1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-01-06 04:13:55 +02:00
sap-jenkins-library/pkg/whitesource/scanMaven.go

128 lines
4.0 KiB
Go
Raw Normal View History

package whitesource
import (
"fmt"
"path/filepath"
"strings"
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535) * Add GH issue creation + SARIF * Code cleanup * Fix fmt, add debug * Code enhancements * Fix * Added debug info * Rework UA log scan * Fix code * read UA version * Fix nil reference * Extraction * Credentials * Issue creation * Error handling * Fix issue creation * query escape * Query escape 2 * Revert * Test avoid update * HTTP client * Add support for custom TLS certs * Fix code * Fix code 2 * Fix code 3 * Disable cert check * Fix auth * Remove implicit trust * Skip verification * Fix * Fix client * Fix HTTP auth * Fix trusted certs * Trim version * Code * Add token * Added token handling to client * Fix token * Cleanup * Fix token * Token rework * Fix code * Kick out oauth client * Kick out oauth client * Transport wrapping * Token * Simplification * Refactor * Variation * Check * Fix * Debug * Switch client * Variation * Debug * Switch to cert check * Add debug * Parse self * Cleanup * Update resources/metadata/whitesourceExecuteScan.yaml * Add debug * Expose subjects * Patch * Debug * Debug2 * Debug3 * Fix logging response body * Cleanup * Cleanup * Fix request body logging * Cleanup import * Fix import cycle * Cleanup * Fix fmt * Fix NopCloser reference * Regenerate * Reintroduce * Fix test * Fix tests * Correction * Fix error * Code fix * Fix tests * Add tests * Fix code climate issues * Code climate * Code climate again * Code climate again * Fix fmt * Fix fmt 2 Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-23 10:30:19 +02:00
"github.com/SAP/jenkins-library/pkg/log"
"github.com/SAP/jenkins-library/pkg/maven"
)
// ExecuteMavenScan constructs maven parameters from the given configuration, and executes the maven goal
// "org.whitesource:whitesource-maven-plugin:19.5.1:update".
func (s *Scan) ExecuteMavenScan(config *ScanOptions, utils Utils) error {
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535) * Add GH issue creation + SARIF * Code cleanup * Fix fmt, add debug * Code enhancements * Fix * Added debug info * Rework UA log scan * Fix code * read UA version * Fix nil reference * Extraction * Credentials * Issue creation * Error handling * Fix issue creation * query escape * Query escape 2 * Revert * Test avoid update * HTTP client * Add support for custom TLS certs * Fix code * Fix code 2 * Fix code 3 * Disable cert check * Fix auth * Remove implicit trust * Skip verification * Fix * Fix client * Fix HTTP auth * Fix trusted certs * Trim version * Code * Add token * Added token handling to client * Fix token * Cleanup * Fix token * Token rework * Fix code * Kick out oauth client * Kick out oauth client * Transport wrapping * Token * Simplification * Refactor * Variation * Check * Fix * Debug * Switch client * Variation * Debug * Switch to cert check * Add debug * Parse self * Cleanup * Update resources/metadata/whitesourceExecuteScan.yaml * Add debug * Expose subjects * Patch * Debug * Debug2 * Debug3 * Fix logging response body * Cleanup * Cleanup * Fix request body logging * Cleanup import * Fix import cycle * Cleanup * Fix fmt * Fix NopCloser reference * Regenerate * Reintroduce * Fix test * Fix tests * Correction * Fix error * Code fix * Fix tests * Add tests * Fix code climate issues * Code climate * Code climate again * Code climate again * Fix fmt * Fix fmt 2 Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-23 10:30:19 +02:00
s.AgentName = "WhiteSource Maven Plugin"
s.AgentVersion = "unknown"
log.Entry().Infof("Using Whitesource scan for Maven project")
pomPath := config.PomPath
if pomPath == "" {
pomPath = "pom.xml"
}
return s.ExecuteMavenScanForPomFile(config, utils, pomPath)
}
// ExecuteMavenScanForPomFile constructs maven parameters from the given configuration, and executes the maven goal
// "org.whitesource:whitesource-maven-plugin:19.5.1:update" for the given pom file.
func (s *Scan) ExecuteMavenScanForPomFile(config *ScanOptions, utils Utils, pomPath string) error {
pomExists, _ := utils.FileExists(pomPath)
if !pomExists {
return fmt.Errorf("for scanning with type '%s', the file '%s' must exist in the project root",
config.ScanType, pomPath)
}
if config.InstallArtifacts {
err := maven.InstallMavenArtifacts(&maven.EvaluateOptions{
M2Path: config.M2Path,
ProjectSettingsFile: config.ProjectSettingsFile,
GlobalSettingsFile: config.GlobalSettingsFile,
PomPath: pomPath,
}, utils)
if err != nil {
return err
}
}
defines := s.generateMavenWhitesourceDefines(config)
flags, excludes := generateMavenWhitesourceFlags(config, utils)
err := s.appendModulesThatWillBeScanned(utils, excludes)
if err != nil {
return fmt.Errorf("failed to determine maven modules which will be scanned: %w", err)
}
_, err = maven.Execute(&maven.ExecuteOptions{
PomPath: pomPath,
M2Path: config.M2Path,
GlobalSettingsFile: config.GlobalSettingsFile,
ProjectSettingsFile: config.ProjectSettingsFile,
Defines: defines,
Flags: flags,
Goals: []string{"org.whitesource:whitesource-maven-plugin:19.5.1:update"},
}, utils)
return err
}
func (s *Scan) generateMavenWhitesourceDefines(config *ScanOptions) []string {
defines := []string{
"-Dorg.whitesource.orgToken=" + config.OrgToken,
"-Dorg.whitesource.product=" + config.ProductName,
"-Dorg.whitesource.checkPolicies=true",
"-Dorg.whitesource.failOnError=true",
"-Dorg.whitesource.forceUpdate=true",
}
// Aggregate all modules into one WhiteSource project, if user specified the 'projectName' parameter.
if config.ProjectName != "" {
defines = append(defines, "-Dorg.whitesource.aggregateProjectName="+config.ProjectName)
defines = append(defines, "-Dorg.whitesource.aggregateModules=true")
}
if config.UserToken != "" {
defines = append(defines, "-Dorg.whitesource.userKey="+config.UserToken)
}
if s.ProductVersion != "" {
defines = append(defines, "-Dorg.whitesource.productVersion="+s.ProductVersion)
}
return defines
}
func generateMavenWhitesourceFlags(config *ScanOptions, utils Utils) (flags []string, excludes []string) {
excludes = config.BuildDescriptorExcludeList
// From the documentation, these are file paths to a module's pom.xml.
// For MTA projects, we want to support mixing paths to package.json files and pom.xml files.
for _, exclude := range excludes {
if !strings.HasSuffix(exclude, "pom.xml") {
continue
}
exists, _ := utils.FileExists(exclude)
if !exists {
continue
}
moduleName := filepath.Dir(exclude)
if moduleName != "" {
flags = append(flags, "-pl", "!"+moduleName)
}
}
return flags, excludes
}
func (s *Scan) appendModulesThatWillBeScanned(utils Utils, excludes []string) error {
return maven.VisitAllMavenModules(".", utils, excludes, func(info maven.ModuleInfo) error {
project := info.Project
if project.Packaging != "pom" {
if project.ArtifactID == "" {
return fmt.Errorf("artifactId missing from '%s'", info.PomXMLPath)
}
err := s.AppendScannedProject(project.ArtifactID)
if err != nil {
return err
}
}
return nil
})
}