diff --git a/cmd/detectExecuteScan.go b/cmd/detectExecuteScan.go index b896a1a7a..3d42131da 100644 --- a/cmd/detectExecuteScan.go +++ b/cmd/detectExecuteScan.go @@ -133,8 +133,21 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU _, detectVersionName := versioning.DetermineProjectCoordinates("", config.VersioningModel, coordinates) + //Split on spaces, the scanPropeties, so that each property is available as a single string + //instead of all properties being part of a single string + config.ScanProperties = piperutils.SplitAndTrim(config.ScanProperties, " ") + if config.ScanOnChanges { args = append(args, "--report") + config.Unmap = false + } + + if config.Unmap { + args = append(args, fmt.Sprintf("--detect.project.codelocation.unmap=true")) + config.ScanProperties, _ = piperutils.RemoveAll(config.ScanProperties, "--detect.project.codelocation.unmap=false") + } else { + //When unmap is set to false, any occurances of unmap=true from scanProperties must be removed + config.ScanProperties, _ = piperutils.RemoveAll(config.ScanProperties, "--detect.project.codelocation.unmap=true") } args = append(args, config.ScanProperties...) @@ -156,11 +169,9 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU args = append(args, fmt.Sprintf("--detect.policy.check.fail.on.severities=%v", strings.Join(config.FailOn, ","))) } - codeLocation := config.CodeLocation - if len(codeLocation) == 0 && len(config.ProjectName) > 0 { - codeLocation = fmt.Sprintf("%v/%v", config.ProjectName, detectVersionName) + if len(config.CodeLocation) > 0 { + args = append(args, fmt.Sprintf("\"--detect.code.location.name='%v'\"", config.CodeLocation)) } - args = append(args, fmt.Sprintf("\"--detect.code.location.name='%v'\"", codeLocation)) if len(config.ScanPaths) > 0 && len(config.ScanPaths[0]) > 0 { args = append(args, fmt.Sprintf("--detect.blackduck.signature.scanner.paths=%v", strings.Join(config.ScanPaths, ","))) @@ -172,10 +183,6 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU args = append(args, fmt.Sprintf("--detect.source.path='.'")) } - if config.Unmap { - args = append(args, fmt.Sprintf("--detect.project.codelocation.unmap=true")) - } - if len(config.IncludedPackageManagers) > 0 { args = append(args, fmt.Sprintf("--detect.included.detector.types=%v", strings.ToUpper(strings.Join(config.IncludedPackageManagers, ",")))) } diff --git a/cmd/detectExecuteScan_generated.go b/cmd/detectExecuteScan_generated.go index 2b6e3f4bd..4f7c41e15 100644 --- a/cmd/detectExecuteScan_generated.go +++ b/cmd/detectExecuteScan_generated.go @@ -104,8 +104,8 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan cmd.Flags().StringSliceVar(&stepConfig.Scanners, "scanners", []string{`signature`}, "List of scanners to be used for Synopsis Detect (formerly BlackDuck) scan.") cmd.Flags().StringSliceVar(&stepConfig.ScanPaths, "scanPaths", []string{`.`}, "List of paths which should be scanned by the Synopsis Detect (formerly BlackDuck) scan.") cmd.Flags().StringVar(&stepConfig.DependencyPath, "dependencyPath", `.`, "Absolute Path of the dependency management file of the project. This path represents the folder which contains the pom file, package.json etc. If the project contains multiple pom files, provide the path to the parent pom file or the base folder of the project") - cmd.Flags().BoolVar(&stepConfig.Unmap, "unmap", false, "Unmap flag will unmap all previous code locations and keep only the current scan results in the specified project version. Set this parameter to true, when the project version needs to store only the latest scan results.") - cmd.Flags().StringSliceVar(&stepConfig.ScanProperties, "scanProperties", []string{`--blackduck.signature.scanner.memory=4096`, `--blackduck.timeout=6000`, `--blackduck.trust.cert=true`, `--detect.report.timeout=4800`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`}, "Properties passed to the Synopsis Detect (formerly BlackDuck) scan. You can find details in the [Synopsis Detect documentation](https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/622846/Using+Synopsys+Detect+Properties)") + cmd.Flags().BoolVar(&stepConfig.Unmap, "unmap", true, "Unmap flag will unmap all previous code locations and keep only the current scan results in the specified project version. Set this parameter to true, when the project version needs to store only the latest scan results.") + cmd.Flags().StringSliceVar(&stepConfig.ScanProperties, "scanProperties", []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`}, "Properties passed to the Synopsis Detect (formerly BlackDuck) scan. You can find details in the [Synopsis Detect documentation](https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/622846/Using+Synopsys+Detect+Properties)") cmd.Flags().StringVar(&stepConfig.ServerURL, "serverUrl", os.Getenv("PIPER_serverUrl"), "Server URL to the Synopsis Detect (formerly BlackDuck) Server.") cmd.Flags().StringSliceVar(&stepConfig.Groups, "groups", []string{}, "Users groups to be assigned for the Project") cmd.Flags().StringSliceVar(&stepConfig.FailOn, "failOn", []string{`BLOCKER`}, "Mark the current build as fail based on the policy categories applied.") diff --git a/cmd/detectExecuteScan_test.go b/cmd/detectExecuteScan_test.go index 28af0ca73..c2418db8d 100644 --- a/cmd/detectExecuteScan_test.go +++ b/cmd/detectExecuteScan_test.go @@ -62,14 +62,14 @@ func TestRunDetect(t *testing.T) { assert.NoError(t, err) assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used") assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected") - expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'" + expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" --detect.source.path='.'" assert.Equal(t, expectedScript, utilsMock.Calls[0]) }) t.Run("failure case", func(t *testing.T) { t.Parallel() utilsMock := newDetectTestUtilsBundle() - utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'": fmt.Errorf("Test Error")} + utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" --detect.source.path='.'": fmt.Errorf("Test Error")} utilsMock.AddFile("detect.sh", []byte("")) err := runDetect(detectExecuteScanOptions{}, utilsMock) assert.EqualError(t, err, "Test Error") @@ -125,7 +125,6 @@ func TestAddDetectArgs(t *testing.T) { "--blackduck.api.token=apiToken", "\"--detect.project.name='testName'\"", "\"--detect.project.version.name='1.0'\"", - "\"--detect.code.location.name='testName/1.0'\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", }, @@ -230,6 +229,7 @@ func TestAddDetectArgs(t *testing.T) { }, expected: []string{ "--testProp1=1", + "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", "\"--detect.project.name='testName'\"", @@ -239,7 +239,6 @@ func TestAddDetectArgs(t *testing.T) { "\"--detect.code.location.name='testLocation'\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", - "--detect.project.codelocation.unmap=true", }, }, { @@ -264,6 +263,7 @@ func TestAddDetectArgs(t *testing.T) { }, expected: []string{ "--testProp1=1", + "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", "\"--detect.project.name='testName'\"", @@ -273,7 +273,6 @@ func TestAddDetectArgs(t *testing.T) { "\"--detect.code.location.name='testLocation'\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", - "--detect.project.codelocation.unmap=true", "--detect.included.detector.types=MAVEN,GRADLE", "--detect.excluded.detector.types=NPM,NUGET", "--detect.maven.excluded.scopes=test,compile", @@ -313,7 +312,6 @@ func TestAddDetectArgs(t *testing.T) { "\"--detect.code.location.name='testLocation'\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", - "--detect.project.codelocation.unmap=true", "--detect.included.detector.types=MAVEN,GRADLE", "--detect.excluded.detector.types=NPM,NUGET", "--detect.maven.excluded.scopes=test,compile", @@ -353,7 +351,47 @@ func TestAddDetectArgs(t *testing.T) { "\"--detect.code.location.name='testLocation'\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", - "--detect.project.codelocation.unmap=true", + "--detect.included.detector.types=MAVEN,GRADLE", + "--detect.excluded.detector.types=NPM,NUGET", + "--detect.maven.excluded.scopes=test,compile", + "--detect.tools=DETECTOR", + }, + }, + { + args: []string{"--testProp1=1"}, + options: detectExecuteScanOptions{ + ScanProperties: []string{"--scan=1", "--detect.project.codelocation.unmap=true"}, + ServerURL: "https://server.url", + Token: "apiToken", + ProjectName: "testName", + CodeLocation: "testLocation", + FailOn: []string{"BLOCKER", "MAJOR"}, + Scanners: []string{"source"}, + ScanPaths: []string{"path1", "path2"}, + Groups: []string{"testGroup", "testGroup2"}, + Version: "1.0", + VersioningModel: "major-minor", + DependencyPath: "pathx", + Unmap: true, + IncludedPackageManagers: []string{"maven", "GRADLE"}, + ExcludedPackageManagers: []string{"npm", "NUGET"}, + MavenExcludedScopes: []string{"TEST", "compile"}, + DetectTools: []string{"DETECTOR"}, + ScanOnChanges: true, + }, + expected: []string{ + "--testProp1=1", + "--report", + "--scan=1", + "--blackduck.url=https://server.url", + "--blackduck.api.token=apiToken", + "\"--detect.project.name='testName'\"", + "\"--detect.project.version.name='1.0'\"", + "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", + "\"--detect.code.location.name='testLocation'\"", + "--detect.blackduck.signature.scanner.paths=path1,path2", + "--detect.source.path=pathx", "--detect.included.detector.types=MAVEN,GRADLE", "--detect.excluded.detector.types=NPM,NUGET", "--detect.maven.excluded.scopes=test,compile", diff --git a/resources/metadata/detect.yaml b/resources/metadata/detect.yaml index 8640d9a30..1ff4e7934 100644 --- a/resources/metadata/detect.yaml +++ b/resources/metadata/detect.yaml @@ -100,7 +100,7 @@ spec: aliases: - name: detect/unmap type: bool - default: false + default: true scope: - PARAMETERS - STAGES @@ -112,9 +112,8 @@ spec: type: "[]string" default: - --blackduck.signature.scanner.memory=4096 - - --blackduck.timeout=6000 + - --detect.timeout=6000 - --blackduck.trust.cert=true - - --detect.report.timeout=4800 - --logging.level.com.synopsys.integration=DEBUG - --detect.maven.excluded.scopes=test scope: