jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
Code Issues Releases Activity

Fix issue with failing pipelines because of ignored alerts (#4518)

Browse Source 
* Temporary commented adition of ignored alerts to the all alerts

* Removed adding from other places
This commit is contained in:
Andrei Kireev 2023-08-16 14:57:46 +03:00 committed by GitHub
parent 0ba4c2206c
commit e87b514b00
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cmd/whitesourceExecuteScan.go
View File

@ -513,12 +513,12 @@ func checkPolicyViolations(ctx context.Context, config *ScanOptions, scan *ws.Sc
return piperutils.Path{}, fmt.Errorf("failed to retrieve project policy alerts from WhiteSource: %w", err)
}
ignoredAlerts, err := sys.GetProjectIgnoredAlertsByType(project.Token, "REJECTED_BY_POLICY_RESOURCE")
// TODO add ignored alerts to list of all alerts
_, err = sys.GetProjectIgnoredAlertsByType(project.Token, "REJECTED_BY_POLICY_RESOURCE")
if err != nil {
return piperutils.Path{}, fmt.Errorf("failed to retrieve project policy ignored alerts from WhiteSource: %w", err)
}
alerts = append(alerts, ignoredAlerts...)
// alerts = append(alerts, ignoredAlerts...)
policyViolationCount += len(alerts)
allAlerts = append(allAlerts, alerts...)
@ -811,12 +811,12 @@ func checkProjectSecurityViolations(config *ScanOptions, cvssSeverityLimit float
return 0, alerts, assessedAlerts, fmt.Errorf("failed to retrieve project alerts from WhiteSource: %w", err)
}
ignoredAlerts, err := sys.GetProjectIgnoredAlertsByType(project.Token, "SECURITY_VULNERABILITY")
// TODO add ignored alerts to list of all alerts
_, err = sys.GetProjectIgnoredAlertsByType(project.Token, "SECURITY_VULNERABILITY")
if err != nil {
return 0, alerts, assessedAlerts, fmt.Errorf("failed to retrieve project ignored alerts from WhiteSource: %w", err)
}
alerts = append(alerts, ignoredAlerts...)
// alerts = append(alerts, ignoredAlerts...)
// filter alerts related to existing assessments
filteredAlerts := []ws.Alert{}
@ -904,12 +904,12 @@ func aggregateVersionWideVulnerabilities(config *ScanOptions, utils whitesourceU
return errors.Wrapf(err, "failed to get project alerts by type")
}
ignoredAlerts, err := sys.GetProjectIgnoredAlertsByType(project.Token, "SECURITY_VULNERABILITY")
// TODO add ignored alerts to list of all alerts
_, err = sys.GetProjectIgnoredAlertsByType(project.Token, "SECURITY_VULNERABILITY")
if err != nil {
return errors.Wrapf(err, "failed to get project ignored alerts by type")
}
alerts = append(alerts, ignoredAlerts...)
// alerts = append(alerts, ignoredAlerts...)
log.Entry().Infof("Found project: %s with %v vulnerabilities.", project.Name, len(alerts))
versionWideAlerts = append(versionWideAlerts, alerts...)