@@ -26,24 +26,23 @@ jobs:
2626 env :
2727 AQUA_KEY : ${{ secrets.AQUA_KEY }}
2828 AQUA_SECRET : ${{ secrets.AQUA_SECRET }}
29+ REPOSITORY_ID : ${{ secrets.AQUA_REPOSITORY_ID }}
2930 run : |
3031 set -euo pipefail
3132
3233 echo "=== Authenticating with AquaSec ==="
33- echo "${{ github.repository_id }}"
34-
3534 METHOD="POST"
3635 AUTH_ENDPOINT="https://eu-1.api.cloudsploit.com/v2/tokens"
3736 TIMESTAMP=$(date -u +%s)
3837 POST_BODY='{"group_id":1228,"allowed_endpoints":["GET"],"validity":240}'
3938 STRING_TO_SIGN="${TIMESTAMP}${METHOD}/v2/tokens${POST_BODY}"
40- SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha256 -hmac "$AQUA_SECRET" -hex | sed 's/.*= //g')
39+ SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha256 -hmac "${ AQUA_SECRET} " -hex | sed 's/.*= //g')
4140
42- AUTH_RESPONSE=$(curl -s -X " $METHOD" "$AUTH_ENDPOINT" \
41+ AUTH_RESPONSE=$(curl -s -X $METHOD "$AUTH_ENDPOINT" \
4342 -H "Content-Type: application/json" \
4443 -H "X-API-Key: $AQUA_KEY" \
45- -H "X-Signature: $SIGNATURE" \
4644 -H "X-Timestamp: $TIMESTAMP" \
45+ -H "X-Signature: $SIGNATURE" \
4746 -d "$POST_BODY")
4847
4948 RESPONSE_STATUS=$(echo "$AUTH_RESPONSE" | jq -r '.status')
5857
5958 echo "=== Receiving AquaSec Scan Results ==="
6059
61- SCAN_RESULTS_ENDPOINT="https://eu-central-1.edge.cloud.aquasec.com/codesec/api/v1/scans/results"
62- SCAN_RESULTS=$(curl -s -X GET \
63- "$SCAN_RESULTS_ENDPOINT?repositoryIds=${{ github.repository_id }} \
60+ SCAN_RESULTS_ENDPOINT="https://eu-1.codesec.aquasec.com/api/v1/scans/results"
61+ SCAN_RESULTS=$(curl -s -X GET "$SCAN_RESULTS_ENDPOINT?repositoryIds=${REPOSITORY_ID}" \
6462 -H "Authorization: Bearer $BEARER_TOKEN" \
6563 -H "Accept: application/json")
6664
7068 fi
7169
7270 echo "=== Scan Results ==="
73- echo "$SCAN_RESULTS" | jq '.'
71+ echo "$SCAN_RESULTS"
0 commit comments