HotFix detectExecuteScan: Use environment variables to get supported version of detect (#2738)

* changes to detectExec before master merge

* changes for detectExecuteScan

* self generated code added

* fix syntax errors and update docu

* added unit tests for fail and Group

* fix failOn bug

* add Groups as string array

* add Groups as string array

* tests and validation for groups, failOn

* Updated docs and added more tests

* documentation md files should not be changed

* Handle merge conflicts from PR 1845

* fix merge errors

* remove duplicate groups, merge error

* adding buildCode and buildTool as params

* switching build options

* building maven modules

* parameter correction

* parameter correction

* gnerate with new build parameter

* adding comments

* removing piper lib master and modifying goUtils to download 1.5.7 release

* first cleaning then installing

* multi module maven built

* multi module maven built removing unwanted code

* multi module maven built moving inside switch

* testing

* modifying the default use case to also call maven build

* modifying the default use case to also call maven build wih --

* corrected maven build command

* corrected maven build command with %v

* skipping test runs

* testing for MTA project with single pom

* adding absolute path to m2 path

* clean up

* adding switch for mta and maven and removing env from containers

* commiting changes for new detect step

* correting log message

* code clean up

* unit tests changes to detectExecute

* basic tests for new change

* restoring piperGoUtils to download correct piper binary

* code clean up

* code clean up

* clean detect code version

* Changes for detect codelocation

* remove unmap from scanProperties

* fix/add unit tests for remove unmap

* handle spaces in scanProperties

* update default scanproperties to remove deprecations

* Set default scanonchange to true

* handle multiple unmap true params

* add custom env variables

* fix codeclimate issues

* Update resources/metadata/detect.yaml

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update resources/metadata/detect.yaml

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* update generated files from yaml

Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

cmd/detectExecuteScan.go

@@ -111,6 +111,7 @@ func runDetect(config detectExecuteScanOptions, utils detectUtils) error {
 	script := strings.Join(args, " ")
 
 	envs := []string{"BLACKDUCK_SKIP_PHONE_HOME=true"}
+	envs = append(envs, config.CustomEnvironmentVariables...)
 
 	utils.SetDir(".")
 	utils.SetEnv(envs)

cmd/detectExecuteScan_generated.go

@@ -14,28 +14,29 @@ import (
 )
 
 type detectExecuteScanOptions struct {
-	Token                   string   `json:"token,omitempty"`
-	CodeLocation            string   `json:"codeLocation,omitempty"`
-	ProjectName             string   `json:"projectName,omitempty"`
-	Scanners                []string `json:"scanners,omitempty"`
-	ScanPaths               []string `json:"scanPaths,omitempty"`
-	DependencyPath          string   `json:"dependencyPath,omitempty"`
-	Unmap                   bool     `json:"unmap,omitempty"`
-	ScanProperties          []string `json:"scanProperties,omitempty"`
-	ServerURL               string   `json:"serverUrl,omitempty"`
-	Groups                  []string `json:"groups,omitempty"`
-	FailOn                  []string `json:"failOn,omitempty"`
-	Version                 string   `json:"version,omitempty"`
-	VersioningModel         string   `json:"versioningModel,omitempty"`
-	ProjectSettingsFile     string   `json:"projectSettingsFile,omitempty"`
-	GlobalSettingsFile      string   `json:"globalSettingsFile,omitempty"`
-	M2Path                  string   `json:"m2Path,omitempty"`
-	InstallArtifacts        bool     `json:"installArtifacts,omitempty"`
-	IncludedPackageManagers []string `json:"includedPackageManagers,omitempty"`
-	ExcludedPackageManagers []string `json:"excludedPackageManagers,omitempty"`
-	MavenExcludedScopes     []string `json:"mavenExcludedScopes,omitempty"`
-	DetectTools             []string `json:"detectTools,omitempty"`
-	ScanOnChanges           bool     `json:"scanOnChanges,omitempty"`
+	Token                      string   `json:"token,omitempty"`
+	CodeLocation               string   `json:"codeLocation,omitempty"`
+	ProjectName                string   `json:"projectName,omitempty"`
+	Scanners                   []string `json:"scanners,omitempty"`
+	ScanPaths                  []string `json:"scanPaths,omitempty"`
+	DependencyPath             string   `json:"dependencyPath,omitempty"`
+	Unmap                      bool     `json:"unmap,omitempty"`
+	ScanProperties             []string `json:"scanProperties,omitempty"`
+	ServerURL                  string   `json:"serverUrl,omitempty"`
+	Groups                     []string `json:"groups,omitempty"`
+	FailOn                     []string `json:"failOn,omitempty"`
+	Version                    string   `json:"version,omitempty"`
+	VersioningModel            string   `json:"versioningModel,omitempty"`
+	ProjectSettingsFile        string   `json:"projectSettingsFile,omitempty"`
+	GlobalSettingsFile         string   `json:"globalSettingsFile,omitempty"`
+	M2Path                     string   `json:"m2Path,omitempty"`
+	InstallArtifacts           bool     `json:"installArtifacts,omitempty"`
+	IncludedPackageManagers    []string `json:"includedPackageManagers,omitempty"`
+	ExcludedPackageManagers    []string `json:"excludedPackageManagers,omitempty"`
+	MavenExcludedScopes        []string `json:"mavenExcludedScopes,omitempty"`
+	DetectTools                []string `json:"detectTools,omitempty"`
+	ScanOnChanges              bool     `json:"scanOnChanges,omitempty"`
+	CustomEnvironmentVariables []string `json:"customEnvironmentVariables,omitempty"`
 }
 
 // DetectExecuteScanCommand Executes Synopsys Detect scan
@@ -120,6 +121,7 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan
 	cmd.Flags().StringSliceVar(&stepConfig.MavenExcludedScopes, "mavenExcludedScopes", []string{}, "The maven scopes that need to be excluded from the scan. For example, setting the value 'test' will exclude all components which are defined with a test scope in maven")
 	cmd.Flags().StringSliceVar(&stepConfig.DetectTools, "detectTools", []string{}, "The type of BlackDuck scanners to include while running the BlackDuck scan. By default All scanners are included. For the complete list of possible values, Please refer [Synopsys detect documentation](https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/631407160/Configuring+Detect+General+Properties#Detect-tools-included)")
 	cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", true, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)")
+	cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan.")
 
 	cmd.MarkFlagRequired("token")
 	cmd.MarkFlagRequired("projectName")
@@ -333,6 +335,14 @@ func detectExecuteScanMetadata() config.StepData {
 						Mandatory:   false,
 						Aliases:     []config.Alias{},
 					},
+					{
+						Name:        "customEnvironmentVariables",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"PARAMETERS", "STAGES", "STEPS"},
+						Type:        "[]string",
+						Mandatory:   false,
+						Aliases:     []config.Alias{},
+					},
 				},
 			},
 			Containers: []config.Container{

resources/metadata/detect.yaml

@@ -289,6 +289,14 @@ spec:
           - PARAMETERS
           - STAGES
           - STEPS
+      - name: customEnvironmentVariables
+        description:
+          "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan."
+        type: "[]string"
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
   containers:
     - name: openjdk
       image: openjdk:11