jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
Code Issues Releases Activity

detectExecuteScan - Removed option to change min-scan-interval for Signature Scan to enforce global interval value (#4875)

Browse Source 
* removed option to change min-scan-interval to enforce global interval value

* returned-param-to-avoid-pipeline-breaks

* fix-for-tests
This commit is contained in:
Dmitrii Pavlukhin 2024-04-15 16:12:13 +03:00 committed by GitHub
parent 8241580163
commit 94a33844a0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 4 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/detectExecuteScan.go
View File

@ -426,12 +426,6 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU
args = append(args, fmt.Sprintf("--detect.excluded.directories=%s", strings.Join(config.ExcludedDirectories, ","))) args = append(args, fmt.Sprintf("--detect.excluded.directories=%s", strings.Join(config.ExcludedDirectories, ",")))
} }
if config.MinScanInterval > 0 {
//Unmap doesnt work well with min-scan-interval and should be removed
config.Unmap = false
args = append(args, fmt.Sprintf("--detect.blackduck.signature.scanner.arguments='--min-scan-interval=%d'", config.MinScanInterval))
}
if config.Unmap { if config.Unmap {
if !piperutils.ContainsString(config.ScanProperties, "--detect.project.codelocation.unmap=true") { if !piperutils.ContainsString(config.ScanProperties, "--detect.project.codelocation.unmap=true") {
args = append(args, "--detect.project.codelocation.unmap=true") args = append(args, "--detect.project.codelocation.unmap=true")

2
cmd/detectExecuteScan_generated.go
View File

@ -300,7 +300,7 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan
cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", false, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)") cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", false, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)")
cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", true, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped") cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", true, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped")
cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by Synopsys. The full list can be found [here](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=configuring%2Fenvvars.html&_LANG=enus) This list affects the detect script downloaded while running the scan. Right now only detect7.sh is available for downloading") cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by Synopsys. The full list can be found [here](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=configuring%2Fenvvars.html&_LANG=enus) This list affects the detect script downloaded while running the scan. Right now only detect7.sh is available for downloading")
cmd.Flags().IntVar(&stepConfig.MinScanInterval, "minScanInterval", 0, "This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan.") cmd.Flags().IntVar(&stepConfig.MinScanInterval, "minScanInterval", 0, "[DEPRECATED] This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan.")
cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line") cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
cmd.Flags().BoolVar(&stepConfig.CreateResultIssue, "createResultIssue", false, "Activate creation of a result issue in GitHub.") cmd.Flags().BoolVar(&stepConfig.CreateResultIssue, "createResultIssue", false, "Activate creation of a result issue in GitHub.")
cmd.Flags().StringVar(&stepConfig.GithubAPIURL, "githubApiUrl", `https://api.github.com`, "Set the GitHub API URL.") cmd.Flags().StringVar(&stepConfig.GithubAPIURL, "githubApiUrl", `https://api.github.com`, "Set the GitHub API URL.")

8
cmd/detectExecuteScan_test.go
View File

@ -700,11 +700,9 @@ func TestAddDetectArgs(t *testing.T) {
VersioningModel: "major-minor", VersioningModel: "major-minor",
CodeLocation: "", CodeLocation: "",
ScanPaths: []string{"path1", "path2"}, ScanPaths: []string{"path1", "path2"},
MinScanInterval: 4,
}, },
expected: []string{ expected: []string{
"--testProp1=1", "--testProp1=1",
"--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'",
"--blackduck.url=https://server.url", "--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken", "--blackduck.api.token=apiToken",
"\"--detect.project.name=testName\"", "\"--detect.project.name=testName\"",
@ -725,13 +723,11 @@ func TestAddDetectArgs(t *testing.T) {
VersioningModel: "major-minor", VersioningModel: "major-minor",
CodeLocation: "", CodeLocation: "",
ScanPaths: []string{"path1", "path2"}, ScanPaths: []string{"path1", "path2"},
MinScanInterval: 4,
CustomScanVersion: "1.0", CustomScanVersion: "1.0",
}, },
isPullRequest: true, isPullRequest: true,
expected: []string{ expected: []string{
"--testProp1=1", "--testProp1=1",
"--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'",
"--blackduck.url=https://server.url", "--blackduck.url=https://server.url",
"--blackduck.api.token=apiToken", "--blackduck.api.token=apiToken",
"\"--detect.project.name=Rapid_scan_on_PRs\"", "\"--detect.project.name=Rapid_scan_on_PRs\"",
@ -763,13 +759,11 @@ func TestAddDetectArgs(t *testing.T) {
"--detect.excluded.directories=dir1,dir2", "--detect.excluded.directories=dir1,dir2",
}, },
ExcludedDirectories: []string{"dir3,dir4"}, ExcludedDirectories: []string{"dir3,dir4"},
MinScanInterval: 4,
CustomScanVersion: "2.0", CustomScanVersion: "2.0",
}, },
isPullRequest: true, isPullRequest: true,
expected: []string{ expected: []string{
"--testProp1=1", "--testProp1=1",
"--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'",
"--detect.detector.search.depth=5", "--detect.detector.search.depth=5",
"--detect.detector.search.continue=false", "--detect.detector.search.continue=false",
"--detect.excluded.directories=dir1,dir2", "--detect.excluded.directories=dir1,dir2",
@ -802,13 +796,11 @@ func TestAddDetectArgs(t *testing.T) {
ScanProperties: []string{ ScanProperties: []string{
"--detect.maven.build.command= --settings .pipeline/settings.xml -DskipTests install", "--detect.maven.build.command= --settings .pipeline/settings.xml -DskipTests install",
}, },
MinScanInterval: 4,
CustomScanVersion: "2.0", CustomScanVersion: "2.0",
}, },
isPullRequest: true, isPullRequest: true,
expected: []string{ expected: []string{
"--testProp1=1", "--testProp1=1",
"--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'",
"--detect.maven.build.command=", "--detect.maven.build.command=",
"--settings", "--settings",
".pipeline/settings.xml", ".pipeline/settings.xml",

4
resources/metadata/detectExecuteScan.yaml
View File

@ -340,15 +340,17 @@ spec:
- PARAMETERS - PARAMETERS
- STAGES - STAGES
- STEPS - STEPS
## --- to remove minScanInterval from parameters list ---
- name: minScanInterval - name: minScanInterval
description: description:
"This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a "[DEPRECATED] This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a
value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan." value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan."
type: int type: int
scope: scope:
- PARAMETERS - PARAMETERS
- STAGES - STAGES
- STEPS - STEPS
## -----------
- name: githubToken - name: githubToken
description: "GitHub personal access token as per description: "GitHub personal access token as per
https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line" https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line"