jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-10-30 23:57:50 +02:00
Code Issues Releases Activity

Vault AppRole login (#1971)

Browse Source 
* added interpolation package in config

* vault allow paths to hold config references

* allow referencing properties in vaultPaths

* fix small typo

* add approleAuth

* register resolved secrets to logger

* generate steps

* clean up

* add integration test

* add vault to context filter

* reduce Cognitive Complexity & added tests

* Update pkg/config/stepmeta_test.go

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>

* go generate

* go generate after merge

* rename VaultAppRole* to VaultRole*

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
This commit is contained in:
Kevin Stiehl
2020-09-16 14:50:09 +02:00
committed by GitHub
parent df9f75b04d
commit d589038206
42 changed files with 1358 additions and 581 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/abapEnvironmentAssemblePackages_generated.go
View File

@@ -208,12 +208,17 @@ func abapEnvironmentAssemblePackagesMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "addonDescriptor",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "abap/addonDescriptor"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "addonDescriptor",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "abap/addonDescriptor",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "maxRuntimeInMinutes",

36
cmd/abapEnvironmentCheckoutBranch_generated.go
View File

@@ -116,20 +116,32 @@ func abapEnvironmentCheckoutBranchMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repositoryName",

53
cmd/abapEnvironmentCloneGitRepo_generated.go
View File

@@ -116,28 +116,45 @@ func abapEnvironmentCloneGitRepoMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repositories",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "abap/repositories"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "repositories",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "abap/repositories",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "repositoryName",

36
cmd/abapEnvironmentPullGitRepo_generated.go
View File

@@ -113,20 +113,32 @@ func abapEnvironmentPullGitRepoMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repositoryNames",

36
cmd/abapEnvironmentRunATCCheck_generated.go
View File

@@ -165,20 +165,32 @@ func abapEnvironmentRunATCCheckMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cloudFoundry/space"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "host",

36
cmd/artifactPrepareVersion_generated.go
View File

@@ -304,12 +304,18 @@ func artifactPrepareVersionMetadata() config.StepData {
Aliases: []config.Alias{{Name: "maven/m2Path"}},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "gitHttpsCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "gitHttpsCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "projectSettingsFile",
@@ -344,12 +350,18 @@ func artifactPrepareVersionMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "gitHttpsCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "gitHttpsCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "versioningTemplate",

36
cmd/checkmarxExecuteScan_generated.go
View File

@@ -313,12 +313,18 @@ func checkmarxExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "checkmarxCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "checkmarxCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "preset",
@@ -377,12 +383,18 @@ func checkmarxExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "checkmarxCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "checkmarxCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "vulnerabilityThresholdEnabled",

36
cmd/cloudFoundryCreateServiceKey_generated.go
View File

@@ -118,20 +118,32 @@ func cloudFoundryCreateServiceKeyMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cloudFoundry/apiEndpoint"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "cfOrg",

36
cmd/cloudFoundryCreateService_generated.go
View File

@@ -134,20 +134,32 @@ func cloudFoundryCreateServiceMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cloudFoundry/apiEndpoint"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "cfOrg",

36
cmd/cloudFoundryDeleteService_generated.go
View File

@@ -115,20 +115,32 @@ func cloudFoundryDeleteServiceMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cloudFoundry/apiEndpoint"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "cfOrg",

123
cmd/cloudFoundryDeploy_generated.go
View File

@@ -214,12 +214,17 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cfAppName"}, {Name: "cloudFoundry/appName"}},
},
{
Name: "artifactVersion",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "artifactVersion"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "artifactVersion",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "artifactVersion",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "cfHome",
@@ -262,12 +267,17 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "buildTool",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "buildTool"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "buildTool",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "buildTool",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "deployType",
@@ -278,20 +288,32 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "dockerPassword",
ResourceRef: []config.ResourceReference{{Name: "dockerCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "dockerPassword",
ResourceRef: []config.ResourceReference{
{
Name: "dockerCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "dockerUsername",
ResourceRef: []config.ResourceReference{{Name: "dockerCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "dockerUsername",
ResourceRef: []config.ResourceReference{
{
Name: "dockerCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "keepOldInstance",
@@ -350,12 +372,17 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cloudFoundry/mtaExtensionDescriptor"}},
},
{
Name: "mtaPath",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "mtarFilePath"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "mtaPath",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "mtarFilePath",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "org",
@@ -366,12 +393,18 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cfOrg"}, {Name: "cloudFoundry/org"}},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "smokeTestScript",
@@ -398,12 +431,18 @@ func cloudFoundryDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "cfSpace"}, {Name: "cloudFoundry/space"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "cfCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "cfCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
},
},

34
cmd/containerSaveImage_generated.go
View File

@@ -97,20 +97,30 @@ func containerSaveImageMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "containerRegistryUrl",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/registryUrl"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerRegistryUrl"}},
Name: "containerRegistryUrl",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/registryUrl",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerRegistryUrl"}},
},
{
Name: "containerImage",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/imageNameTag"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerImage"}, {Name: "scanImage"}},
Name: "containerImage",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/imageNameTag",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerImage"}, {Name: "scanImage"}},
},
{
Name: "filePath",

34
cmd/detectExecuteScan_generated.go
View File

@@ -119,12 +119,17 @@ func detectExecuteScanMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "apiToken",
ResourceRef: []config.ResourceReference{{Name: "detectTokenCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "detect/apiToken"}},
Name: "apiToken",
ResourceRef: []config.ResourceReference{
{
Name: "detectTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "detect/apiToken"}},
},
{
Name: "codeLocation",
@@ -191,12 +196,17 @@ func detectExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{{Name: "detect/failOn"}},
},
{
Name: "version",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "artifactVersion"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "projectVersion"}, {Name: "detect/projectVersion"}},
Name: "version",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "artifactVersion",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "projectVersion"}, {Name: "detect/projectVersion"}},
},
{
Name: "versioningModel",

102
cmd/fortifyExecuteScan_generated.go
View File

@@ -251,20 +251,30 @@ func fortifyExecuteScanMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "authToken",
ResourceRef: []config.ResourceReference{{Name: "fortifyCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "authToken",
ResourceRef: []config.ResourceReference{
{
Name: "fortifyCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "githubToken",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "githubToken",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "autoCreate",
@@ -347,20 +357,30 @@ func fortifyExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "commitId",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "git/commitId"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "commitId",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "git/commitId",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "commitMessage",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "git/commitMessage"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "commitMessage",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "git/commitMessage",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "githubApiUrl",
@@ -371,20 +391,30 @@ func fortifyExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "memory",

36
cmd/gctsCloneRepository_generated.go
View File

@@ -102,20 +102,32 @@ func gctsCloneRepositoryMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repository",

36
cmd/gctsCreateRepository_generated.go
View File

@@ -110,20 +110,32 @@ func gctsCreateRepositoryMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repository",

36
cmd/gctsDeploy_generated.go
View File

@@ -104,20 +104,32 @@ func gctsDeployMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repository",

36
cmd/gctsExecuteABAPUnitTests_generated.go
View File

@@ -102,20 +102,32 @@ func gctsExecuteABAPUnitTestsMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repository",

53
cmd/gctsRollback_generated.go
View File

@@ -109,20 +109,32 @@ func gctsRollbackMetadata() config.StepData {
Inputs: config.StepInputs{
Parameters: []config.StepParameters{
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "abapCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "abapCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "repository",
@@ -157,12 +169,17 @@ func gctsRollbackMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "githubPersonalAccessToken",
ResourceRef: []config.ResourceReference{{Name: "githubPersonalAccessTokenId", Param: ""}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "githubPersonalAccessToken",
ResourceRef: []config.ResourceReference{
{
Name: "githubPersonalAccessTokenId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
},
},

51
cmd/githubCheckBranchProtection_generated.go
View File

@@ -125,20 +125,30 @@ func githubCheckBranchProtectionMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "requiredChecks",
@@ -165,12 +175,17 @@ func githubCheckBranchProtectionMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "token",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
Name: "token",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
},
},
},

51
cmd/githubCreatePullRequest_generated.go
View File

@@ -159,20 +159,30 @@ func githubCreatePullRequestMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "serverUrl",
@@ -191,12 +201,17 @@ func githubCreatePullRequestMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "token",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
Name: "token",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
},
{
Name: "labels",

68
cmd/githubPublishRelease_generated.go
View File

@@ -188,12 +188,17 @@ func githubPublishReleaseMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "preRelease",
@@ -212,12 +217,17 @@ func githubPublishReleaseMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "serverUrl",
@@ -228,12 +238,17 @@ func githubPublishReleaseMetadata() config.StepData {
Aliases: []config.Alias{{Name: "githubServerUrl"}},
},
{
Name: "token",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
Name: "token",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
},
{
Name: "uploadUrl",
@@ -244,12 +259,17 @@ func githubPublishReleaseMetadata() config.StepData {
Aliases: []config.Alias{{Name: "githubUploadUrl"}},
},
{
Name: "version",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "artifactVersion"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "version",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "artifactVersion",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
},
},

68
cmd/githubSetCommitStatus_generated.go
View File

@@ -128,12 +128,17 @@ func githubSetCommitStatusMetadata() config.StepData {
Aliases: []config.Alias{{Name: "githubApiUrl"}},
},
{
Name: "commitId",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "git/commitId"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "commitId",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "git/commitId",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "context",
@@ -152,20 +157,30 @@ func githubSetCommitStatusMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "status",
@@ -184,12 +199,17 @@ func githubSetCommitStatusMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "token",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
Name: "token",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "githubToken"}},
},
},
},

34
cmd/kanikoExecute_generated.go
View File

@@ -116,12 +116,17 @@ func kanikoExecuteMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "containerImage",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/imageNameTag"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "containerImageNameAndTag"}},
Name: "containerImage",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/imageNameTag",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "containerImageNameAndTag"}},
},
{
Name: "containerPreparationCommand",
@@ -140,12 +145,17 @@ func kanikoExecuteMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "dockerConfigJSON",
ResourceRef: []config.ResourceReference{{Name: "dockerConfigJsonCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "dockerConfigJSON",
ResourceRef: []config.ResourceReference{
{
Name: "dockerConfigJsonCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "dockerfilePath",

104
cmd/kubernetesDeploy_generated.go
View File

@@ -183,28 +183,45 @@ func kubernetesDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "helmChartPath"}},
},
{
Name: "containerRegistryPassword",
ResourceRef: []config.ResourceReference{{Name: "dockerCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "containerRegistryPassword",
ResourceRef: []config.ResourceReference{
{
Name: "dockerCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "containerRegistryUrl",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/registryUrl"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerRegistryUrl"}},
Name: "containerRegistryUrl",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/registryUrl",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "dockerRegistryUrl"}},
},
{
Name: "containerRegistryUser",
ResourceRef: []config.ResourceReference{{Name: "dockerCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "containerRegistryUser",
ResourceRef: []config.ResourceReference{
{
Name: "dockerCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "containerRegistrySecret",
@@ -255,12 +272,17 @@ func kubernetesDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "image",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/imageNameTag"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "deployImage"}},
Name: "image",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/imageNameTag",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "deployImage"}},
},
{
Name: "ingressHosts",
@@ -271,12 +293,17 @@ func kubernetesDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "kubeConfig",
ResourceRef: []config.ResourceReference{{Name: "kubeConfigFileCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "kubeConfig",
ResourceRef: []config.ResourceReference{
{
Name: "kubeConfigFileCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "kubeContext",
@@ -287,12 +314,17 @@ func kubernetesDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "kubeToken",
ResourceRef: []config.ResourceReference{{Name: "kubeTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "kubeToken",
ResourceRef: []config.ResourceReference{
{
Name: "kubeTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "namespace",

36
cmd/malwareExecuteScan_generated.go
View File

@@ -109,20 +109,32 @@ func malwareExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "malwareScanCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "malwareScanCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "malwareScanCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "malwareScanCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "file",

36
cmd/nexusUpload_generated.go
View File

@@ -189,20 +189,32 @@ func nexusUploadMetadata() config.StepData {
Aliases: []config.Alias{{Name: "maven/m2Path"}},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "nexusCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "nexusCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "nexusCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "nexusCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
},
},

12
cmd/piper.go
View File

@@ -32,6 +32,8 @@ type GeneralConfigOptions struct {
StepName string
Verbose bool
LogFormat string
VaultRoleID string
VaultRoleSecretID string
HookConfig HookConfiguration
}
@@ -188,12 +190,20 @@ func PrepareConfig(cmd *cobra.Command, metadata *config.StepData, stepName strin
filters.Parameters = append(filters.Parameters, "collectTelemetryData")
resourceParams := metadata.GetResourceParameters(GeneralConfig.EnvRootPath, "commonPipelineEnvironment")
flagValues := config.AvailableFlagValues(cmd, &filters)
var myConfig config.Config
var stepConfig config.StepConfig
// add vault credentials so that configuration can be fetched from vault
if GeneralConfig.VaultRoleID == "" {
GeneralConfig.VaultRoleID = os.Getenv("PIPER_vaultRoleID")
}
if GeneralConfig.VaultRoleSecretID == "" {
GeneralConfig.VaultRoleSecretID = os.Getenv("PIPER_vaultRoleSecretID")
}
myConfig.SetVaultCredentials(GeneralConfig.VaultRoleID, GeneralConfig.VaultRoleSecretID)
if len(GeneralConfig.StepConfigJSON) != 0 {
// ignore config & defaults in favor of passed stepConfigJSON
stepConfig = config.GetStepConfigWithJSON(flagValues, GeneralConfig.StepConfigJSON, filters)

104
cmd/protecodeExecuteScan_generated.go
View File

@@ -194,28 +194,43 @@ func protecodeExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{{Name: "protecodeFailOnSevereVulnerabilities"}},
},
{
Name: "scanImage",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/imageNameTag"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "dockerImage"}},
Name: "scanImage",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/imageNameTag",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "dockerImage"}},
},
{
Name: "dockerRegistryUrl",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "container/registryUrl"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "dockerRegistryUrl",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "container/registryUrl",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "dockerConfigJSON",
ResourceRef: []config.ResourceReference{{Name: "dockerConfigJsonCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "dockerConfigJSON",
ResourceRef: []config.ResourceReference{
{
Name: "dockerConfigJsonCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "cleanupMode",
@@ -290,28 +305,45 @@ func protecodeExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "protecodeCredentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "user"}},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "protecodeCredentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "user"}},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "protecodeCredentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "protecodeCredentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "artifactVersion",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "artifactVersion"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "artifactVersion",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "artifactVersion",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "pullRequestName",

85
cmd/sonarExecuteScan_generated.go
View File

@@ -190,12 +190,17 @@ func sonarExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{{Name: "sonarServerUrl"}},
},
{
Name: "token",
ResourceRef: []config.ResourceReference{{Name: "sonarTokenCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "sonarToken"}},
Name: "token",
ResourceRef: []config.ResourceReference{
{
Name: "sonarTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "sonarToken"}},
},
{
Name: "organization",
@@ -222,12 +227,17 @@ func sonarExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "projectVersion",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "artifactVersion"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "projectVersion",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "artifactVersion",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "projectKey",
@@ -318,28 +328,43 @@ func sonarExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "owner",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/owner"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubOrg"}},
Name: "owner",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/owner",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubOrg"}},
},
{
Name: "repository",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "github/repository"}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubRepo"}},
Name: "repository",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "github/repository",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{{Name: "githubRepo"}},
},
{
Name: "githubToken",
ResourceRef: []config.ResourceReference{{Name: "githubTokenCredentialsId", Param: ""}},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "githubToken",
ResourceRef: []config.ResourceReference{
{
Name: "githubTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"PARAMETERS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "disableInlineComments",

34
cmd/whitesourceExecuteScan_generated.go
View File

@@ -328,20 +328,30 @@ func whitesourceExecuteScanMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "orgToken",
ResourceRef: []config.ResourceReference{{Name: "orgAdminUserTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "orgToken",
ResourceRef: []config.ResourceReference{
{
Name: "orgAdminUserTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "userToken",
ResourceRef: []config.ResourceReference{{Name: "userTokenCredentialsId", Param: ""}},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "userToken",
ResourceRef: []config.ResourceReference{
{
Name: "userTokenCredentialsId",
Type: "secret",
},
},
Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "licensingVulnerabilities",

70
cmd/xsDeploy_generated.go
View File

@@ -167,12 +167,17 @@ func xsDeployMetadata() config.StepData {
Aliases: []config.Alias{{Name: "deployIdLogPattern"}},
},
{
Name: "mtaPath",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "mtaPath"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "mtaPath",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "mtaPath",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "action",
@@ -191,12 +196,17 @@ func xsDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "operationId",
ResourceRef: []config.ResourceReference{{Name: "commonPipelineEnvironment", Param: "operationId"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
Name: "operationId",
ResourceRef: []config.ResourceReference{
{
Name: "commonPipelineEnvironment",
Param: "operationId",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: false,
Aliases: []config.Alias{},
},
{
Name: "apiUrl",
@@ -207,20 +217,32 @@ func xsDeployMetadata() config.StepData {
Aliases: []config.Alias{},
},
{
Name: "username",
ResourceRef: []config.ResourceReference{{Name: "credentialsId", Param: "username"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "user"}},
Name: "username",
ResourceRef: []config.ResourceReference{
{
Name: "credentialsId",
Param: "username",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{{Name: "user"}},
},
{
Name: "password",
ResourceRef: []config.ResourceReference{{Name: "credentialsId", Param: "password"}},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
Name: "password",
ResourceRef: []config.ResourceReference{
{
Name: "credentialsId",
Param: "password",
Type: "secret",
},
},
Scope: []string{"PARAMETERS", "STAGES", "STEPS"},
Type: "string",
Mandatory: true,
Aliases: []config.Alias{},
},
{
Name: "org",

59
integration/integration_vault_test.go
View File

@@ -64,6 +64,65 @@ func TestGetVaultSecret(t *testing.T) {
}
func TestVaultAppRoleLogin(t *testing.T) {
t.Parallel()
ctx := context.Background()
const testToken = "vault-token"
req := testcontainers.GenericContainerRequest{
ContainerRequest: testcontainers.ContainerRequest{
AlwaysPullImage: true,
Image: "vault:1.4.3",
ExposedPorts: []string{"8200/tcp"},
Env: map[string]string{"VAULT_DEV_ROOT_TOKEN_ID": testToken},
WaitingFor: wait.ForLog("Vault server started!").WithStartupTimeout(20 * time.Second)},
Started: true,
}
vaultContainer, err := testcontainers.GenericContainer(ctx, req)
assert.NoError(t, err)
defer vaultContainer.Terminate(ctx)
ip, err := vaultContainer.Host(ctx)
assert.NoError(t, err)
port, err := vaultContainer.MappedPort(ctx, "8200")
host := fmt.Sprintf("http://%s:%s", ip, port.Port())
config := &api.Config{Address: host}
roleID, secretID := setupVaultAppRole(t, config, testToken)
client, err := vault.NewClientWithAppRole(config, roleID, secretID, "")
assert.NoError(t, err)
_, err = client.GetSecret("auth/token/lookup-self")
assert.NoError(t, err)
}
func setupVaultAppRole(t *testing.T, config *api.Config, token string) (string, string) {
t.Helper()
client, err := api.NewClient(config)
assert.NoError(t, err)
client.SetToken(token)
lClient := client.Logical()
_, err = lClient.Write("sys/auth/approle", SecretData{
"type": "approle",
})
assert.NoError(t, err)
_, err = lClient.Write("auth/approle/role/test", SecretData{})
assert.NoError(t, err)
res, err := lClient.Write("auth/approle/role/test/secret-id", SecretData{})
assert.NoError(t, err)
secretID := res.Data["secret_id"]
res, err = lClient.Read("auth/approle/role/test/role-id")
assert.NoError(t, err)
roleID := res.Data["role_id"]
return roleID.(string), secretID.(string)
}
func setupVault(t *testing.T, config *api.Config, token string, secret SecretData) {
t.Helper()
client, err := api.NewClient(config)

36
pkg/config/config.go
View File

@@ -19,14 +19,15 @@ import (
// Config defines the structure of the config files
type Config struct {
CustomDefaults []string `json:"customDefaults,omitempty"`
General map[string]interface{} `json:"general"`
Stages map[string]map[string]interface{} `json:"stages"`
Steps map[string]map[string]interface{} `json:"steps"`
Hooks *json.RawMessage `json:"hooks,omitempty"`
defaults PipelineDefaults
initialized bool
openFile func(s string) (io.ReadCloser, error)
CustomDefaults []string `json:"customDefaults,omitempty"`
General map[string]interface{} `json:"general"`
Stages map[string]map[string]interface{} `json:"stages"`
Steps map[string]map[string]interface{} `json:"steps"`
Hooks *json.RawMessage `json:"hooks,omitempty"`
defaults PipelineDefaults
initialized bool
openFile func(s string) (io.ReadCloser, error)
vaultCredentials VaultCredentials
}
// StepConfig defines the structure for merged step configuration
@@ -226,14 +227,17 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
stepConfig.mixIn(flagValues, filters.Parameters)
}
stepConfig.mixIn(c.General, vaultFilter)
// fetch secrets from vault
vaultClient, err := getVaultClientFromConfig(stepConfig)
vaultClient, err := getVaultClientFromConfig(stepConfig, c.vaultCredentials)
if err != nil {
return StepConfig{}, err
}
err = addVaultCredentials(&stepConfig, vaultClient, parameters)
if err != nil {
return StepConfig{}, err
if vaultClient != nil {
err = addVaultCredentials(&stepConfig, vaultClient, parameters)
if err != nil {
return StepConfig{}, err
}
}
// finally do the condition evaluation post processing
@@ -254,6 +258,14 @@ func (c *Config) GetStepConfig(flagValues map[string]interface{}, paramJSON stri
return stepConfig, nil
}
// SetVaultCredentials sets the appRoleID and the appRoleSecretID to load additional configuration from vault
func (c *Config) SetVaultCredentials(appRoleID, appRoleSecretID string) {
c.vaultCredentials = VaultCredentials{
AppRoleID: appRoleID,
AppRoleSecretID: appRoleSecretID,
}
}
// GetStepConfigWithJSON provides merged step configuration using a provided stepConfigJSON with additional flags provided
func GetStepConfigWithJSON(flagValues map[string]interface{}, stepConfigJSON string, filters StepFilters) StepConfig {
var stepConfig StepConfig

66
pkg/config/interpolation/interpolation.go Normal file
View File

@@ -0,0 +1,66 @@
package interpolation
import (
"fmt"
"regexp"
"strings"
)
const (
maxLookupDepth = 10
)
var (
lookupRegex *regexp.Regexp = regexp.MustCompile(`\$\((?P<property>[a-zA-Z0-9\.]*)\)`)
captureGroups = setupCaptureGroups(lookupRegex.SubexpNames())
)
// ResolveMap interpolates every string value of a map and tries to lookup references to other properties of that map
func ResolveMap(config map[string]interface{}) error {
for key, value := range config {
if str, ok := value.(string); ok {
resolvedStr, err := ResolveString(str, config)
if err != nil {
return err
}
config[key] = resolvedStr
}
}
return nil
}
func resolveString(str string, lookupMap map[string]interface{}, n int) (string, error) {
matches := lookupRegex.FindAllStringSubmatch(str, -1)
if len(matches) == 0 {
return str, nil
}
if n == maxLookupDepth {
return "", fmt.Errorf("Property could not be resolved with a depth of %d. '%s' is still left to resolve", n, str)
}
for _, match := range matches {
property := match[captureGroups["property"]]
if propVal, ok := lookupMap[property]; ok {
str = strings.ReplaceAll(str, fmt.Sprintf("$(%s)", property), propVal.(string))
} else {
str = strings.ReplaceAll(str, fmt.Sprintf("$(%s)", property), "")
}
}
return resolveString(str, lookupMap, n+1)
}
// ResolveString takes a string and replaces all references inside of it whith values from the given lookupMap.
// This is being done recursively until the maxLookupDepth is reached.
func ResolveString(str string, lookupMap map[string]interface{}) (string, error) {
return resolveString(str, lookupMap, 0)
}
func setupCaptureGroups(captureGroupsList []string) map[string]int {
groups := make(map[string]int, len(captureGroupsList))
for i, captureGroupName := range captureGroupsList {
if i == 0 {
continue
}
groups[captureGroupName] = i
}
return groups
}

34
pkg/config/interpolation/interpolation_test.go Normal file
View File

@@ -0,0 +1,34 @@
package interpolation
import (
"testing"
"github.com/stretchr/testify/assert"
)
func TestResolveMap(t *testing.T) {
t.Parallel()
t.Run("Lookup lookup works", func(t *testing.T) {
testMap := map[string]interface{}{
"prop1": "val1",
"prop2": "val2",
"prop3": "$(prop1)/$(prop2)",
}
err := ResolveMap(testMap)
assert.NoError(t, err)
assert.Equal(t, "val1/val2", testMap["prop3"])
})
t.Run("That resolve loops are aborted", func(t *testing.T) {
testMap := map[string]interface{}{
"prop1": "$(prop2)",
"prop2": "$(prop1)",
}
err := ResolveMap(testMap)
assert.Error(t, err)
})
}

17
pkg/config/stepmeta.go
View File

@@ -65,7 +65,7 @@ type ResourceReference struct {
Name string `json:"name"`
Type string `json:"type,omitempty"`
Param string `json:"param,omitempty"`
Paths []string `json:"path,omitempty"`
Paths []string `json:"paths,omitempty"`
Aliases []Alias `json:"aliases,omitempty"`
}
@@ -232,6 +232,11 @@ func (m *StepData) GetContextParameterFilters() StepFilters {
contextFilters = append(contextFilters, []string{"containerName", "containerPortMappings", "dockerName", "sidecarEnvVars", "sidecarImage", "sidecarName", "sidecarOptions", "sidecarPullImage", "sidecarReadyCommand", "sidecarVolumeBind", "sidecarWorkspace"}...)
//ToDo: add condition param.Value and param.Name to filter as for Containers
}
if m.HasReference("vaultSecret") {
contextFilters = append(contextFilters, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}...)
}
if len(contextFilters) > 0 {
filters.All = append(filters.All, contextFilters...)
filters.General = append(filters.General, contextFilters...)
@@ -395,6 +400,16 @@ func (m *StepParameters) GetReference(refType string) *ResourceReference {
return nil
}
// HasReference checks whether StepData contains a parameter that has Reference with the given type
func (m *StepData) HasReference(refType string) bool {
for _, param := range m.Spec.Inputs.Parameters {
if param.GetReference(refType) != nil {
return true
}
}
return false
}
// EnvVarsAsMap converts container EnvVars into a map as required by dockerExecute
func EnvVarsAsMap(envVars []EnvVar) map[string]string {
e := map[string]string{}

20
pkg/config/stepmeta_test.go
View File

@@ -258,6 +258,16 @@ func TestGetContextParameterFilters(t *testing.T) {
},
}
metadata4 := StepData{
Spec: StepSpec{
Inputs: StepInputs{
Parameters: []StepParameters{
StepParameters{ResourceRef: []ResourceReference{ResourceReference{Type: "vaultSecret"}}},
},
},
},
}
t.Run("Secrets and stashes", func(t *testing.T) {
filters := metadata1.GetContextParameterFilters()
assert.Equal(t, []string{"testSecret1", "testSecret2", "stashContent"}, filters.All, "incorrect filter All")
@@ -287,6 +297,16 @@ func TestGetContextParameterFilters(t *testing.T) {
assert.Equal(t, []string{"containerName", "containerPortMappings", "dockerName", "sidecarEnvVars", "sidecarImage", "sidecarName", "sidecarOptions", "sidecarPullImage", "sidecarReadyCommand", "sidecarVolumeBind", "sidecarWorkspace"}, filters.Parameters, "incorrect filter Parameters")
assert.Equal(t, []string{"containerName", "containerPortMappings", "dockerName", "sidecarEnvVars", "sidecarImage", "sidecarName", "sidecarOptions", "sidecarPullImage", "sidecarReadyCommand", "sidecarVolumeBind", "sidecarWorkspace"}, filters.Env, "incorrect filter Env")
})
t.Run("Vault", func(t *testing.T) {
filters := metadata4.GetContextParameterFilters()
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.All, "incorrect filter All")
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.General, "incorrect filter General")
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.Steps, "incorrect filter Steps")
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.Stages, "incorrect filter Stages")
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.Parameters, "incorrect filter Parameters")
assert.Equal(t, []string{"vaultAppRoleCredentialId", "vaultAppRoleSecretCredentialId"}, filters.Env, "incorrect filter Env")
})
}
func TestGetContextDefaults(t *testing.T) {

42
pkg/config/vault.go
View File

@@ -1,34 +1,50 @@
package config
import (
"path"
"github.com/SAP/jenkins-library/pkg/config/interpolation"
"github.com/SAP/jenkins-library/pkg/log"
"github.com/SAP/jenkins-library/pkg/vault"
"github.com/hashicorp/vault/api"
)
var vaultFilter = []string{
"vaultApproleID",
"vaultApproleSecreId",
"vaultAddress",
"vaultNamespace",
"vaultBasePath",
"vaultPipelineName",
}
// VaultCredentials hold all the auth information needed to fetch configuration from vault
type VaultCredentials struct {
AppRoleID string
AppRoleSecretID string
}
// vaultClient interface for mocking
type vaultClient interface {
GetKvSecret(string) (map[string]string, error)
}
func getVaultClientFromConfig(config StepConfig) (vaultClient, error) {
func getVaultClientFromConfig(config StepConfig, creds VaultCredentials) (vaultClient, error) {
address, addressOk := config.Config["vaultAddress"].(string)
token, tokenOk := config.Config["vaultToken"].(string)
log.Entry().Infof("config received %#v", config.Config)
// if vault isn't used it's not an error
if !addressOk || !tokenOk {
if !addressOk || creds.AppRoleID == "" || creds.AppRoleSecretID == "" {
log.Entry().Info("Skipping fetching secrets from vault since it is not configured")
return nil, nil
}
// namespaces are only available in vault enterprise so using them should be optional
namespace := config.Config["vaultNamespace"].(string)
client, err := vault.NewClient(&api.Config{Address: address}, token, namespace)
client, err := vault.NewClientWithAppRole(&api.Config{Address: address}, creds.AppRoleID, creds.AppRoleSecretID, namespace)
if err != nil {
return nil, err
}
log.Entry().Infof("Fetching secrets from vault at %s", address)
return &client, nil
}
@@ -45,14 +61,13 @@ func addVaultCredentials(config *StepConfig, client vaultClient, params []StepPa
}
for _, vaultPath := range ref.Paths {
// it should be possible to configure the root path were the secret is stored
basePath := ""
var ok bool
p, ok := config.Config["vaultBasePath"].(string)
if ok {
basePath = p
var err error
vaultPath, err = interpolation.ResolveString(vaultPath, config.Config)
if err != nil {
return err
}
secret, err := client.GetKvSecret(path.Join(basePath, vaultPath))
secret, err := client.GetKvSecret(vaultPath)
if err != nil {
return err
}
@@ -62,6 +77,7 @@ func addVaultCredentials(config *StepConfig, client vaultClient, params []StepPa
field := secret[param.Name]
if field != "" {
log.RegisterSecret(field)
config.Config[param.Name] = field
break
}

14
pkg/config/vault_test.go
View File

@@ -16,7 +16,7 @@ func TestVaultConfigLoad(t *testing.T) {
stepConfig := StepConfig{Config: map[string]interface{}{
"vaultBasePath": "team1",
}}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "pipelineA")}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
vaultData := map[string]string{secretName: "value1"}
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
@@ -31,7 +31,7 @@ func TestVaultConfigLoad(t *testing.T) {
"vaultBasePath": "team1",
secretName: "preset value",
}}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "pipelineA")}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
vaultData := map[string]string{secretName: "value1"}
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(vaultData, nil)
err := addVaultCredentials(&stepConfig, vaultMock, stepParams)
@@ -45,7 +45,7 @@ func TestVaultConfigLoad(t *testing.T) {
stepConfig := StepConfig{Config: map[string]interface{}{
"vaultBasePath": "team1",
}}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "pipelineA")}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, fmt.Errorf("test"))
err := addVaultCredentials(&stepConfig, vaultMock, stepParams)
assert.Len(t, stepConfig.Config, 1)
@@ -57,7 +57,7 @@ func TestVaultConfigLoad(t *testing.T) {
stepConfig := StepConfig{Config: map[string]interface{}{
"vaultBasePath": "team1",
}}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "pipelineA")}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, nil)
err := addVaultCredentials(&stepConfig, vaultMock, stepParams)
assert.NoError(t, err)
@@ -70,7 +70,7 @@ func TestVaultConfigLoad(t *testing.T) {
"vaultBasePath": "team1",
}}
stepParams := []StepParameters{
stepParam(secretName, "vaultSecret", "pipelineA", "pipelineB"),
stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA", "$(vaultBasePath)/pipelineB"),
}
vaultData := map[string]string{secretName: "value1"}
vaultMock.On("GetKvSecret", "team1/pipelineA").Return(nil, nil)
@@ -83,9 +83,9 @@ func TestVaultConfigLoad(t *testing.T) {
t.Run("No BasePath is stepConfig.Configured", func(t *testing.T) {
vaultMock := &mocks.VaultMock{}
stepConfig := StepConfig{Config: map[string]interface{}{}}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "pipelineA")}
stepParams := []StepParameters{stepParam(secretName, "vaultSecret", "$(vaultBasePath)/pipelineA")}
vaultData := map[string]string{secretName: "value1"}
vaultMock.On("GetKvSecret", "pipelineA").Return(vaultData, nil)
vaultMock.On("GetKvSecret", "/pipelineA").Return(vaultData, nil)
err := addVaultCredentials(&stepConfig, vaultMock, stepParams)
assert.NoError(t, err)
assert.Equal(t, "value1", stepConfig.Config[secretName])

18
pkg/generator/helper/helper.go
View File

@@ -140,6 +140,22 @@ func {{.FlagsFunc}}(cmd *cobra.Command, stepConfig *{{.StepName}}Options) {
cmd.MarkFlagRequired("{{ $value.Name }}"){{ end }}{{ end }}
}
{{ define "resourceRefs"}}
{{ "{" }}
Name: "{{- .Name }}",
{{- if .Param }}
Param: "{{ .Param }}",
{{- end }}
{{- if gt (len .Paths) 0 }}
Paths: []string{{ "{" }}{{ range $_, $path := .Paths }}"{{$path}}",{{ end }}{{"}"}},
{{- end }}
{{- if .Type }}
Type: "{{ .Type }}",
{{- end }}
{{ "}" }},
{{- nindent 24 ""}}
{{- end -}}
// retrieve step metadata
func {{ .StepName }}Metadata() config.StepData {
var theMetaData = config.StepData{
@@ -153,7 +169,7 @@ func {{ .StepName }}Metadata() config.StepData {
{{- range $key, $value := .StepParameters }}
{
Name: "{{ $value.Name }}",
ResourceRef: []config.ResourceReference{{ "{" }}{{ range $notused, $ref := $value.ResourceRef }}{{ "{" }}Name: "{{ $ref.Name }}", Param: "{{ $ref.Param }}"{{ "}" }},{{ end }}{{ "}" }},
ResourceRef: []config.ResourceReference{{ "{" }}{{ range $notused, $ref := $value.ResourceRef }}{{ template "resourceRefs" $ref }}{{ end }}{{ "}" }},
Scope: []string{{ "{" }}{{ range $notused, $scope := $value.Scope }}"{{ $scope }}",{{ end }}{{ "}" }},
Type: "{{ $value.Type }}",
Mandatory: {{ $value.Mandatory }},

32
pkg/vault/vault.go
View File

@@ -37,6 +37,38 @@ func NewClient(config *api.Config, token, namespace string) (Client, error) {
return Client{client.Logical()}, nil
}
// NewClientWithAppRole instantiates a new client and obtains a token via the AppRole auth method
func NewClientWithAppRole(config *api.Config, roleID, secretID, namespace string) (Client, error) {
if config == nil {
config = api.DefaultConfig()
}
client, err := api.NewClient(config)
if err != nil {
return Client{}, err
}
if namespace != "" {
client.SetNamespace(namespace)
}
result, err := client.Logical().Write("auth/approle/login", map[string]interface{}{
"role_id": roleID,
"secret_id": secretID,
})
if err != nil {
return Client{}, err
}
authInfo := result.Auth
if authInfo == nil {
return Client{}, fmt.Errorf("Could not obtain token from approle with role_id %s", roleID)
}
return NewClient(config, authInfo.ClientToken, namespace)
}
// GetSecret uses the given path to fetch a secret from vault
func (v Client) GetSecret(path string) (*api.Secret, error) {
path = sanitizePath(path)