Séparation de pa11y et lighthouse

Makefile

@@ -2,6 +2,7 @@ DOCKER_ARGS ?=
 W3AF_COMMAND ?=
 LIGHTHOUSE_COMMAND ?=
 LIGHTHOUSE_URL ?=
+PA11Y_URL ?=
 
 image-w3af:
 	docker build \
@@ -52,11 +53,43 @@ lighthouse:
 		-e HTTPS_PROXY=$(HTTPS_PROXY) \
 		-e http_proxy=$(http_proxy) \
 		-e https_proxy=$(https_proxy) \
-		-e LIGHTHOUSE_URL=$(LIGHTHOUSE_URL) \
+		-e LIGHTHOUSE_URL='$(LIGHTHOUSE_URL)' \
 		-u $(shell id -u $(USER)):$(shell id -g $(USER)) \
 		-v "$(PWD)/data/lighthouse/reports:/home/lighthouse/reports" \
 		$(DOCKER_ARGS) \
 		jenkins-lighthouse:latest \
 		$(LIGHTHOUSE_COMMAND)
 
+pa11y:
+	mkdir -p "$(PWD)/data/pa11y/reports"
+	docker run \
+		-it --rm \
+		--net host \
+		--cap-add=SYS_ADMIN \
+		-e HTTP_PROXY=$(HTTP_PROXY) \
+		-e HTTPS_PROXY=$(HTTPS_PROXY) \
+		-e http_proxy=$(http_proxy) \
+		-e https_proxy=$(https_proxy) \
+		-e PA11Y_URL='$(PA11Y_URL)' \
+		-u $(shell id -u $(USER)):$(shell id -g $(USER)) \
+		-v "$(PWD)/data/pa11y/reports:/home/pa11y/reports" \
+		$(DOCKER_ARGS) \
+		jenkins-pa11y:latest \
+		$(PA11Y_COMMAND)
+
+image-pa11y:
+	docker build \
+		--build-arg=HTTP_PROXY=$(HTTP_PROXY) \
+		--build-arg=HTTPS_PROXY=$(HTTPS_PROXY) \
+		--build-arg=http_proxy=$(http_proxy) \
+		--build-arg=https_proxy=$(https_proxy) \
+		-t jenkins-pa11y \
+		./resources/com/cadoles/pa11y
+
+interactive-pa11y:
+	$(MAKE) PA11Y_COMMAND="/bin/sh" pa11y
+
+audit-pa11y:
+	$(MAKE) PA11Y_COMMAND="/usr/local/bin/run-audit" pa11y
+
 .PHONY: image-w3af image-lighthouse

resources/com/cadoles/lighthouse/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.11.4 as envtpl
+FROM golang:1.13 as envtpl
 
 ARG HTTP_PROXY=
 ARG HTTPS_PROXY=
@@ -35,7 +35,6 @@ RUN apk add --no-cache \
     chromium
 
 RUN npm install -g lighthouse
-RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y pa11y-reporter-html
 
 RUN adduser -D lighthouse   
 
@@ -43,7 +42,6 @@ COPY run-audit.sh /usr/local/bin/run-audit
 RUN chmod +x /usr/local/bin/run-audit
 
 COPY config.js.tmpl /home/lighthouse/config.js.tmpl
-COPY patty.json.tmpl /home/lighthouse/patty.json.tmpl
 
 WORKDIR /home/lighthouse
 

resources/com/cadoles/lighthouse/run-audit.sh

@@ -3,7 +3,6 @@
 set -x
 
 envtpl -o config.js /home/lighthouse/config.js.tmpl
-envtpl -o patty.json /home/lighthouse/patty.json.tmpl
 
 mkdir -p reports
 rm -f reports/*
@@ -18,11 +17,3 @@ lighthouse \
     --output-path=lighthouse \
     -- \
     "$LIGHTHOUSE_URL"
-
-export PUPPETEER_EXECUTABLE_PATH=$(which chromium-browser)
-
-pa11y --reporter html \
-    --config ../patty.json \
-    --include-warnings \
-    --include-notices \
-    "$LIGHTHOUSE_URL" > pa11y.report.html || exit 0

resources/com/cadoles/pa11y/Dockerfile

@@ -0,0 +1,55 @@
+FROM golang:1.13 as envtpl
+
+ARG HTTP_PROXY=
+ARG HTTPS_PROXY=
+ARG http_proxy=
+ARG https_proxy=
+
+RUN apt-get update -y && apt-get install -y git
+
+RUN git clone https://github.com/subfuzion/envtpl /src \
+  && cd /src \
+  && git checkout v1.0.0 \
+  && CGO_ENABLED=0 GOOS=linux go build \
+    -ldflags "-X main.AppVersionMetadata=$(date -u +%s)" \
+    -a -installsuffix cgo -o ./bin/envtpl ./cmd/envtpl/.
+
+FROM alpine:3.10
+
+ARG HTTP_PROXY=
+ARG HTTPS_PROXY=
+ARG http_proxy=
+ARG https_proxy=
+
+COPY --from=envtpl /src/bin/envtpl /usr/local/bin/envtpl
+
+RUN apk add --no-cache \
+    nss \
+    freetype \
+    freetype-dev \
+    harfbuzz \
+    ca-certificates \
+    ttf-freefont \
+    nodejs \
+    npm \
+    chromium \
+    bash
+
+RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y@next pa11y-reporter-html
+
+RUN adduser -D pa11y   
+
+COPY run-audit.sh /usr/local/bin/run-audit
+RUN chmod +x /usr/local/bin/run-audit
+
+COPY patty.json.tmpl /home/pa11y/patty.json.tmpl
+
+WORKDIR /home/pa11y
+
+RUN mkdir /home/pa11y/reports
+
+RUN chown -R pa11y: /home/pa11y
+
+USER pa11y
+
+CMD /usr/local/bin/run-audit

resources/com/cadoles/pa11y/run-audit.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+set -x
+
+envtpl -o patty.json /home/pa11y/patty.json.tmpl
+
+mkdir -p reports
+rm -f reports/*
+
+cd reports
+
+export PUPPETEER_EXECUTABLE_PATH=$(which chromium-browser)
+export PA11Y_REPORTER="${PA11Y_REPORTER:-html}"
+
+pa11y \
+    --config ../patty.json \
+    --include-warnings \
+    --include-notices \
+    --reporter "${PA11Y_REPORTER}" \
+    "$PA11Y_URL" > "pa11y.report.${PA11Y_REPORTER}" || exit 0

resources/com/cadoles/w3af/audit.w3af.tmpl

@@ -58,6 +58,7 @@ back
 crawl web_spider
 crawl config web_spider
 set ignore_regex {{ .W3AF_AUTH_LOGOUT_URL_REGEX }}
+set only_forward {{ default "True" .W3AF_SPIDER_ONLY_FORWARD }}
 back
 {{end}}
 

vars/lighthouse.groovy

@@ -104,7 +104,6 @@ def buildDockerImage() {
         def resourceFiles = [
             'com/cadoles/lighthouse/Dockerfile',
             'com/cadoles/lighthouse/config.js.tmpl',
-            'com/cadoles/lighthouse/patty.json.tmpl',
             'com/cadoles/lighthouse/run-audit.sh'
         ];
 

vars/pa11y.groovy

@@ -0,0 +1,23 @@
+def audit(url: String) {
+    
+}
+
+def buildDockerImage() {
+    dir ('.pa11y') {
+        def resourceFiles = [
+            'com/cadoles/pa11y/Dockerfile',
+            'com/cadoles/pa11y/patty.json.tmpl',
+            'com/cadoles/pa11y/run-audit.sh'
+        ];
+
+        for (res in resourceFiles) {
+            def fileContent = libraryResource res
+            def fileName = res.substring(res.lastIndexOf("/")+1)
+            writeFile file:fileName, text:fileContent
+        }
+        
+        def safeJobName = URLDecoder.decode(env.JOB_NAME).toLowerCase().replace('/', '-').replace(' ', '-')
+        def imageTag = "${safeJobName}-${env.BUILD_ID}"
+        return docker.build("pa11y:${imageTag}", ".")
+    }
+}