The only function required to be created is the
This function is called by the hook-sdk after scans are finished.
As parameters for
handle() the hook-sdk provides the following:
This callback function will provide all raw results to the hook as a promise.
When the rawResults are in form of a json file, getRawResults will return the parsed representation of the data, not the json string.
This callback function will provide all findings to the hook as an array of findings wrapped in a promise.
This callback function will enable you to publish desired changes to raw results.
updateRawResults is only available in ReadAndWrite hooks.
updateRawResults operates on the raw results of the scans, this means that the implementation has to be tied to the specific output format of a singular scanner. The updated raw results are also not parsed again by the parsers integrated into the secureCodeBox, making this method only viable if you are using a ReadOnly hook exporting the results into a external system like DefectDojo.
If you want to perform actions on all findings consider using the
This callback function will enable you to publish desired updates to the findings.
updateFindings is only available in ReadAndWrite hooks.
If you make changes to some findings you will have to call
updateFindings() with ALL findings not just with the ones that have changed or unchanged findings will get lost!
This is a basic example for the generic-webhook
As you can see this hook defines the
handle() function but only uses
scan provided by the hook-sdk.
This is fine because the other parameters are not needed.
Maybe you notice that in line 5 ENVs are used. If you also need ENVs or Volumes see INSERT-LINK-HERE.
Notice that the
handle() function has to be exported to use in the hook-sdk
This file should contain some unit test to run against your hook.