use strict";

var _yargs = require("yargs");

var _utils = _interopRequireDefault(require("./utils"));

var _connector = _interopRequireDefault(require("./connector"));

function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

const main = async () => {
  if (_yargs.argv.sandbox) {
    console.log('Veracode: scanning in sandbox...');
    let excludes = null;

    if (_yargs.argv.excludes) {
      excludes = _utils.default.parseStringToArray(_yargs.argv.excludes);
    }

    const options = {
      appId: _yargs.argv.appId,
      appName: _yargs.argv.appName,
      scanAllNonfatalTopLevelModules: _yargs.argv.scanAllNonfatalTopLevelModules ? _yargs.argv.scanAllNonfatalTopLevelModules === 'true' : undefined,
      autoScan: _yargs.argv.autoScan ? _yargs.argv.autoScan === 'true' : undefined,
      excludes
    };

    try {
      await new _connector.default(options).scanInSandbox();
    } catch (err) {
      console.log(`FAILED to trigger new veracode scan; ${err}`);
    }
  } else {
    console.log('Veracode: DO NOTHING; no --sandbox flag and nothing else implemented...');
  }
};

main();