mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-01-18 05:18:24 +02:00
Optionally use new go-based Whitesource step (#2079)
This commit is contained in:
parent
58b6c04cd2
commit
e8f49df6a3
@ -24,6 +24,13 @@ stages:
|
|||||||
- 'sonarTokenCredentialsId'
|
- 'sonarTokenCredentialsId'
|
||||||
- 'projectKey'
|
- 'projectKey'
|
||||||
- 'instance'
|
- 'instance'
|
||||||
|
security:
|
||||||
|
stepConditions:
|
||||||
|
whitesourceExecuteScan:
|
||||||
|
configKeys:
|
||||||
|
- 'productName'
|
||||||
|
- 'orgAdminUserTokenCredentialsId'
|
||||||
|
- 'userTokenCredentialsId'
|
||||||
frontendIntegrationTests:
|
frontendIntegrationTests:
|
||||||
stepConditions:
|
stepConditions:
|
||||||
npmExecuteScripts:
|
npmExecuteScripts:
|
||||||
|
@ -15,7 +15,10 @@ import org.springframework.beans.factory.annotation.Autowired
|
|||||||
import util.*
|
import util.*
|
||||||
|
|
||||||
import static org.hamcrest.Matchers.*
|
import static org.hamcrest.Matchers.*
|
||||||
|
import static org.junit.Assert.assertEquals
|
||||||
|
import static org.junit.Assert.assertNotEquals
|
||||||
import static org.junit.Assert.assertThat
|
import static org.junit.Assert.assertThat
|
||||||
|
import static org.junit.Assert.assertTrue
|
||||||
|
|
||||||
class WhitesourceExecuteScanTest extends BasePiperTest {
|
class WhitesourceExecuteScanTest extends BasePiperTest {
|
||||||
|
|
||||||
@ -108,7 +111,7 @@ class WhitesourceExecuteScanTest extends BasePiperTest {
|
|||||||
def expectedEnvVars = ['env1': 'value1', 'env2': 'value2']
|
def expectedEnvVars = ['env1': 'value1', 'env2': 'value2']
|
||||||
def expectedOptions = '--opt1=val1 --opt2=val2 --opt3'
|
def expectedOptions = '--opt1=val1 --opt2=val2 --opt3'
|
||||||
def expectedWorkspace = '/path/to/workspace'
|
def expectedWorkspace = '/path/to/workspace'
|
||||||
|
|
||||||
helper.registerAllowedMethod("readProperties", [Map], {
|
helper.registerAllowedMethod("readProperties", [Map], {
|
||||||
def result = new Properties()
|
def result = new Properties()
|
||||||
result.putAll([
|
result.putAll([
|
||||||
@ -120,11 +123,11 @@ class WhitesourceExecuteScanTest extends BasePiperTest {
|
|||||||
])
|
])
|
||||||
return result
|
return result
|
||||||
})
|
})
|
||||||
|
|
||||||
nullScript.commonPipelineEnvironment.configuration =
|
nullScript.commonPipelineEnvironment.configuration =
|
||||||
MapUtils.merge(nullScript.commonPipelineEnvironment.configuration,
|
MapUtils.merge(nullScript.commonPipelineEnvironment.configuration,
|
||||||
[steps:[whitesourceExecuteScan:[
|
[steps:[whitesourceExecuteScan:[
|
||||||
dockerImage: expectedImage,
|
dockerImage: expectedImage,
|
||||||
dockerOptions: expectedOptions,
|
dockerOptions: expectedOptions,
|
||||||
dockerEnvVars: expectedEnvVars,
|
dockerEnvVars: expectedEnvVars,
|
||||||
dockerWorkspace: expectedWorkspace
|
dockerWorkspace: expectedWorkspace
|
||||||
@ -147,7 +150,7 @@ class WhitesourceExecuteScanTest extends BasePiperTest {
|
|||||||
assert expectedEnvVars.equals(dockerExecuteRule.dockerParams.dockerEnvVars)
|
assert expectedEnvVars.equals(dockerExecuteRule.dockerParams.dockerEnvVars)
|
||||||
assert expectedWorkspace == dockerExecuteRule.dockerParams.dockerWorkspace
|
assert expectedWorkspace == dockerExecuteRule.dockerParams.dockerWorkspace
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void testMaven() {
|
void testMaven() {
|
||||||
helper.registerAllowedMethod("readProperties", [Map], {
|
helper.registerAllowedMethod("readProperties", [Map], {
|
||||||
@ -407,7 +410,7 @@ class WhitesourceExecuteScanTest extends BasePiperTest {
|
|||||||
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
||||||
assertThat(errorCaught, is(true))
|
assertThat(errorCaught, is(true))
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void testSbt() {
|
void testSbt() {
|
||||||
helper.registerAllowedMethod("readProperties", [Map], {
|
helper.registerAllowedMethod("readProperties", [Map], {
|
||||||
@ -1219,4 +1222,69 @@ class WhitesourceExecuteScanTest extends BasePiperTest {
|
|||||||
thrown.expectMessage("[whitesourceExecuteScan] Whitesource found 5 policy violations for your product")
|
thrown.expectMessage("[whitesourceExecuteScan] Whitesource found 5 policy violations for your product")
|
||||||
stepRule.step.checkViolationStatus(5)
|
stepRule.step.checkViolationStatus(5)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void testGoStepFeatureToggleOn() {
|
||||||
|
String calledStep = ''
|
||||||
|
String usedMetadataFile = ''
|
||||||
|
helper.registerAllowedMethod('piperExecuteBin', [Map, String, String, List], {
|
||||||
|
Map parameters, String stepName,
|
||||||
|
String metadataFile, List credentialInfo ->
|
||||||
|
calledStep = stepName
|
||||||
|
usedMetadataFile = metadataFile
|
||||||
|
})
|
||||||
|
|
||||||
|
stepRule.step.whitesourceExecuteScan([
|
||||||
|
script : nullScript,
|
||||||
|
orgToken : 'testOrgToken',
|
||||||
|
productName : 'SHC - Piper',
|
||||||
|
projectNames: ['piper-demo - 0.0.1'],
|
||||||
|
useGoStep : true,
|
||||||
|
])
|
||||||
|
|
||||||
|
assertEquals('whitesourceExecuteScan', calledStep)
|
||||||
|
assertEquals('metadata/whitesource.yaml', usedMetadataFile)
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void testGoStepFeatureToggleImplicitOff() {
|
||||||
|
String calledStep = ''
|
||||||
|
String usedMetadataFile = ''
|
||||||
|
helper.registerAllowedMethod('piperExecuteBin', [Map, String, String, List], {
|
||||||
|
Map parameters, String stepName,
|
||||||
|
String metadataFile, List credentialInfo ->
|
||||||
|
calledStep = stepName
|
||||||
|
usedMetadataFile = metadataFile
|
||||||
|
})
|
||||||
|
|
||||||
|
helper.registerAllowedMethod("readProperties", [Map], {
|
||||||
|
def result = new Properties()
|
||||||
|
result.putAll([
|
||||||
|
"apiKey" : "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
||||||
|
"productName" : "SHC - Piper",
|
||||||
|
"checkPolicies" : "true",
|
||||||
|
"projectName" : "python-test",
|
||||||
|
"projectVersion": "1.0.0"
|
||||||
|
])
|
||||||
|
return result
|
||||||
|
})
|
||||||
|
|
||||||
|
helper.registerAllowedMethod("publishHTML", [Map.class], { m ->
|
||||||
|
return null
|
||||||
|
})
|
||||||
|
|
||||||
|
stepRule.step.whitesourceExecuteScan([
|
||||||
|
script : nullScript,
|
||||||
|
whitesourceRepositoryStub : whitesourceStub,
|
||||||
|
whitesourceOrgAdminRepositoryStub: whitesourceOrgAdminRepositoryStub,
|
||||||
|
descriptorUtilsStub : descriptorUtilsStub,
|
||||||
|
scanType : 'maven',
|
||||||
|
juStabUtils : utils,
|
||||||
|
orgToken : 'testOrgToken',
|
||||||
|
whitesourceProductName : 'testProduct',
|
||||||
|
])
|
||||||
|
|
||||||
|
assertEquals('', calledStep)
|
||||||
|
assertEquals('', usedMetadataFile)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,6 @@
|
|||||||
|
import com.sap.piper.BuildTool
|
||||||
import com.sap.piper.DescriptorUtils
|
import com.sap.piper.DescriptorUtils
|
||||||
|
import com.sap.piper.DownloadCacheUtils
|
||||||
import com.sap.piper.GenerateDocumentation
|
import com.sap.piper.GenerateDocumentation
|
||||||
import com.sap.piper.JsonUtils
|
import com.sap.piper.JsonUtils
|
||||||
import com.sap.piper.Utils
|
import com.sap.piper.Utils
|
||||||
@ -7,7 +9,6 @@ import com.sap.piper.integration.WhitesourceRepository
|
|||||||
import com.sap.piper.ConfigurationHelper
|
import com.sap.piper.ConfigurationHelper
|
||||||
import com.sap.piper.WhitesourceConfigurationHelper
|
import com.sap.piper.WhitesourceConfigurationHelper
|
||||||
import com.sap.piper.mta.MtaMultiplexer
|
import com.sap.piper.mta.MtaMultiplexer
|
||||||
import groovy.text.GStringTemplateEngine
|
|
||||||
import groovy.transform.Field
|
import groovy.transform.Field
|
||||||
import groovy.text.GStringTemplateEngine
|
import groovy.text.GStringTemplateEngine
|
||||||
|
|
||||||
@ -70,7 +71,12 @@ import static com.sap.piper.Prerequisites.checkScript
|
|||||||
* Whether verbose output should be produced.
|
* Whether verbose output should be produced.
|
||||||
* @possibleValues `true`, `false`
|
* @possibleValues `true`, `false`
|
||||||
*/
|
*/
|
||||||
'verbose'
|
'verbose',
|
||||||
|
/**
|
||||||
|
* Toggle to activate the new go-implementation of the step. Off by default.
|
||||||
|
* @possibleValues true, false
|
||||||
|
*/
|
||||||
|
'useGoStep',
|
||||||
]
|
]
|
||||||
@Field Set STEP_CONFIG_KEYS = GENERAL_CONFIG_KEYS + [
|
@Field Set STEP_CONFIG_KEYS = GENERAL_CONFIG_KEYS + [
|
||||||
/**
|
/**
|
||||||
@ -245,7 +251,7 @@ void call(Map parameters = [:]) {
|
|||||||
def statusCode = 1
|
def statusCode = 1
|
||||||
|
|
||||||
//initialize CPE for passing whiteSourceProjects
|
//initialize CPE for passing whiteSourceProjects
|
||||||
if(script.commonPipelineEnvironment.getValue('whitesourceProjectNames') == null) {
|
if (script.commonPipelineEnvironment.getValue('whitesourceProjectNames') == null) {
|
||||||
script.commonPipelineEnvironment.setValue('whitesourceProjectNames', [])
|
script.commonPipelineEnvironment.setValue('whitesourceProjectNames', [])
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -256,9 +262,25 @@ void call(Map parameters = [:]) {
|
|||||||
.mixinStepConfig(script.commonPipelineEnvironment, STEP_CONFIG_KEYS, CONFIG_KEY_COMPATIBILITY)
|
.mixinStepConfig(script.commonPipelineEnvironment, STEP_CONFIG_KEYS, CONFIG_KEY_COMPATIBILITY)
|
||||||
.mixinStageConfig(script.commonPipelineEnvironment, stageName, STEP_CONFIG_KEYS, CONFIG_KEY_COMPATIBILITY)
|
.mixinStageConfig(script.commonPipelineEnvironment, stageName, STEP_CONFIG_KEYS, CONFIG_KEY_COMPATIBILITY)
|
||||||
.mixin([
|
.mixin([
|
||||||
style : libraryResource('piper-os.css')
|
style: libraryResource('piper-os.css')
|
||||||
])
|
])
|
||||||
.mixin(parameters, PARAMETER_KEYS, CONFIG_KEY_COMPATIBILITY)
|
.mixin(parameters, PARAMETER_KEYS, CONFIG_KEY_COMPATIBILITY)
|
||||||
|
.addIfEmpty('scanType', script.commonPipelineEnvironment.getBuildTool())
|
||||||
|
.use()
|
||||||
|
|
||||||
|
if (config.useGoStep == true && config.scanType != "unified-agent") {
|
||||||
|
parameters = DownloadCacheUtils.injectDownloadCacheInParameters(script, parameters, BuildTool.MTA)
|
||||||
|
|
||||||
|
List credentials = [
|
||||||
|
[type: 'token', id: 'orgAdminUserTokenCredentialsId', env: ['PIPER_orgToken']],
|
||||||
|
[type: 'token', id: 'userTokenCredentialsId', env: ['PIPER_userToken']],
|
||||||
|
]
|
||||||
|
piperExecuteBin(parameters, "whitesourceExecuteScan", "metadata/whitesource.yaml", credentials)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// Apply Groovy specific config handling if not using the go-step.
|
||||||
|
config = ConfigurationHelper.newInstance(this, config)
|
||||||
.dependingOn('scanType').mixin('buildDescriptorFile')
|
.dependingOn('scanType').mixin('buildDescriptorFile')
|
||||||
.dependingOn('scanType').mixin('dockerImage')
|
.dependingOn('scanType').mixin('dockerImage')
|
||||||
.dependingOn('scanType').mixin('dockerWorkspace')
|
.dependingOn('scanType').mixin('dockerWorkspace')
|
||||||
@ -284,9 +306,9 @@ void call(Map parameters = [:]) {
|
|||||||
script.commonPipelineEnvironment.setInfluxStepData('whitesource', false)
|
script.commonPipelineEnvironment.setInfluxStepData('whitesource', false)
|
||||||
|
|
||||||
utils.pushToSWA([
|
utils.pushToSWA([
|
||||||
step: STEP_NAME,
|
step : STEP_NAME,
|
||||||
stepParamKey1: 'scanType',
|
stepParamKey1: 'scanType',
|
||||||
stepParam1: config.scanType
|
stepParam1 : config.scanType
|
||||||
], config)
|
], config)
|
||||||
|
|
||||||
echo "Parameters: scanType: ${config.scanType}"
|
echo "Parameters: scanType: ${config.scanType}"
|
||||||
@ -294,7 +316,7 @@ void call(Map parameters = [:]) {
|
|||||||
def whitesourceRepository = parameters.whitesourceRepositoryStub ?: new WhitesourceRepository(this, config)
|
def whitesourceRepository = parameters.whitesourceRepositoryStub ?: new WhitesourceRepository(this, config)
|
||||||
def whitesourceOrgAdminRepository = parameters.whitesourceOrgAdminRepositoryStub ?: new WhitesourceOrgAdminRepository(this, config)
|
def whitesourceOrgAdminRepository = parameters.whitesourceOrgAdminRepositoryStub ?: new WhitesourceOrgAdminRepository(this, config)
|
||||||
|
|
||||||
if(config.whitesource.orgAdminUserTokenCredentialsId) {
|
if (config.whitesource.orgAdminUserTokenCredentialsId) {
|
||||||
statusCode = triggerWhitesourceScanWithOrgAdminUserKey(script, config, utils, descriptorUtils, parameters, whitesourceRepository, whitesourceOrgAdminRepository)
|
statusCode = triggerWhitesourceScanWithOrgAdminUserKey(script, config, utils, descriptorUtils, parameters, whitesourceRepository, whitesourceOrgAdminRepository)
|
||||||
} else {
|
} else {
|
||||||
statusCode = triggerWhitesourceScanWithUserKey(script, config, utils, descriptorUtils, parameters, whitesourceRepository, whitesourceOrgAdminRepository)
|
statusCode = triggerWhitesourceScanWithUserKey(script, config, utils, descriptorUtils, parameters, whitesourceRepository, whitesourceOrgAdminRepository)
|
||||||
|
Loading…
Reference in New Issue
Block a user