added detect8 support (#4545)

2025-02-21 19:48:53 +02:00 · 2023-09-01 15:25:37 +03:00 · 2023-09-01 15:25:37 +03:00 · 0f04b5f6e1
commit 0f04b5f6e1
parent f6e6d04408
3 changed files with 56 additions and 1 deletions
--- a/cmd/detectExecuteScan.go
+++ b/cmd/detectExecuteScan.go
@ -97,6 +97,7 @@ func newDetectUtils(client *github.Client) detectUtils {
 					"FAILURE_BLACKDUCK_FEATURE_ERROR - Detect encountered an error while attempting an operation on Black Duck. Ensure your Black Duck is compatible with this version of detect.",
 					"FAILURE_GENERAL_ERROR - Detect encountered a known error, details of the error are provided.",
 					"FAILURE_UNKNOWN_ERROR - Detect encountered an unknown error.",
+					"FAILURE_MINIMUM_INTERVAL_NOT_MET - Detect did not wait the minimum required scan interval.",
 				},
 			},
 		},
@ -276,6 +277,7 @@ func exitCodeMapping(exitCodeKey int) string {
 		12:  "FAILURE_POLARIS_CONNECTIVITY => Detect was unable to connect to Polaris. Check your configuration and connection.",
 		99:  "FAILURE_GENERAL_ERROR => Detect encountered a known error, details of the error are provided.",
 		100: "FAILURE_UNKNOWN_ERROR => Detect encountered an unknown error.",
+		13:  "FAILURE_MINIMUM_INTERVAL_NOT_MET => Detect did not wait the minimum required scan interval.",
 	}

 	if _, isKeyExists := exitCodes[exitCodeKey]; isKeyExists {
@ -290,7 +292,12 @@ func getDetectScript(config detectExecuteScanOptions, utils detectUtils) error {
 		log.Entry().Infof("The scanOnChanges option is deprecated")
 	}

-	log.Entry().Infof("Downloading Detect7")
+	log.Entry().Infof("Downloading Detect Script")
+
+	if config.UseDetect8 {
+		return utils.DownloadFile("https://detect.synopsys.com/detect8.sh", "detect.sh", nil, nil)
+	}
+
 	return utils.DownloadFile("https://detect.synopsys.com/detect7.sh", "detect.sh", nil, nil)
 }

@ -351,6 +358,10 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU
 		args = append(args, fmt.Sprintf("--detect.policy.check.fail.on.severities=%v", strings.Join(config.FailOn, ",")))
 	}

+	if config.SuccessOnSkip {
+		args = append(args, fmt.Sprintf("\"--detect.force.success.on.skip=%v\"", config.SuccessOnSkip))
+	}
+
 	codelocation := config.CodeLocation
 	if len(codelocation) == 0 && len(config.ProjectName) > 0 {
 		codelocation = fmt.Sprintf("%v/%v", config.ProjectName, detectVersionName)
--- a/cmd/detectExecuteScan_generated.go
+++ b/cmd/detectExecuteScan_generated.go
@ -45,6 +45,8 @@ type detectExecuteScanOptions struct {
 	MavenExcludedScopes         []string `json:"mavenExcludedScopes,omitempty"`
 	DetectTools                 []string `json:"detectTools,omitempty"`
 	ScanOnChanges               bool     `json:"scanOnChanges,omitempty"`
+	UseDetect8                  bool     `json:"useDetect8,omitempty"`
+	SuccessOnSkip               bool     `json:"successOnSkip,omitempty"`
 	CustomEnvironmentVariables  []string `json:"customEnvironmentVariables,omitempty"`
 	MinScanInterval             int      `json:"minScanInterval,omitempty"`
 	GithubToken                 string   `json:"githubToken,omitempty"`
@ -285,6 +287,8 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan
 	cmd.Flags().StringSliceVar(&stepConfig.MavenExcludedScopes, "mavenExcludedScopes", []string{}, "The maven scopes that need to be excluded from the scan. For example, setting the value 'test' will exclude all components which are defined with a test scope in maven")
 	cmd.Flags().StringSliceVar(&stepConfig.DetectTools, "detectTools", []string{}, "The type of BlackDuck scanners to include while running the BlackDuck scan. By default All scanners are included. For the complete list of possible values, Please refer [Synopsys detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fconfiguration%2Fpaths.html&_LANG=enus&anchor=detect-tools-included)")
 	cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", false, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)")
+	cmd.Flags().BoolVar(&stepConfig.UseDetect8, "useDetect8", false, "This flag allows to use the currently supported 8 version of Detect Script instead of v7")
+	cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", false, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped")
 	cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by Synopsys. The full list can be found [here](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=configuring%2Fenvvars.html&_LANG=enus) This list affects the detect script downloaded while running the scan. Right now only detect7.sh is available for downloading")
 	cmd.Flags().IntVar(&stepConfig.MinScanInterval, "minScanInterval", 0, "This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan.")
 	cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
@ -547,6 +551,24 @@ func detectExecuteScanMetadata() config.StepData {
 						Aliases:     []config.Alias{},
 						Default:     false,
 					},
+					{
+						Name:        "useDetect8",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
+						Type:        "bool",
+						Mandatory:   false,
+						Aliases:     []config.Alias{{Name: "detect/useDetect8"}},
+						Default:     false,
+					},
+					{
+						Name:        "successOnSkip",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
+						Type:        "bool",
+						Mandatory:   false,
+						Aliases:     []config.Alias{{Name: "detect/successOnSkip"}},
+						Default:     false,
+					},
 					{
 						Name:        "customEnvironmentVariables",
 						ResourceRef: []config.ResourceReference{},
--- a/resources/metadata/detectExecuteScan.yaml
+++ b/resources/metadata/detectExecuteScan.yaml
@ -297,6 +297,28 @@ spec:
          - STAGES
          - STEPS
        deprecated: true
+      - name: useDetect8
+        description:
+          "This flag allows to use the currently supported 8 version of Detect Script instead of v7"
+        aliases:
+          - name: detect/useDetect8
+        type: bool
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        default: false
+      - name: successOnSkip
+        description:
+          "This flag allows forces Black Duck to exit with 0 error code if any step is skipped"
+        aliases:
+          - name: detect/successOnSkip
+        type: bool
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        default: false
      - name: customEnvironmentVariables
        description:
          "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by