jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Code Issues Releases Activity
4fec440030
sap-jenkins-library/pkg/versioning/pip.go

147 lines
4.1 KiB
Go
Raw Normal View History

Fortify implementation in golang (#1428)
2020-05-25 19:48:59 +02:00
package versioning
import (
"fmt"
"io/ioutil"
"os"
"regexp"
"strings"
"github.com/pkg/errors"
)
const (
// NameRegex is used to match the pip descriptor artifact name
NameRegex = "(?s)(.*)name=['\"](.*?)['\"](.*)"
// VersionRegex is used to match the pip descriptor artifact version
VersionRegex = "(?s)(.*)version=['\"](.*?)['\"](.*)"
)
// PipDescriptor holds the unique identifier combination for pip built Python artifacts
type PipDescriptor struct {
GroupID string
ArtifactID string
Version string
Packaging string
}
// Pip utility to interact with Python specific versioning
type Pip struct {
path string
readFile func(string) ([]byte, error)
writeFile func(string, []byte, os.FileMode) error
fileExists func(string) (bool, error)
buildDescriptorContent string
}
func (p *Pip) init() error {
if p.readFile == nil {
p.readFile = ioutil.ReadFile
}
if p.writeFile == nil {
p.writeFile = ioutil.WriteFile
}
Whitesource scan (MVP) (#1658) * Whitesource MVP for Gradle, Golang, and NPM/Yarn * Refactoring * Refactor and cleanup, better error checking * publish stepResults, use pkg/versioning, bubble up errors, add gomod versioning support * Run gofmt and cleanup comments * Resolve PR comments * Update resources/metadata/whitesource.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * Only determine project coordinates if they are missing Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> * Gradle versioning artifact * fix gradle artifact version regexp and refactor * Fix token extraction from output buffer * Fix some issues with pip and jsonfile versioning logic * Remove useless spacing * Remove unnecessary test file and fix naming style for JSONDescriptor * Automatically download wss-unified-agent if file does not exist * adds downloadVulnerabilityReport, checkSecurityViolations, minor refactoring * adds config.ReportDirectoryName, improves readability * Version-wide reporting for vulnerabilities and list of libraries. * Refactor and improve build accuracy * fix sed command * Add includes file pattern config option * Adds --exclude command line flag * run go mod tidy and regenerate step framework * Fix unit tests * revert changes * poll project status before downloading reports * merge with master * go mod tidy, go fmt, and fix whitesource unit test * sync go.mod * sync go.mod again Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2020-07-01 07:54:13 +02:00
if len(p.buildDescriptorContent) == 0 {
Fortify implementation in golang (#1428)
2020-05-25 19:48:59 +02:00
content, err := p.readFile(p.path)
if err != nil {
return errors.Wrapf(err, "failed to read file '%v'", p.path)
}
p.buildDescriptorContent = string(content)
}
return nil
}
// GetVersion returns the Pip descriptor version property
func (p *Pip) GetVersion() (string, error) {
buildDescriptorFilePath := p.path
var err error
if strings.Contains(p.path, "setup.py") {
buildDescriptorFilePath, err = searchDescriptor([]string{"version.txt", "VERSION"}, p.fileExists)
if err != nil {
err = p.init()
if err != nil {
return "", errors.Wrapf(err, "failed to read file '%v'", p.path)
}
if evaluateResult(p.buildDescriptorContent, VersionRegex) {
compile := regexp.MustCompile(VersionRegex)
values := compile.FindStringSubmatch(p.buildDescriptorContent)
return values[2], nil
}
return "", errors.Wrap(err, "failed to retrieve version")
}
}
artifact := &Versionfile{
path: buildDescriptorFilePath,
versioningScheme: p.VersioningScheme(),
}
return artifact.GetVersion()
}
// SetVersion sets the Pip descriptor version property
func (p *Pip) SetVersion(v string) error {
buildDescriptorFilePath := p.path
var err error
if strings.Contains(p.path, "setup.py") {
buildDescriptorFilePath, err = searchDescriptor([]string{"version.txt", "VERSION"}, p.fileExists)
if err != nil {
err = p.init()
if err != nil {
return errors.Wrapf(err, "failed to read file '%v'", p.path)
}
if evaluateResult(p.buildDescriptorContent, VersionRegex) {
compile := regexp.MustCompile(VersionRegex)
values := compile.FindStringSubmatch(p.buildDescriptorContent)
p.buildDescriptorContent = strings.ReplaceAll(p.buildDescriptorContent, fmt.Sprintf("version='%v'", values[2]), fmt.Sprintf("version='%v'", v))
p.buildDescriptorContent = strings.ReplaceAll(p.buildDescriptorContent, fmt.Sprintf("version=\"%v\"", values[2]), fmt.Sprintf("version=\"%v\"", v))
p.writeFile(p.path, []byte(p.buildDescriptorContent), 0600)
} else {
return errors.Wrap(err, "failed to retrieve version")
}
}
}
artifact := &Versionfile{
path: buildDescriptorFilePath,
versioningScheme: p.VersioningScheme(),
}
return artifact.SetVersion(v)
}
// VersioningScheme returns the relevant versioning scheme
func (p *Pip) VersioningScheme() string {
return "pep440"
}
// GetCoordinates returns the pip build descriptor coordinates
func (p *Pip) GetCoordinates() (Coordinates, error) {
err := p.init()
if err != nil {
return nil, err
}
descriptor := &PipDescriptor{}
if evaluateResult(p.buildDescriptorContent, NameRegex) {
compile := regexp.MustCompile(NameRegex)
values := compile.FindStringSubmatch(p.buildDescriptorContent)
descriptor.ArtifactID = values[2]
} else {
descriptor.ArtifactID = ""
}
descriptor.Version, err = p.GetVersion()
if err != nil {
return nil, errors.Wrap(err, "failed to retrieve coordinates")
}
return descriptor, nil
}
func evaluateResult(value, regex string) bool {
if len(value) > 0 {
match, _ := regexp.MatchString(regex, value)
return match
}
return true
}
Reference in New Issue Copy Permalink