1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
sap-jenkins-library/cmd/detectExecuteScan_test.go

707 lines
25 KiB
Go
Raw Normal View History

package cmd
import (
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
"bytes"
"fmt"
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
"io"
"io/ioutil"
"net/http"
"os"
"path/filepath"
"testing"
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
bd "github.com/SAP/jenkins-library/pkg/blackduck"
piperGithub "github.com/SAP/jenkins-library/pkg/github"
piperhttp "github.com/SAP/jenkins-library/pkg/http"
"github.com/SAP/jenkins-library/pkg/mock"
"github.com/stretchr/testify/assert"
)
type detectTestUtilsBundle struct {
expectedError error
downloadedFiles map[string]string // src, dest
*mock.ShellMockRunner
*mock.FilesMock
customEnv []string
}
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
type httpMockClient struct {
responseBodyForURL map[string]string
errorMessageForURL map[string]string
header map[string]http.Header
}
func (c *httpMockClient) SetOptions(opts piperhttp.ClientOptions) {}
func (c *httpMockClient) SendRequest(method, url string, body io.Reader, header http.Header, cookies []*http.Cookie) (*http.Response, error) {
c.header[url] = header
response := http.Response{
StatusCode: 200,
Body: ioutil.NopCloser(bytes.NewReader([]byte(""))),
}
if c.errorMessageForURL[url] != "" {
response.StatusCode = 400
return &response, fmt.Errorf(c.errorMessageForURL[url])
}
if c.responseBodyForURL[url] != "" {
response.Body = ioutil.NopCloser(bytes.NewReader([]byte(c.responseBodyForURL[url])))
return &response, nil
}
return &response, nil
}
func newBlackduckMockSystem(config detectExecuteScanOptions) blackduckSystem {
myTestClient := httpMockClient{
responseBodyForURL: map[string]string{
"https://my.blackduck.system/api/tokens/authenticate": authContent,
"https://my.blackduck.system/api/projects?q=name%3ASHC-PiperTest": projectContent,
"https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions?limit=100&offset=0": projectVersionContent,
"https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/components?limit=999&offset=0": componentsContent,
"https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/vunlerable-bom-components?limit=999&offset=0": vulnerabilitiesContent,
"https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/components?filter=policyCategory%3Alicense&limit=999&offset=0": componentsContent,
"https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/policy-status": policyStatusContent,
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
},
header: map[string]http.Header{},
}
sys := blackduckSystem{
Client: bd.NewClient(config.Token, config.ServerURL, &myTestClient),
}
return sys
}
const (
authContent = `{
"bearerToken":"bearerTestToken",
"expiresInMilliseconds":7199997
}`
projectContent = `{
"totalCount": 1,
"items": [
{
"name": "SHC-PiperTest",
"_meta": {
"href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf",
"links": [
{
"rel": "versions",
"href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions"
}
]
}
}
]
}`
projectVersionContent = `{
"totalCount": 1,
"items": [
{
"versionName": "1.0",
"_meta": {
"href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions/a6c94786-0ee6-414f-9054-90d549c69c36",
"links": [
{
"rel": "components",
"href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/components"
},
{
"rel": "vulnerable-components",
"href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/vunlerable-bom-components"
},
{
"rel": "policy-status",
"href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/policy-status"
}
]
}
}
]
}`
componentsContent = `{
"totalCount": 2,
"items" : [
{
"componentName": "Spring Framework",
"componentVersionName": "5.3.9",
"policyStatus": "IN_VIOLATION"
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
}, {
"componentName": "Apache Tomcat",
"componentVersionName": "9.0.52",
"policyStatus": "IN_VIOLATION"
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
}
]
}`
vulnerabilitiesContent = `{
"totalCount": 1,
"items": [
{
"componentName": "Spring Framework",
"componentVersionName": "5.3.2",
"vulnerabilityWithRemediation" : {
"vulnerabilityName" : "BDSA-2019-2021",
"baseScore" : 7.5,
"overallScore" : 7.5,
"severity" : "HIGH",
"remediationStatus" : "IGNORED",
"description" : "description"
}
}
]
}`
policyStatusContent = `{
"overallStatus": "IN_VIOLATION",
"componentVersionPolicyViolationDetails": {
"name": "IN_VIOLATION",
"severityLevels": [{"name":"BLOCKER", "value": 1}, {"name": "CRITICAL", "value": 1}]
}
}`
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
)
func (c *detectTestUtilsBundle) RunExecutable(string, ...string) error {
panic("not expected to be called in test")
}
func (c *detectTestUtilsBundle) SetOptions(piperhttp.ClientOptions) {
}
func (c *detectTestUtilsBundle) GetOsEnv() []string {
return c.customEnv
}
func (c *detectTestUtilsBundle) DownloadFile(url, filename string, _ http.Header, _ []*http.Cookie) error {
if c.expectedError != nil {
return c.expectedError
}
if c.downloadedFiles == nil {
c.downloadedFiles = make(map[string]string)
}
c.downloadedFiles[url] = filename
return nil
}
func (w *detectTestUtilsBundle) CreateIssue(ghCreateIssueOptions *piperGithub.CreateIssueOptions) error {
return nil
}
func newDetectTestUtilsBundle() *detectTestUtilsBundle {
utilsBundle := detectTestUtilsBundle{
ShellMockRunner: &mock.ShellMockRunner{},
FilesMock: &mock.FilesMock{},
}
return &utilsBundle
}
func TestRunDetect(t *testing.T) {
t.Parallel()
t.Run("success case", func(t *testing.T) {
t.Parallel()
utilsMock := newDetectTestUtilsBundle()
utilsMock.AddFile("detect.sh", []byte(""))
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
err := runDetect(detectExecuteScanOptions{}, utilsMock, &detectExecuteScanInflux{})
assert.Equal(t, utilsMock.downloadedFiles["https://detect.synopsys.com/detect7.sh"], "detect.sh")
assert.True(t, utilsMock.HasRemovedFile("detect.sh"))
assert.NoError(t, err)
assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used")
assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected")
expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'"
assert.Equal(t, expectedScript, utilsMock.Calls[0])
})
t.Run("success case detect 6", func(t *testing.T) {
t.Parallel()
utilsMock := newDetectTestUtilsBundle()
utilsMock.AddFile("detect.sh", []byte(""))
options := detectExecuteScanOptions{
CustomEnvironmentVariables: []string{"DETECT_LATEST_RELEASE_VERSION=6.8.0"},
}
err := runDetect(options, utilsMock, &detectExecuteScanInflux{})
assert.Equal(t, utilsMock.downloadedFiles["https://detect.synopsys.com/detect.sh"], "detect.sh")
assert.True(t, utilsMock.HasRemovedFile("detect.sh"))
assert.NoError(t, err)
assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used")
assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected")
expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'"
assert.Equal(t, expectedScript, utilsMock.Calls[0])
})
t.Run("success case detect 6 from OS env", func(t *testing.T) {
t.Parallel()
utilsMock := newDetectTestUtilsBundle()
utilsMock.AddFile("detect.sh", []byte(""))
utilsMock.customEnv = []string{"DETECT_LATEST_RELEASE_VERSION=6.8.0"}
err := runDetect(detectExecuteScanOptions{}, utilsMock, &detectExecuteScanInflux{})
assert.Equal(t, utilsMock.downloadedFiles["https://detect.synopsys.com/detect.sh"], "detect.sh")
assert.True(t, utilsMock.HasRemovedFile("detect.sh"))
assert.NoError(t, err)
assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used")
assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected")
fix(detect): bug fix for codelocation not picking the right location (#2745) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations * Set default scanonchange to true * handle multiple unmap true params * add custom env variables * fix codeclimate issues * Update resources/metadata/detect.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * Update resources/metadata/detect.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * update generated files from yaml * bug fix - revert code location changes Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-04-08 11:04:49 +02:00
expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'"
assert.Equal(t, expectedScript, utilsMock.Calls[0])
})
t.Run("failure case", func(t *testing.T) {
t.Parallel()
utilsMock := newDetectTestUtilsBundle()
utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'": fmt.Errorf("")}
utilsMock.ExitCode = 3
utilsMock.AddFile("detect.sh", []byte(""))
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
err := runDetect(detectExecuteScanOptions{}, utilsMock, &detectExecuteScanInflux{})
assert.Equal(t, utilsMock.ExitCode, 3)
assert.Contains(t, err.Error(), "FAILURE_POLICY_VIOLATION => Detect found policy violations.")
assert.True(t, utilsMock.HasRemovedFile("detect.sh"))
})
t.Run("maven parameters", func(t *testing.T) {
t.Parallel()
utilsMock := newDetectTestUtilsBundle()
utilsMock.CurrentDir = "root_folder"
utilsMock.AddFile("detect.sh", []byte(""))
err := runDetect(detectExecuteScanOptions{
M2Path: ".pipeline/local_repo",
ProjectSettingsFile: "project-settings.xml",
GlobalSettingsFile: "global-settings.xml",
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
}, utilsMock, &detectExecuteScanInflux{})
assert.NoError(t, err)
assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used")
assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected")
absoluteLocalPath := string(os.PathSeparator) + filepath.Join("root_folder", ".pipeline", "local_repo")
expectedParam := "\"--detect.maven.build.command='--global-settings global-settings.xml --settings project-settings.xml -Dmaven.repo.local=" + absoluteLocalPath + "'\""
assert.Contains(t, utilsMock.Calls[0], expectedParam)
})
}
func TestAddDetectArgs(t *testing.T) {
t.Parallel()
testData := []struct {
args []string
options detectExecuteScanOptions
expected []string
}{
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ScanProperties: []string{"--scan1=1", "--scan2=2"},
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
Version: "1.0",
VersioningModel: "major-minor",
CodeLocation: "",
Scanners: []string{"signature"},
ScanPaths: []string{"path1", "path2"},
},
expected: []string{
"--testProp1=1",
"--scan1=1",
"--scan2=2",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
fix(detect): bug fix for codelocation not picking the right location (#2745) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations * Set default scanonchange to true * handle multiple unmap true params * add custom env variables * fix codeclimate issues * Update resources/metadata/detect.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * Update resources/metadata/detect.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * update generated files from yaml * bug fix - revert code location changes Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-04-08 11:04:49 +02:00
"\"--detect.code.location.name='testName/1.0'\"",
"--detect.blackduck.signature.scanner.paths=path1,path2",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.source.path='.'",
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
Version: "1.0",
VersioningModel: "major-minor",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup"},
},
expected: []string{
"--testProp1=1",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup'\"",
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path='.'",
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
},
expected: []string{
"--testProp1=1",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path='.'",
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
DependencyPath: "pathx",
},
expected: []string{
"--testProp1=1",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
DependencyPath: "pathx",
Unmap: true,
},
expected: []string{
"--testProp1=1",
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
"--detect.project.codelocation.unmap=true",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
DependencyPath: "pathx",
Unmap: true,
IncludedPackageManagers: []string{"maven", "GRADLE"},
ExcludedPackageManagers: []string{"npm", "NUGET"},
MavenExcludedScopes: []string{"TEST", "compile"},
DetectTools: []string{"DETECTOR"},
},
expected: []string{
"--testProp1=1",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.project.codelocation.unmap=true",
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
"\"--detect.code.location.name='testLocation'\"",
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
"--detect.included.detector.types=MAVEN,GRADLE",
"--detect.excluded.detector.types=NPM,NUGET",
"--detect.maven.excluded.scopes=test,compile",
"--detect.tools=DETECTOR",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
DependencyPath: "pathx",
Unmap: true,
IncludedPackageManagers: []string{"maven", "GRADLE"},
ExcludedPackageManagers: []string{"npm", "NUGET"},
MavenExcludedScopes: []string{"TEST", "compile"},
DetectTools: []string{"DETECTOR"},
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
ScanOnChanges: true,
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
},
expected: []string{
"--testProp1=1",
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
"--report",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
fix(detect): scan paths to better handle signature scan and dependency scan paths (#2508) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * revert to clean version * add unmap parameter to detect * Added Additional parameters for BlackDuck scan * Added detect tools paramater * fix detect.yaml to accept correct data type * fix codeclimate issue in detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-21 15:57:00 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
"--detect.included.detector.types=MAVEN,GRADLE",
"--detect.excluded.detector.types=NPM,NUGET",
"--detect.maven.excluded.scopes=test,compile",
"--detect.tools=DETECTOR",
},
},
feat(detect): Scanonchanges : Parameter to reduce scan running time and load on BlackDuck server (#2538) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-29 11:17:02 +02:00
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
DependencyPath: "pathx",
Unmap: true,
IncludedPackageManagers: []string{"maven", "GRADLE"},
ExcludedPackageManagers: []string{"npm", "NUGET"},
MavenExcludedScopes: []string{"TEST", "compile"},
DetectTools: []string{"DETECTOR"},
ScanOnChanges: true,
},
expected: []string{
"--testProp1=1",
"--report",
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
feat(detect): Scanonchanges : Parameter to reduce scan running time and load on BlackDuck server (#2538) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-29 11:17:02 +02:00
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"\"--detect.code.location.name='testLocation'\"",
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
"--detect.included.detector.types=MAVEN,GRADLE",
"--detect.excluded.detector.types=NPM,NUGET",
"--detect.maven.excluded.scopes=test,compile",
"--detect.tools=DETECTOR",
},
},
{
args: []string{"--testProp1=1"},
options: detectExecuteScanOptions{
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
ScanProperties: []string{"--scan=1", "--detect.project.codelocation.unmap=true"},
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
ServerURL: "https://server.url",
Token: "apiToken",
ProjectName: "testName",
CodeLocation: "testLocation",
FailOn: []string{"BLOCKER", "MAJOR"},
Scanners: []string{"source"},
ScanPaths: []string{"path1", "path2"},
Groups: []string{"testGroup", "testGroup2"},
Version: "1.0",
VersioningModel: "major-minor",
DependencyPath: "pathx",
Unmap: true,
IncludedPackageManagers: []string{"maven", "GRADLE"},
ExcludedPackageManagers: []string{"npm", "NUGET"},
MavenExcludedScopes: []string{"TEST", "compile"},
DetectTools: []string{"DETECTOR"},
ScanOnChanges: true,
},
expected: []string{
"--testProp1=1",
"--report",
DetectExecuteScan : Codelocations autodetermined by detect script (#2704) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code version * Changes for detect codelocation * remove unmap from scanProperties * fix/add unit tests for remove unmap * handle spaces in scanProperties * update default scanproperties to remove deprecations Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-26 14:06:13 +02:00
"--scan=1",
fix(detect): Scanonchanges : bug fix for escaping spaces in parameters (#2561) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml * bug fix for parameters with quoting spaces * add additional test case Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-02-02 16:43:12 +02:00
"--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken",
"\"--detect.project.name='testName'\"",
"\"--detect.project.version.name='1.0'\"",
"\"--detect.project.user.groups='testGroup,testGroup2'\"",
"--detect.policy.check.fail.on.severities=BLOCKER,MAJOR",
"\"--detect.code.location.name='testLocation'\"",
feat(detect): Scanonchanges : Parameter to reduce scan running time and load on BlackDuck server (#2538) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * clean detect code * add the the scanOnChanges parameter to detect * fix codeclimate issue * updated detect.yaml Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-01-29 11:17:02 +02:00
"--detect.blackduck.signature.scanner.paths=path1,path2",
"--detect.source.path=pathx",
"--detect.included.detector.types=MAVEN,GRADLE",
"--detect.excluded.detector.types=NPM,NUGET",
"--detect.maven.excluded.scopes=test,compile",
"--detect.tools=DETECTOR",
},
},
}
for k, v := range testData {
v := v
t.Run(fmt.Sprintf("run %v", k), func(t *testing.T) {
t.Parallel()
got, err := addDetectArgs(v.args, v.options, newDetectTestUtilsBundle())
assert.NoError(t, err)
assert.Equal(t, v.expected, got)
})
}
}
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
// Testing exit code mapping method
func TestExitCodeMapping(t *testing.T) {
cases := []struct {
exitCode int
expected string
}{
{1, "FAILURE_BLACKDUCK_CONNECTIVITY"},
{-1, "Not known exit code key"},
{8, "Not known exit code key"},
{100, "FAILURE_UNKNOWN_ERROR"},
}
for _, c := range cases {
response := exitCodeMapping(c.exitCode)
assert.Contains(t, response, c.expected)
}
}
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
func TestPostScanChecksAndReporting(t *testing.T) {
t.Parallel()
t.Run("Reporting after scan", func(t *testing.T) {
config := detectExecuteScanOptions{Token: "token", ServerURL: "https://my.blackduck.system", ProjectName: "SHC-PiperTest", Version: "", CustomScanVersion: "1.0"}
utils := newDetectTestUtilsBundle()
sys := newBlackduckMockSystem(config)
err := postScanChecksAndReporting(config, &detectExecuteScanInflux{}, utils, &sys)
assert.EqualError(t, err, "License Policy Violations found")
content, err := utils.FileRead("blackduck-ip.json")
assert.NoError(t, err)
assert.Contains(t, string(content), `"policyViolations":2`)
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
})
}
func TestIsMajorVulnerability(t *testing.T) {
t.Parallel()
t.Run("Case True", func(t *testing.T) {
vr := bd.VulnerabilityWithRemediation{
OverallScore: 7.5,
Severity: "HIGH",
}
v := bd.Vulnerability{
Name: "",
VulnerabilityWithRemediation: vr,
}
assert.True(t, isMajorVulnerability(v))
})
t.Run("Case False", func(t *testing.T) {
vr := bd.VulnerabilityWithRemediation{
OverallScore: 7.5,
Severity: "MEDIUM",
}
v := bd.Vulnerability{
Name: "",
VulnerabilityWithRemediation: vr,
}
assert.False(t, isMajorVulnerability(v))
})
}
func TestIsActiveVulnerability(t *testing.T) {
detect : Create html and json report upon scan completion (#3042) * changes to detectExec before master merge * changes for detectExecuteScan * self generated code added * fix syntax errors and update docu * added unit tests for fail and Group * fix failOn bug * add Groups as string array * add Groups as string array * tests and validation for groups, failOn * Updated docs and added more tests * documentation md files should not be changed * Handle merge conflicts from PR 1845 * fix merge errors * remove duplicate groups, merge error * adding buildCode and buildTool as params * switching build options * building maven modules * parameter correction * parameter correction * gnerate with new build parameter * adding comments * removing piper lib master and modifying goUtils to download 1.5.7 release * first cleaning then installing * multi module maven built * multi module maven built removing unwanted code * multi module maven built moving inside switch * testing * modifying the default use case to also call maven build * modifying the default use case to also call maven build wih -- * corrected maven build command * corrected maven build command with %v * skipping test runs * testing for MTA project with single pom * adding absolute path to m2 path * clean up * adding switch for mta and maven and removing env from containers * commiting changes for new detect step * correting log message * code clean up * unit tests changes to detectExecute * basic tests for new change * restoring piperGoUtils to download correct piper binary * code clean up * code clean up * add basic reporting * write html and json reports * fix syntax errors and tests * sort values in report by vuln * add more unit tests Co-authored-by: Keshav <anil.keshav@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-12 15:58:33 +02:00
t.Parallel()
t.Run("Case true", func(t *testing.T) {
vr := bd.VulnerabilityWithRemediation{
OverallScore: 7.5,
Severity: "HIGH",
RemediationStatus: "NEW",
}
v := bd.Vulnerability{
Name: "",
VulnerabilityWithRemediation: vr,
}
assert.True(t, isActiveVulnerability(v))
})
t.Run("Case False", func(t *testing.T) {
vr := bd.VulnerabilityWithRemediation{
OverallScore: 7.5,
Severity: "HIGH",
RemediationStatus: "IGNORED",
}
v := bd.Vulnerability{
Name: "",
VulnerabilityWithRemediation: vr,
}
assert.False(t, isActiveVulnerability(v))
})
}
func TestIsActivePolicyViolation(t *testing.T) {
t.Parallel()
t.Run("Case true", func(t *testing.T) {
assert.True(t, isActivePolicyViolation("IN_VIOLATION"))
})
t.Run("Case False", func(t *testing.T) {
assert.False(t, isActivePolicyViolation("NOT_IN_VIOLATION"))
})
}
func TestGetActivePolicyViolations(t *testing.T) {
t.Parallel()
t.Run("Case true", func(t *testing.T) {
config := detectExecuteScanOptions{Token: "token", ServerURL: "https://my.blackduck.system", ProjectName: "SHC-PiperTest", Version: "", CustomScanVersion: "1.0"}
sys := newBlackduckMockSystem(config)
components, err := sys.Client.GetComponents("SHC-PiperTest", "1.0")
assert.NoError(t, err)
assert.Equal(t, getActivePolicyViolations(components), 2)
})
}