From f7f33f38acd13579ea86fd502e60bfa753127831 Mon Sep 17 00:00:00 2001 From: Sven Merk Date: Wed, 6 Mar 2019 11:04:49 +0100 Subject: [PATCH] Address comments --- resources/default_pipeline_environment.yml | 22 ++---- .../WhitesourceConfigurationHelper.groovy | 4 +- test/groovy/WhitesourceExecuteScanTest.groovy | 72 ++++++++++--------- vars/whitesourceExecuteScan.groovy | 3 - 4 files changed, 44 insertions(+), 57 deletions(-) diff --git a/resources/default_pipeline_environment.yml b/resources/default_pipeline_environment.yml index 863ec4c14..0f9962c0d 100644 --- a/resources/default_pipeline_environment.yml +++ b/resources/default_pipeline_environment.yml @@ -265,18 +265,18 @@ steps: vulnerabilityReportTitle: 'WhiteSource Security Vulnerability Report' projectNames: [] jreDownloadUrl: 'https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz' + agentFileName: 'wss-unified-agent.jar' + agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/${config.agentFileName}' + agentParameters: '' + configFilePath: './wss-unified-agent.config' mta: stashContent: - 'buildDescriptor' - 'opensourceConfiguration' maven: buildDescriptorFile: './pom.xml' - dockerImage: 'maven:3.5-jdk-7' + dockerImage: 'maven:3.5-jdk-8' dockerWorkspace: '/home/java' - agentFileName: 'wss-unified-agent.jar' - agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/${config.agentFileName}' - agentParameters: '' - configFilePath: './wss-unified-agent.config' stashContent: - 'buildDescriptor' - 'opensourceConfiguration' @@ -284,10 +284,6 @@ steps: buildDescriptorFile: './package.json' dockerImage: 'node:8-stretch' dockerWorkspace: '/home/node' - agentFileName: 'wss-unified-agent.jar' - agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/${config.agentFileName}' - agentParameters: '' - configFilePath: './wss-unified-agent.config' stashContent: - 'buildDescriptor' - 'opensourceConfiguration' @@ -295,10 +291,6 @@ steps: buildDescriptorFile: './setup.py' dockerImage: 'python:3.7.2-stretch' dockerWorkspace: '/home/python' - agentFileName: 'wss-unified-agent.jar' - agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/${config.agentFileName}' - agentParameters: '' - configFilePath: './wss-unified-agent.config' stashContent: - 'buildDescriptor' - 'opensourceConfiguration' @@ -306,10 +298,6 @@ steps: buildDescriptorFile: './build.sbt' dockerImage: 'hseeberger/scala-sbt:8u181_2.12.8_1.2.8' dockerWorkspace: '/home/scala' - agentFileName: 'wss-unified-agent.jar' - agentDownloadUrl: 'https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/${config.agentFileName}' - agentParameters: '' - configFilePath: './wss-unified-agent.config' stashContent: - 'buildDescriptor' - 'opensourceConfiguration' diff --git a/src/com/sap/piper/WhitesourceConfigurationHelper.groovy b/src/com/sap/piper/WhitesourceConfigurationHelper.groovy index af5853629..21b793b36 100644 --- a/src/com/sap/piper/WhitesourceConfigurationHelper.groovy +++ b/src/com/sap/piper/WhitesourceConfigurationHelper.groovy @@ -2,8 +2,6 @@ package com.sap.piper import com.cloudbees.groovy.cps.NonCPS -import java.security.MessageDigest - class WhitesourceConfigurationHelper implements Serializable { static def extendUAConfigurationFile(script, utils, config, path) { @@ -11,7 +9,7 @@ class WhitesourceConfigurationHelper implements Serializable { def parsingClosure = { fileReadPath -> return script.readProperties (file: fileReadPath) } def serializationClosure = { configuration -> serializeUAConfig(configuration) } def inputFile = config.configFilePath.replaceFirst('\\./', '') - def suffix = MessageDigest.getInstance("MD5").digest(config.configFilePath.bytes).encodeHex().toString() + def suffix = utils.generateSha1(config.configFilePath) def targetFile = "${inputFile}.${suffix}" if(config.productName.startsWith('DIST - ')) { mapping += [ diff --git a/test/groovy/WhitesourceExecuteScanTest.groovy b/test/groovy/WhitesourceExecuteScanTest.groovy index 803cf9037..73db25fd9 100644 --- a/test/groovy/WhitesourceExecuteScanTest.groovy +++ b/test/groovy/WhitesourceExecuteScanTest.groovy @@ -174,18 +174,18 @@ class WhitesourceExecuteScanTest extends BasePiperTest { assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor')) assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration')) - assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'maven:3.5-jdk-7')) + assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'maven:3.5-jdk-8')) assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/java')) - assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config 420a1bc5c82f57e80307205d8625304f'])) + assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3'])) assertThat(shellRule.shell, Matchers.hasItems( is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.jar'), - is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProduct\'') + is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProduct\'') )) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('apiKey=testOrgToken')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productName=testProduct')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('userKey=token-0815')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProduct')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815')) } @@ -221,19 +221,19 @@ class WhitesourceExecuteScanTest extends BasePiperTest { assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'node:8-stretch')) assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/node')) - assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config 420a1bc5c82f57e80307205d8625304f'])) + assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3'])) assertThat(shellRule.shell, Matchers.hasItems( is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.jar'), is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'), - is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') + is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') )) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('apiKey=testOrgToken')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productName=testProductName')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productToken=testProductToken')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productVersion=1.2.3')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('projectName=com.sap.node.test-node')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('userKey=token-0815')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productToken=testProductToken')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1.2.3')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=com.sap.node.test-node')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815')) } @Test @@ -259,13 +259,14 @@ class WhitesourceExecuteScanTest extends BasePiperTest { productName : 'SHC - Piper', configFilePath : './../../testConfigPath', file : 'package.json', - juStabUtils : utils + juStabUtils : utils, + orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0' ]) assertThat(shellRule.shell, Matchers.hasItems( is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.jar'), is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'), - is('./bin/java -jar wss-unified-agent.jar -c \'./../../testConfigPath.092aaffe7a79d11da13593b63b929754\' -userKey \'token-0815\' -product \'SHC - Piper\'') + is('./bin/java -jar wss-unified-agent.jar -c \'./../../testConfigPath.2766cacc0cf1449dd4034385f4a9f0a6fdb755cf\' -apiKey \'b39d1328-52e2-42e3-98f0-932709daf3f0\' -userKey \'token-0815\' -product \'SHC - Piper\'') )) } @@ -299,19 +300,19 @@ class WhitesourceExecuteScanTest extends BasePiperTest { assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'python:3.7.2-stretch')) assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/python')) - assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config 420a1bc5c82f57e80307205d8625304f'])) + assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3'])) assertThat(shellRule.shell, Matchers.hasItems( is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.jar'), is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'), - is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') + is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') )) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('apiKey=testOrgToken')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productName=testProductName')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('userKey=token-0815')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productVersion=1.2.3')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('projectName=test-python')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1.2.3')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=test-python')) } @Test @@ -345,18 +346,18 @@ class WhitesourceExecuteScanTest extends BasePiperTest { assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'hseeberger/scala-sbt:8u181_2.12.8_1.2.8')) assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/scala')) - assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config 420a1bc5c82f57e80307205d8625304f'])) + assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3'])) assertThat(shellRule.shell, Matchers.hasItems( is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/raw/master/standAlone/wss-unified-agent.jar'), - is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') + is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'') )) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('apiKey=testOrgToken')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productName=testProductName')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('userKey=token-0815')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('productVersion=1.2.3')) - assertThat(writeFileRule.files['./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f'], containsString('projectName=com.sap.sbt.test-scala')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1.2.3')) + assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=com.sap.sbt.test-scala')) } @Test @@ -386,7 +387,7 @@ class WhitesourceExecuteScanTest extends BasePiperTest { productName : 'testProductName' ]) - assertThat(shellRule.shell[0], is('java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.420a1bc5c82f57e80307205d8625304f\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\' testParams')) + assertThat(shellRule.shell[0], is('java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\' testParams')) } @Test @@ -435,7 +436,8 @@ class WhitesourceExecuteScanTest extends BasePiperTest { productName : 'SHC - Piper', buildDescriptorExcludeList : ["maven2${File.separator}pom.xml".toString(), "npm2${File.separator}package.json".toString()], reporting : true, - juStabUtils : utils + juStabUtils : utils, + orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0' ]) assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor')) @@ -494,7 +496,8 @@ class WhitesourceExecuteScanTest extends BasePiperTest { productName : 'SHC - Piper', buildDescriptorExcludeList : ["maven2${File.separator}pom.xml".toString()], juStabUtils : utils, - parallelLimit : 3 + parallelLimit : 3, + orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0' ]) assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor')) @@ -556,7 +559,8 @@ class WhitesourceExecuteScanTest extends BasePiperTest { scanType : 'mta', productName : 'SHC - Piper', buildDescriptorExcludeList : "maven2${File.separator}pom.xml", - juStabUtils : utils + juStabUtils : utils, + orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0' ]) assertThat(parallelMap.keySet(), hasSize(4)) diff --git a/vars/whitesourceExecuteScan.groovy b/vars/whitesourceExecuteScan.groovy index fd296b72a..54deceb96 100644 --- a/vars/whitesourceExecuteScan.groovy +++ b/vars/whitesourceExecuteScan.groovy @@ -73,9 +73,6 @@ void call(Map parameters = [:]) { .dependingOn('scanType').mixin('dockerImage') .dependingOn('scanType').mixin('dockerWorkspace') .dependingOn('scanType').mixin('stashContent') - .dependingOn('scanType').mixin('agentDownloadUrl') - .dependingOn('scanType').mixin('agentFileName') - .dependingOn('scanType').mixin('agentParameters') .withMandatoryProperty('orgToken') .withMandatoryProperty('userTokenCredentialsId') .withMandatoryProperty('productName')