Versions Compared

Old Version 4

changes.mady.by.user Ken Yi

Saved on

compared with

New Version 5

changes.mady.by.user Ken Yi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Here's some additional documentation on the Sonar jobs/macros we have set up:
https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-maven-jobs.html#lf-infra-maven-sonar

https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-python-jobs.html#lf-infra-tox-sonar

https://docs.releng.linuxfoundation.org/projects/global-jjb/en/latest/jjb/lf-c-cpp-jobs.html#cmake-sonar


Vuls

Vuls will be integrated with Validation Framework (Bluval User Guide)

Below are the list of tasks for the integration. 

  • Build container image with Vuls
  • Write Bluval configuration file for security tests
  • SSH key generation & distribution: As Vuls connects to target server through SSH, and Vuls has to use SSH key-based authentication. There needs to be a way to generate SSH key pair, save the private key for Vuls container and dispatch the public key to target server. We probably don’t want to store the private key with the container image if the container image is public accessible.
  • Download and start Vuls container to run tests
  • Push test results to LF Nexus
  • Show test results in Bluval UI

Lynis

Lynis requires to run on SUT (System Under Test). The overall test framework will the similar to that of Vuls. As to the Lynis installation, there are two options:

  1. Lynis is pre-installed on SUT by project team.
  2. Lynis is to be installed as part of test flow from Validation Framework. 

Considering the complexity of installing application on target system, it is recommended that option 1 is to be used.