Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
Is it possible to integrate Checkmarx Static Application Security Testing (SAST) tool into Gitlab Continuous Integration (CI) Pipeline for static security scanning?
I have been using Checkmarx with TeamCity and Jenkins pipeline with their Plugin. However, for GitLab pipeline, we need to use REST APIs/ CLI. I would prefer using CLI over REST APIs as CLI provides more functionality that can be used for pipeline decisions.
You can check their Wiki-
https://checkmarx.atlassian.net/wiki/spaces/KC/pages/5767170/CxSAST+API+Guide
https://checkmarx.atlassian.net/wiki/spaces/KC/pages/52560015/CxConsole+CxSAST+CLI
You can always raise a support ticket for getting the recommended approach by Checkmarx.
For now, no, Checkmarx don't have a special plugin for GitLab integration, but they have really good article how-to enable and configure integration:
https://checkmarx.atlassian.net/wiki/spaces/SD/pages/1929937052/GitLab+Integration
I choose free style rather then going for pipeline job in jenkins.
Here is how I configured even without checkmarx plugin.
First generate a token using below command
runCxConsole.cmd GenerateToken -v -CxUser username -CxPassword admin -CxServer http://localhost
Congfiure below lines of code in Build --> Execute Shell
Jenkins Script
#!/bin/bash
export JAVA_HOME=/usr/bin/java
export CHECKMARX_HOME=/<checkmarx plugin path>/CxConsolePlugin-8.90.2
echo ${WORKSPACE}
echo $CX_PROJECT_NAME
mkdir ${WORKSPACE}/cxReports
export CHECKMARX_REPORTS_HOME=${WORKSPACE}/cxReports
echo $CHECKMARX_REPORTS_HOME
$CHECKMARX_HOME/runCxConsole.sh Scan -v -CxServer <checkmarx server details> -ProjectName "<project anme>" -cxToken <token> -locationtype folder -locationpath "${WORKSPACE}" -preset "Default Checkamrx" -reportcsv $CHECKMARX_REPORTS_HOME/$CX_PROJECT_NAME.csv -ReportPDF $CHECKMARX_REPORTS_HOME/$CX_PROJECT_NAME.pdf
Note:Always use token for authentication with the server instead hard coding the username and password in the CLI command.
For more information you can visit https://checkmarx.atlassian.net/wiki/spaces/SD/pages/222232891/Authentication+Login+to+the+CLI
https://checkmarx.atlassian.net/wiki/spaces/SD/pages/1929937052/GitLab+Integration
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
Please share any bash script to run s3 copy commands. I have already tried separate Script to call the rclone command for each agency to backup EC2 instance windows server data to S3.
The command below syncs the current directory to an S3 bucket using a named profile.
aws s3 sync . $S3_BUCKET_URL --profile $YOUR_PROFILE_BRO
The next command syncs the S3 bucket to the current directory using a named profile.
aws s3 sync $S3_BUCKET_URL . --profile $YOUR_PROFILE_BRO
The next command copies a file (file.txt) from your machine to S3 using the default profile of your machine.
aws s3 cp file.txt s3://my-bucket/
Of course, you need an aws-cli and AWS credential pair (secret key & secret key id) to make this work from your machine or on-premise networks. If you want to copy from EC2 to S3, you can assign IAM roles that posses permissions to write/read objects to that EC2 and you should be good to go.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I have a discord bot that saves JSON files on the dir he is in so it could work on more than one server without colliding.
I finished my code and I uploaded it to heroku for hosting. The thing is , when I ran the code locally I could see the files that were being created for each server for testing but now I don't know how to reach them.
Is there a way to check all the files I have in heroku without downloading everything down?
You can install Heroku CLI and then access your files using:
heroku login
heroku run bash -a APPNAME
But be aware that Heroku uses an ephemeral filesystem. This means that your local filesystem is only accessible to a single dyno, and once the dyno is stopped, restarted, or moved, all files on the local filesystem are destroyed.
You could use a service like Amazon S3 to store your files in a more permanent way.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
I am attempting to migrate my server from Parse.com over to Heroku with their one click migration. Their documentation says that Parse Server supports "file" type, but I can't find any documentation on transferring these files so Heroku can access them.
This isn't an answer but I've been having the same issue/dilemma and have partial information that might be helpful in eventually finding an answer. I did a migration and took a look at some of the stuff going on.
Example, photoObj.get('file').url();
On Parse Hosting: files point to the following:
http://files.parsetfss.com/parseFileKey/fileName.ext
This is stored on some amazon S3 thing. Basically this points to:
https://s3.amazonaws.com/files.parsetfss.com/parseFileKey/fileName.ext
After migrating to Heroku/MongoLab, photoObj.get('file').url() points to the following:
http://files.parsetfss.com/newHostFileKey/fileName.ext
newHostFileKey is something we designate in the parse-server setup and seems to be automatically generated via this setting.
I don't see any evidence so far that the migration tool moves files from Parse Hosting to the new host/db.
File uploading to the new host works fine. On the new host, if one generates a new file it ends up pointing to something like this:
http://newHostURL/parse/files/appID/fileName.ext
parse is whatever you designate at the startup of your parse-server like app.use('/parse', api);
appID is whatever you designate at the startup of your parse-server like
var api = new ParseServer({
appId: 'appID',
fileKey: 'newHostFileKey'
});
Changing the url point of an Parse Hosted file to fit the new host pattern doesn't yield anything (file not found) etc.
I have no idea how new files are being stored and to where the url routes to.
With new files that are uploaded via the new host, I notice that some new tables/collections are created in the MongoLab DB. These are fs.chunks and fs.files
fs.chunks is where the data of the file is being stored (I think). So under the new heroku/mongolab setup, files seem to reside "in" the DB.
As for what the best way is to migrate images from Parse hosting to new hosting is, I have no idea but I'm not sure there is a straightforward answer that is publicly out there at this point.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 3 years ago.
Improve this question
I have searched enough on the web but did not find the solution.
Is there a remote GUI client for Elastic Search server just like Oracle SQL Developer in order to see the schema & other details of the remote elastic db.
Currently I am using the elastic head plugin
It doesn't let me connect to the remote elastic cluster. It only works if the elastic server is hosted in the same machine. I also added the below entries to elastic.yml file but doesn't works. Says no connection to the remote host.
#http.cors.enable: true
#http.cors.allow-origin: "remotehosturl:9200"
You need to remove the # character in front your two lines, as that comments out the line and thus has no effect.
Also the correct settings for CORS is named http.cors.enabled not http.cors.enable
So you should include these two lines:
http.cors.enabled: true
http.cors.allow-origin: "remotehosturl:9200"
Also you have the choice with other plugins, such as Marvel, Kopf or the Sense Chrome plugin (soon available as a Kibana-powered standalone tool)
Dejavu is a MIT-licensed modern alternative to Elasticsearch Head, I am one of the contributors to the project.
You can use it as a remote web app, a chrome extension or as a docker image.
It supports:
Excel like UI for CRUD operations - including ability to view and add mappings from GUI,
Visual filters,
Ability to import CSV / JSON files directly,
Query views,
Export data in CSV / JSON formats.
When using it in a remote mode, you will have to set the Elasticsearch config to allow CORS from the origin where dejavu's app is running.
You can read more about the project at https://github.com/appbaseio/dejavu.
Marvel's sense is official GUI client for elasticsearch maintained by elastic.It is now even free to use in production with ES release 2.0. Sense query user interface has intellisense hooked with it which is very usefull when writing complex queries and offer lot of other metrics about cluster health, CPU load, memory(build on top of kibana).I prefer sense over head.It is worth taking a look atleast.
You have to install this plugin on your remote server.
Installation- https://www.elastic.co/downloads/marvel
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I just found the wonderful ElasticFox, a Firefox plugin that makes working with Amazon EC2 much more enjoyable. Is there a similar tool for Amazon RDS?
Or, rather, what is the best/easiest tool to work with RDS?
I have been using MySQL Workbench http://www.mysql.com/products/workbench/ with RDS and it works great. Very easy to create and save a new database service instance. Click "New Server Instance" under "Server Administration" and follow the prompts. You will need to enter the information provided in the AWS RDS webpage for that instance (for example, it's endpoint).
NOTE: In order for you to actually connect, you MUST add your IP address in the "DB Security Groups." The link is in the left-hand column, which is titled "Navigation." I use the "CIDR/IP" option (the other is EC2 Security Group). Make sure to include a /## after the IP, such as the /32 they use in the example. In a few seconds, the IP address should be authorized.
After the new security group has been authorized, the "DB Security Groups" of the DB Instance running MySql needs to be updated to include this newly created security group. After this updation, the "DB Security Groups" should show atleast two 'active' security groups, one which was already present previously and other which was newly created in the previous step.
After that, go back to MySQL Workbench and complete the New Server Instance creation process.
I'd say the AWS Console and RDS CLI along with MySQL client itself are totally sufficient.
Anything particular you are looking for?
AWS console is well enough to monitor and configure the RDS. However we cant change some parameters with AWS Console (like mysql.ini parameters). In that case you have to use RDS Command Line tools.
Still if you dont want to mess with Command line APIs, you can use cloud management systems and use it (free edition) as GUI tool such as RightScale
Here is post you can see how third party GUI tools can be used to work with Amazon RDS
Try DBHawk from Datasparc. It can connect to cloud databases such as Amazon RDS and MS Azure.