1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00

feat(whitesourceExecuteScan): allow to specify InstallCommand (#4376)

* feat(whitesourceExecuteScan) allow to specify InstallCommand

* reorder imports

---------

Co-authored-by: sumeet patil <sumeet.patil@sap.com>
Co-authored-by: Andrei Kireev <andrei.kireev@sap.com>
This commit is contained in:
Leonard Heilos 2023-05-30 16:00:02 +02:00 committed by GitHub
parent a2109c59b5
commit c15448b4e0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 74 additions and 2 deletions

View File

@ -478,6 +478,7 @@ func wsScanOptions(config *ScanOptions) *ws.ScanOptions {
AgentURL: config.AgentURL,
ServiceURL: config.ServiceURL,
ScanPath: config.ScanPath,
InstallCommand: config.InstallCommand,
Verbose: GeneralConfig.Verbose,
}
}
@ -487,6 +488,14 @@ func wsScanOptions(config *ScanOptions) *ws.ScanOptions {
func executeScan(config *ScanOptions, scan *ws.Scan, utils whitesourceUtils) error {
options := wsScanOptions(config)
if options.InstallCommand != "" {
installCommandTokens := strings.Split(config.InstallCommand, " ")
if err := utils.RunExecutable(installCommandTokens[0], installCommandTokens[1:]...); err != nil {
log.SetErrorCategory(log.ErrorCustom)
return errors.Wrapf(err, "failed to execute install command: %v", config.InstallCommand)
}
}
// Execute scan with Unified Agent jar file
if err := scan.ExecuteUAScan(options, utils); err != nil {
return errors.Wrapf(err, "failed to execute Unified Agent scan")

View File

@ -329,7 +329,7 @@ func addWhitesourceExecuteScanFlags(cmd *cobra.Command, stepConfig *whitesourceE
cmd.Flags().StringSliceVar(&stepConfig.Excludes, "excludes", []string{}, "List of file path patterns to exclude in the scan.")
cmd.Flags().BoolVar(&stepConfig.FailOnSevereVulnerabilities, "failOnSevereVulnerabilities", true, "Whether to fail the step on severe vulnerabilties or not")
cmd.Flags().StringSliceVar(&stepConfig.Includes, "includes", []string{}, "List of file path patterns to include in the scan.")
cmd.Flags().StringVar(&stepConfig.InstallCommand, "installCommand", os.Getenv("PIPER_installCommand"), "[NOT IMPLEMENTED] Install command that can be used to populate the default docker image for some scenarios.")
cmd.Flags().StringVar(&stepConfig.InstallCommand, "installCommand", os.Getenv("PIPER_installCommand"), "Install command that can be used to populate the default docker image for some scenarios.")
cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.")
cmd.Flags().BoolVar(&stepConfig.LicensingVulnerabilities, "licensingVulnerabilities", true, "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment.")
cmd.Flags().StringVar(&stepConfig.OrgToken, "orgToken", os.Getenv("PIPER_orgToken"), "WhiteSource token identifying your organization.")

View File

@ -16,6 +16,7 @@ import (
"github.com/SAP/jenkins-library/pkg/reporting"
"github.com/SAP/jenkins-library/pkg/versioning"
ws "github.com/SAP/jenkins-library/pkg/whitesource"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/google/go-github/v45/github"
@ -143,6 +144,66 @@ func TestRunWhitesourceExecuteScan(t *testing.T) {
}
assert.True(t, utilsMock.HasWrittenFile(filepath.Join(ws.ReportsDirectory, "mock-project - 1-vulnerability-report.pdf")))
assert.True(t, utilsMock.HasWrittenFile(filepath.Join(ws.ReportsDirectory, "mock-project - 1-vulnerability-report.pdf")))
assert.Equal(t, 3, len(utilsMock.ExecMockRunner.Calls), "no InstallCommand must be executed")
})
t.Run("executes the InstallCommand prior to the scan", func(t *testing.T) {
ctx := context.Background()
// init
config := ScanOptions{
BuildDescriptorFile: "my-mta.yml",
VersioningModel: "major",
AgentDownloadURL: "https://whitesource.com/agent.jar",
VulnerabilityReportFormat: "pdf",
Reporting: true,
AgentFileName: "ua.jar",
ProductName: "mock-product",
ProjectToken: "mock-project-token",
InstallCommand: "echo hello world",
}
utilsMock := newWhitesourceUtilsMock()
utilsMock.AddFile("wss-generated-file.config", []byte("key=value"))
lastUpdatedDate := time.Now().Format(ws.DateTimeLayout)
systemMock := ws.NewSystemMock(lastUpdatedDate)
systemMock.Alerts = []ws.Alert{}
scan := newWhitesourceScan(&config)
cpe := whitesourceExecuteScanCommonPipelineEnvironment{}
influx := whitesourceExecuteScanInflux{}
// test
err := runWhitesourceExecuteScan(ctx, &config, scan, utilsMock, systemMock, &cpe, &influx)
// assert
assert.NoError(t, err)
assert.Equal(t, 4, len(utilsMock.ExecMockRunner.Calls), "InstallCommand not executed")
assert.Equal(t, mock.ExecCall{Exec: "echo", Params: []string{"hello", "world"}}, utilsMock.ExecMockRunner.Calls[0], "run command/params of InstallCommand incorrect")
})
t.Run("fails if the InstallCommand fails", func(t *testing.T) {
ctx := context.Background()
// init
config := ScanOptions{
BuildDescriptorFile: "my-mta.yml",
VersioningModel: "major",
AgentDownloadURL: "https://whitesource.com/agent.jar",
VulnerabilityReportFormat: "pdf",
Reporting: true,
AgentFileName: "ua.jar",
ProductName: "mock-product",
ProjectToken: "mock-project-token",
InstallCommand: "echo this-will-fail",
}
utilsMock := newWhitesourceUtilsMock()
utilsMock.AddFile("wss-generated-file.config", []byte("key=value"))
lastUpdatedDate := time.Now().Format(ws.DateTimeLayout)
systemMock := ws.NewSystemMock(lastUpdatedDate)
systemMock.Alerts = []ws.Alert{}
scan := newWhitesourceScan(&config)
cpe := whitesourceExecuteScanCommonPipelineEnvironment{}
influx := whitesourceExecuteScanInflux{}
utilsMock.ExecMockRunner.ShouldFailOnCommand = map[string]error{
"echo this-will-fail": errors.New("error case"),
}
// test
err := runWhitesourceExecuteScan(ctx, &config, scan, utilsMock, systemMock, &cpe, &influx)
// assert
assert.EqualError(t, err, "failed to execute WhiteSource scan: failed to execute Scan: failed to execute install command: echo this-will-fail: error case")
})
}

View File

@ -44,5 +44,7 @@ type ScanOptions struct {
ScanPath string
InstallCommand string
Verbose bool
}

View File

@ -234,7 +234,7 @@ spec:
- STEPS
- name: installCommand
type: string
description: "[NOT IMPLEMENTED] Install command that can be used to populate the default docker image for some scenarios."
description: "Install command that can be used to populate the default docker image for some scenarios."
scope:
- PARAMETERS
- STAGES