sap-jenkins-library/vars/whitesourceExecuteScan.groovy

import com.sap.piper.BuildTool
import com.sap.piper.DownloadCacheUtils
import groovy.transform.Field

import static com.sap.piper.Prerequisites.checkScript

@Field String STEP_NAME = getClass().getName()
@Field String METADATA_FILE = 'metadata/whitesourceExecuteScan.yaml'

//Metadata maintained in file project://resources/metadata/whitesourceExecuteScan.yaml

void call(Map parameters = [:]) {
    final script = checkScript(this, parameters) ?: this
    parameters = DownloadCacheUtils.injectDownloadCacheInParameters(script, parameters, BuildTool.MTA)

    List credentials = [
        [type: 'token', id: 'orgAdminUserTokenCredentialsId', env: ['PIPER_orgToken']],
        [type: 'token', id: 'userTokenCredentialsId', env: ['PIPER_userToken']],
        [type: 'token', id: 'githubTokenCredentialsId', env: ['PIPER_githubToken']],
        [type: 'file', id: 'dockerConfigJsonCredentialsId', env: ['PIPER_dockerConfigJSON']],
        [type: 'usernamePassword', id: 'golangPrivateModulesGitTokenCredentialsId', env: ['PIPER_privateModulesGitUsername', 'PIPER_privateModulesGitToken']]
    ]
    piperExecuteBin(parameters, STEP_NAME, METADATA_FILE, credentials)
}
Optionally use new go-based Whitesource step (#2079) 2020-09-30 08:56:16 +02:00			`import com.sap.piper.BuildTool`
			`import com.sap.piper.DownloadCacheUtils`
Initial checkin of new whitesource step 2019-02-28 13:01:30 +01:00			`import groovy.transform.Field`

			`import static com.sap.piper.Prerequisites.checkScript`

Update vars/whitesourceExecuteScan.groovy Co-Authored-By: nevskrem <33895725+nevskrem@users.noreply.github.com> 2019-03-06 13:07:55 +01:00			`@Field String STEP_NAME = getClass().getName()`
enforce that step metadata yaml file is called <step>.yaml (#3226) Co-authored-by: Philipp Stehle <philipp.stehle@sap.com> 2021-11-15 14:20:20 +01:00			`@Field String METADATA_FILE = 'metadata/whitesourceExecuteScan.yaml'`
Cleanup and alignment with internal step 2019-03-05 13:59:27 +01:00
enforce that step metadata yaml file is called <step>.yaml (#3226) Co-authored-by: Philipp Stehle <philipp.stehle@sap.com> 2021-11-15 14:20:20 +01:00			`//Metadata maintained in file project://resources/metadata/whitesourceExecuteScan.yaml`
Initial checkin of new whitesource step 2019-02-28 13:01:30 +01:00
			`void call(Map parameters = [:]) {`
feat(whitesourceExecuteScan): UA for all build tools, e.g. maven & npm (#2501) * feat(whitesource): add config helper this helps to ease & enforce config settings * fix accidential change of class * add todos wrt java download * use existing scanOptions, add option to download jre * update generation * fix generation * allow running UA via go library * correct image, improve logging * add removal of downloaded JVM * update java creation and deletion * refactor and add log output * remove obsolete ToDo * increase test coverage * increase test coverage * adding aliases and tests * make go modules as default * maven: update behavior of projectNaming * add Docker capabilities * correct parameter name * retrieve Docker coordinates * docker coordinates only to provide artifact * add ToDos * add mta capability * add aliases, mvn arguments for settings * clean up groovy part * update defaults * add container for pip * add defaults, add maven specifics, ... * properly download settings * maven: check existence of excluded files * fix reporting * Update CommonStepsTest.groovy * update comment * fix CodeClimate finding * add tests for pip & fix minor issues * fix order of pip build descriptors * update pip container options * fix pip virtualEnv parameter * update report permissions * fix test * update container options * add use fileUtils to load properties file * update parameter description * adding Docker scanning defaults * clean up configHelper * consider also npm tool cache * add todos 2021-02-03 14:52:48 +01:00			`final script = checkScript(this, parameters) ?: this`
			`parameters = DownloadCacheUtils.injectDownloadCacheInParameters(script, parameters, BuildTool.MTA)`
Added debug output 2019-03-04 23:09:40 +01:00
feat(whitesourceExecuteScan): UA for all build tools, e.g. maven & npm (#2501) * feat(whitesource): add config helper this helps to ease & enforce config settings * fix accidential change of class * add todos wrt java download * use existing scanOptions, add option to download jre * update generation * fix generation * allow running UA via go library * correct image, improve logging * add removal of downloaded JVM * update java creation and deletion * refactor and add log output * remove obsolete ToDo * increase test coverage * increase test coverage * adding aliases and tests * make go modules as default * maven: update behavior of projectNaming * add Docker capabilities * correct parameter name * retrieve Docker coordinates * docker coordinates only to provide artifact * add ToDos * add mta capability * add aliases, mvn arguments for settings * clean up groovy part * update defaults * add container for pip * add defaults, add maven specifics, ... * properly download settings * maven: check existence of excluded files * fix reporting * Update CommonStepsTest.groovy * update comment * fix CodeClimate finding * add tests for pip & fix minor issues * fix order of pip build descriptors * update pip container options * fix pip virtualEnv parameter * update report permissions * fix test * update container options * add use fileUtils to load properties file * update parameter description * adding Docker scanning defaults * clean up configHelper * consider also npm tool cache * add todos 2021-02-03 14:52:48 +01:00			`List credentials = [`
			`[type: 'token', id: 'orgAdminUserTokenCredentialsId', env: ['PIPER_orgToken']],`
			`[type: 'token', id: 'userTokenCredentialsId', env: ['PIPER_userToken']],`
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535) * Add GH issue creation + SARIF * Code cleanup * Fix fmt, add debug * Code enhancements * Fix * Added debug info * Rework UA log scan * Fix code * read UA version * Fix nil reference * Extraction * Credentials * Issue creation * Error handling * Fix issue creation * query escape * Query escape 2 * Revert * Test avoid update * HTTP client * Add support for custom TLS certs * Fix code * Fix code 2 * Fix code 3 * Disable cert check * Fix auth * Remove implicit trust * Skip verification * Fix * Fix client * Fix HTTP auth * Fix trusted certs * Trim version * Code * Add token * Added token handling to client * Fix token * Cleanup * Fix token * Token rework * Fix code * Kick out oauth client * Kick out oauth client * Transport wrapping * Token * Simplification * Refactor * Variation * Check * Fix * Debug * Switch client * Variation * Debug * Switch to cert check * Add debug * Parse self * Cleanup * Update resources/metadata/whitesourceExecuteScan.yaml * Add debug * Expose subjects * Patch * Debug * Debug2 * Debug3 * Fix logging response body * Cleanup * Cleanup * Fix request body logging * Cleanup import * Fix import cycle * Cleanup * Fix fmt * Fix NopCloser reference * Regenerate * Reintroduce * Fix test * Fix tests * Correction * Fix error * Code fix * Fix tests * Add tests * Fix code climate issues * Code climate * Code climate again * Code climate again * Fix fmt * Fix fmt 2 Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> 2022-02-23 09:30:19 +01:00			`[type: 'token', id: 'githubTokenCredentialsId', env: ['PIPER_githubToken']],`
fix(whitesourceExecuteScan): added missing credential declaration for the docker config (#3404) 2022-01-11 09:43:12 +01:00			`[type: 'file', id: 'dockerConfigJsonCredentialsId', env: ['PIPER_dockerConfigJSON']],`
added logic of fetching golang private packages for whitesource step (#4595) * added logic of fetching golang private packages for whitesource step and detectExecuteScan step * changed logic of checking by config.PrivateModulesGitToken * moved func prepareGolangPrivatePackages to golangBuild.go * fix (gitOpsUpdateDeployment) add CA bundle options to plain clone and commit to trust enterprise github instances (#4602) * downloading ca cert bundle when added as config * adding logging statements * allowing bats test to handle ca cert * adding info message * hard coding file names * including correct http client util bundle * removing logging message not needed * adding cert bundle to commit and push * improving the condition to add ca cert in commit and push * fixing unit test * fixing unit test * fixing unit test * fixing unit test * fixing unit test * feat(kanikoExecute): add dockerfilePath param to multipleImages (#4569) * add containerDockerfilePath param to multipleImages * rename ContainerDockerfilePath param to DockerfilePath * Fix trailing spaces --------- Co-authored-by: Egor Balakin <egor.balakin@sap.com> Co-authored-by: Vyacheslav Starostin <32613074+vstarostin@users.noreply.github.com> * fix(helm): forward sourceRepositoryCredentialsId from groovy to go layer (#4604) forward sourceRepositoryCredentialsId from groovy to go layer in the same way how this is done for the targetRepositoryCredentialsId * feat(config): exporting generateConfig function and applying minor changes (#4605) * exporting generateConfig function and applying minor changes * Added setConfigOptions to set configOptions variable. Added possibility to set format output, json or yaml for now. * Correcting mistake on cmd/getDefaults.go Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com> --------- Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com> * moved func prepareGolangPrivatePackages to pkg/golang --------- Co-authored-by: Akramdzhon Azamov <MY_NAME@example.com> Co-authored-by: Andrei Kireev <andrei.kireev@sap.com> Co-authored-by: Anil Keshav <anil.keshav@sap.com> Co-authored-by: Egor Balakin <14162703+m1ron0xFF@users.noreply.github.com> Co-authored-by: Egor Balakin <egor.balakin@sap.com> Co-authored-by: Vyacheslav Starostin <32613074+vstarostin@users.noreply.github.com> Co-authored-by: Marcus Holl <marcus.holl@sap.com> Co-authored-by: Jk1484 <35270240+Jk1484@users.noreply.github.com> Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com> 2023-10-06 19:22:26 +05:00			`[type: 'usernamePassword', id: 'golangPrivateModulesGitTokenCredentialsId', env: ['PIPER_privateModulesGitUsername', 'PIPER_privateModulesGitToken']]`
feat(whitesourceExecuteScan): UA for all build tools, e.g. maven & npm (#2501) * feat(whitesource): add config helper this helps to ease & enforce config settings * fix accidential change of class * add todos wrt java download * use existing scanOptions, add option to download jre * update generation * fix generation * allow running UA via go library * correct image, improve logging * add removal of downloaded JVM * update java creation and deletion * refactor and add log output * remove obsolete ToDo * increase test coverage * increase test coverage * adding aliases and tests * make go modules as default * maven: update behavior of projectNaming * add Docker capabilities * correct parameter name * retrieve Docker coordinates * docker coordinates only to provide artifact * add ToDos * add mta capability * add aliases, mvn arguments for settings * clean up groovy part * update defaults * add container for pip * add defaults, add maven specifics, ... * properly download settings * maven: check existence of excluded files * fix reporting * Update CommonStepsTest.groovy * update comment * fix CodeClimate finding * add tests for pip & fix minor issues * fix order of pip build descriptors * update pip container options * fix pip virtualEnv parameter * update report permissions * fix test * update container options * add use fileUtils to load properties file * update parameter description * adding Docker scanning defaults * clean up configHelper * consider also npm tool cache * add todos 2021-02-03 14:52:48 +01:00			`]`
			`piperExecuteBin(parameters, STEP_NAME, METADATA_FILE, credentials)`
Initial checkin of new whitesource step 2019-02-28 13:01:30 +01:00			`}`