jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-03-03 15:02:35 +02:00
Code Issues Releases Activity

feat(codeqlExecuteScan): added params projectSettingsFile and globalSettingsFile (#4702)

Browse Source 
* added settings file params

* added checking build tool
This commit is contained in:
Daria Kuznetsova 2023-12-01 10:45:31 +01:00 committed by GitHub
parent 8dc2a1bfb4
commit aab4de4597
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/codeqlExecuteScan.go
View File

@ -282,7 +282,14 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
//codeql has an autobuilder which tries to build the project based on specified programming language //codeql has an autobuilder which tries to build the project based on specified programming language
if len(config.BuildCommand) > 0 { if len(config.BuildCommand) > 0 {
cmd = append(cmd, "--command="+config.BuildCommand) buildCmd := config.BuildCommand
if len(config.ProjectSettingsFile) > 0 && config.BuildTool == "maven" {
buildCmd = fmt.Sprintf("%s --settings=%s", buildCmd, config.ProjectSettingsFile)
}
if len(config.GlobalSettingsFile) > 0 && config.BuildTool == "maven" {
buildCmd = fmt.Sprintf("%s --global-settings=%s", buildCmd, config.GlobalSettingsFile)
}
cmd = append(cmd, "--command="+buildCmd)
} }
err = execute(utils, cmd, GeneralConfig.Verbose) err = execute(utils, cmd, GeneralConfig.Verbose)

22
cmd/codeqlExecuteScan_generated.go
View File

@ -39,6 +39,8 @@ type codeqlExecuteScanOptions struct {
CommitID string `json:"commitId,omitempty"` CommitID string `json:"commitId,omitempty"`
VulnerabilityThresholdTotal int `json:"vulnerabilityThresholdTotal,omitempty"` VulnerabilityThresholdTotal int `json:"vulnerabilityThresholdTotal,omitempty"`
CheckForCompliance bool `json:"checkForCompliance,omitempty"` CheckForCompliance bool `json:"checkForCompliance,omitempty"`
ProjectSettingsFile string `json:"projectSettingsFile,omitempty"`
GlobalSettingsFile string `json:"globalSettingsFile,omitempty"`
} }
type codeqlExecuteScanReports struct { type codeqlExecuteScanReports struct {
@ -204,6 +206,8 @@ func addCodeqlExecuteScanFlags(cmd *cobra.Command, stepConfig *codeqlExecuteScan
cmd.Flags().StringVar(&stepConfig.CommitID, "commitId", os.Getenv("PIPER_commitId"), "SHA of commit that was analyzed.") cmd.Flags().StringVar(&stepConfig.CommitID, "commitId", os.Getenv("PIPER_commitId"), "SHA of commit that was analyzed.")
cmd.Flags().IntVar(&stepConfig.VulnerabilityThresholdTotal, "vulnerabilityThresholdTotal", 0, "Threashold for maximum number of allowed vulnerabilities.") cmd.Flags().IntVar(&stepConfig.VulnerabilityThresholdTotal, "vulnerabilityThresholdTotal", 0, "Threashold for maximum number of allowed vulnerabilities.")
cmd.Flags().BoolVar(&stepConfig.CheckForCompliance, "checkForCompliance", false, "If set to true, the piper step checks for compliance based on vulnerability threadholds. Example - If total vulnerabilites are 10 and vulnerabilityThresholdTotal is set as 0, then the steps throws an compliance error.") cmd.Flags().BoolVar(&stepConfig.CheckForCompliance, "checkForCompliance", false, "If set to true, the piper step checks for compliance based on vulnerability threadholds. Example - If total vulnerabilites are 10 and vulnerabilityThresholdTotal is set as 0, then the steps throws an compliance error.")
cmd.Flags().StringVar(&stepConfig.ProjectSettingsFile, "projectSettingsFile", os.Getenv("PIPER_projectSettingsFile"), "Path to the mvn settings file that should be used as project settings file.")
cmd.Flags().StringVar(&stepConfig.GlobalSettingsFile, "globalSettingsFile", os.Getenv("PIPER_globalSettingsFile"), "Path to the mvn settings file that should be used as global settings file.")
cmd.MarkFlagRequired("buildTool") cmd.MarkFlagRequired("buildTool")
} }
@ -424,6 +428,24 @@ func codeqlExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{}, Aliases: []config.Alias{},
Default: false, Default: false,
}, },
{
Name: "projectSettingsFile",
ResourceRef: []config.ResourceReference{},
Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "maven/projectSettingsFile"}},
Default: os.Getenv("PIPER_projectSettingsFile"),
},
{
Name: "globalSettingsFile",
ResourceRef: []config.ResourceReference{},
Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "maven/globalSettingsFile"}},
Default: os.Getenv("PIPER_globalSettingsFile"),
},
}, },
}, },
Containers: []config.Container{ Containers: []config.Container{

20
resources/metadata/codeqlExecuteScan.yaml
View File

@ -188,6 +188,26 @@ spec:
- PARAMETERS - PARAMETERS
- STAGES - STAGES
- STEPS - STEPS
- name: projectSettingsFile
type: string
description: Path to the mvn settings file that should be used as project settings file.
scope:
- GENERAL
- STEPS
- STAGES
- PARAMETERS
aliases:
- name: maven/projectSettingsFile
- name: globalSettingsFile
type: string
description: Path to the mvn settings file that should be used as global settings file.
scope:
- GENERAL
- STEPS
- STAGES
- PARAMETERS
aliases:
- name: maven/globalSettingsFile
containers: containers:
- image: "" - image: ""
outputs: outputs: