forked from andresriancho/w3af
-
Notifications
You must be signed in to change notification settings - Fork 0
/
circle.yml
165 lines (132 loc) · 6.33 KB
/
circle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
#
# This file is used to configure the continuous integration for w3af
# see http://w3af.org/how-w3af-uses-continuous-integration-to-improve
#
# As a user you don't need to understand this file.
#
machine:
services:
- docker
python:
version: 2.7.3
# This is required to run WIVET
php:
version: 5.5.11
java:
version: oraclejdk7
post:
# This was required to avoid issues with different builds of python being
# used between the gtk libs installed in /usr/lib/python2.7/dist-packages/
# and the python which was put inside my virtualenv
- pyenv global system
# And we want to start the django-moth server
# https://circleci.com/docs/background-process
- nohup bash -c "python w3af/w3af/core/controllers/ci/setup_moth.py &" > $CIRCLE_ARTIFACTS/setup-moth-nohup.log
checkout:
post:
# Since the auto_update feature needs the git repository history, we run
# this command which will retrieve it (since CircleCI doesn't for perf).
# In our case it is fine, and it will get cached.
- if [[ -e .git/shallow ]]; then git fetch --unshallow; fi
dependencies:
cache_directories:
# This, since it's run in the machine section is in the home
- "/home/ubuntu/django-moth"
# These are inside the w3af directory
- "xpresser"
- "wivet"
- "pico-wavsep"
- "sqlmap-testenv"
- "php-moth"
pre:
- sudo apt-get update
- sudo apt-get install -y python-gtksourceview2 python-gtk2 gir1.2-notify-0.7 python-pyatspi2
- sudo apt-get install -y python-dbus python-pygame python-opencv python-scipy python-numpy
- sudo apt-get install -y stunnel4 libffi-dev tcpdump joe python-webkit
# Install the core/console dependencies
- pip install --upgrade pip
- w3af/core/controllers/ci/install_scripts/install_core_dependencies.sh
# Install GUI dependencies
- w3af/core/controllers/ci/install_scripts/install_gui_dependencies.sh
# Link the GUI stuff to the venv
- w3af/core/controllers/ci/install_scripts/install_c_extensions_venv.sh
# Install the test dependencies
- w3af/core/controllers/ci/install_scripts/install_test_dependencies.sh
# Install and run wivet in the background
- w3af/core/controllers/ci/install_scripts/install_wivet.sh
- php -S localhost:8899 -t wivet/ w3af/core/controllers/ci/helpers/router.php:
background: true
# Install and run php-moth in the background
- w3af/core/controllers/ci/install_scripts/install_php_moth.sh
- php -S localhost:9009 -t . -c conf/default.ini router.php &> $CIRCLE_ARTIFACTS/run_php_moth.log:
background: true
pwd: php-moth
# Install and run sqlmap's testenv in the background
- w3af/core/controllers/ci/install_scripts/install_sqlmap_testenv.sh
- php -S localhost:8998 -t . &> $CIRCLE_ARTIFACTS/run_testenv.log:
background: true
pwd: sqlmap-testenv
# Install and run wavsep in the background
- w3af/core/controllers/ci/install_scripts/install_wavsep.sh
- java -jar jenkins-winstone.jar --warfile=wavsep.war --useJasper --commonLibFolder=lib --httpPort=8098 --ajp13Port=8099:
background: true
pwd: pico-wavsep
# Save docker hub credentials to file
- sed "s/<EMAIL>/$DOCKER_EMAIL/;s/<AUTH>/$DOCKER_AUTH/" < extras/docker/dockercfg.template > ~/.dockercfg
# Wait for the daemon to be available to run the tests
- w3af/core/controllers/ci/wait_for_moth.py
post:
- pip --version
- pip freeze
test:
override:
- w3af/core/controllers/ci/nosetests_wrapper/main.py:
timeout: 360
- nosetests w3af/core/data/constants/tests/test_vulns.py:TestVulnsConstants.test_vuln_updated
- w3af/core/controllers/ci/teardown_moth.py
# https://bitbucket.org/ned/coveragepy/issue/282/coverage-combine-consumes-a-lot-of-memory
# post:
# - coverage combine
# - coveralls
deployment:
production:
branch: master
owner: andresriancho
commands:
# Note the master in the URLs
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-module/tree/master?circle-token=$W3AF_MODULE_TOKEN"
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-kali-ci/tree/master?circle-token=$W3AF_KALI_TOKEN"
# Nasty hack required for docker cache sanity: Because we get a new clone
# of the repo, timestamps don't correspond any more to when the file was
# last changed. To rectify this, first set everything to a timestamp in
# the past and then update the timestamp for all git-tracked files based
# on their last committed change.
#
# This takes ~1min to run, so we're doing it here in order to run it only
# when the build is successful AND we're in master/develop where it's
# really needed
- find . -exec touch -t 201401010000 {} \;
- for x in $(git ls-tree --full-tree --name-only -r HEAD); do touch -t $(date -d "$(git log -1 --format=%ci "${x}")" +%y%m%d%H%M.%S) "${x}"; done
- docker pull andresriancho/w3af:stable; true
- cd extras/docker/ && ./docker-build.sh stable
- docker push andresriancho/w3af:stable
staging:
branch: develop
owner: andresriancho
commands:
# Note the develop in the URLs
- "curl --header 'Content-Type: application/json' --request POST https://circleci.com/api/v1/project/andresriancho/w3af-module/tree/develop?circle-token=$W3AF_MODULE_TOKEN"
# Nasty hack required for docker cache sanity: Because we get a new clone
# of the repo, timestamps don't correspond any more to when the file was
# last changed. To rectify this, first set everything to a timestamp in
# the past and then update the timestamp for all git-tracked files based
# on their last committed change.
#
# This takes ~1min to run, so we're doing it here in order to run it only
# when the build is successful AND we're in master/develop where it's
# really needed
- find . -exec touch -t 201401010000 {} \;
- for x in $(git ls-tree --full-tree --name-only -r HEAD); do touch -t $(date -d "$(git log -1 --format=%ci "${x}")" +%y%m%d%H%M.%S) "${x}"; done
- docker pull andresriancho/w3af:unstable; true
- cd extras/docker/ && ./docker-build.sh unstable
- docker push andresriancho/w3af:unstable