* feat(npmExecuteScripts): added option to skip installing dev. deps.
* added unit tests
* setting of OpenFile function for local testing
---------
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
* Include createBOM flag in MTA build
* Uncomment bom creation
* Changed sbom path
* Changed source path
* Reverted source path and included folder path to bom
* Test docker image
* Test docker image
* sbom name change
* Removed the redundent log
* Add CertificateDownload func to certutils package
* Add customTlsCertificateLinks param for artifactPrepareVersion
* Add the possibility to provide custom certs for artifactPrepareVersion
* Update tests
* Return back build flags
* Return back build flags
* Update pkg/certutils/certutils.go
Apply suggestion from code review
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
---------
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* enabling publish to only publish sub packages
* changing directory and then coming back to original after the publish runs
* searching the glob tar and npmrc in the current directory
* excluding build descriptor check and addtional target tool check
* changing the npm pack before publish to run only in sub packages
* removing commented code clean up
* adding the correct npm pack
* improve logging
* fix error handling and a bit style fix
* fix unit tests
* remove commented lines
* respecting build descriptor list when provided
* improve docu for the step param
* fixing linting issues
* improve docu
---------
Co-authored-by: Gulom Alimov <gulomjon.alimov@sap.com>
Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com>
* added logic of fetching golang private packages for whitesource step and detectExecuteScan step
* changed logic of checking by config.PrivateModulesGitToken
* moved func prepareGolangPrivatePackages to golangBuild.go
* fix (gitOpsUpdateDeployment) add CA bundle options to plain clone and commit to trust enterprise github instances (#4602)
* downloading ca cert bundle when added as config
* adding logging statements
* allowing bats test to handle ca cert
* adding info message
* hard coding file names
* including correct http client util bundle
* removing logging message not needed
* adding cert bundle to commit and push
* improving the condition to add ca cert in commit and push
* fixing unit test
* fixing unit test
* fixing unit test
* fixing unit test
* fixing unit test
* feat(kanikoExecute): add dockerfilePath param to multipleImages (#4569)
* add containerDockerfilePath param to multipleImages
* rename ContainerDockerfilePath param to DockerfilePath
* Fix trailing spaces
---------
Co-authored-by: Egor Balakin <egor.balakin@sap.com>
Co-authored-by: Vyacheslav Starostin <32613074+vstarostin@users.noreply.github.com>
* fix(helm): forward sourceRepositoryCredentialsId from groovy to go layer (#4604)
forward sourceRepositoryCredentialsId from groovy to go layer in the same way how this is done for the targetRepositoryCredentialsId
* feat(config): exporting generateConfig function and applying minor changes (#4605)
* exporting generateConfig function and applying minor changes
* Added setConfigOptions to set configOptions variable.
Added possibility to set format output, json or yaml for now.
* Correcting mistake on cmd/getDefaults.go
Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com>
---------
Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com>
* moved func prepareGolangPrivatePackages to pkg/golang
---------
Co-authored-by: Akramdzhon Azamov <MY_NAME@example.com>
Co-authored-by: Andrei Kireev <andrei.kireev@sap.com>
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
Co-authored-by: Egor Balakin <14162703+m1ron0xFF@users.noreply.github.com>
Co-authored-by: Egor Balakin <egor.balakin@sap.com>
Co-authored-by: Vyacheslav Starostin <32613074+vstarostin@users.noreply.github.com>
Co-authored-by: Marcus Holl <marcus.holl@sap.com>
Co-authored-by: Jk1484 <35270240+Jk1484@users.noreply.github.com>
Co-authored-by: Jordi van Liempt <35920075+jliempt@users.noreply.github.com>
* downloading ca cert bundle when added as config
* adding logging statements
* allowing bats test to handle ca cert
* adding info message
* hard coding file names
* including correct http client util bundle
* removing logging message not needed
* adding cert bundle to commit and push
* improving the condition to add ca cert in commit and push
* fixing unit test
* fixing unit test
* fixing unit test
* fixing unit test
* fixing unit test
Add option to opt out from helm template parsing
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
Co-authored-by: Alexander Link <33052602+alxsap@users.noreply.github.com>
* Initial in progress
* compiling but not yet functional
* Missed file
* updated checkmarxone step
* Working up to fetching a project then breaks
* Missed file
* Breaks when retrieving projects+proxy set
* Create project & run scan working, now polling
* Fixed polling
* added back the zipfile remove command
* Fixed polling again
* Generates and downloads PDF report
* Updated and working, prep for refactor
* Added compliance steps
* Cleanup, reporting, added groovy connector
* fixed groovy file
* checkmarxone to checkmarxOne
* checkmarxone to checkmarxOne
* split credentials (id+secret, apikey), renamed pullrequestname to branch, groovy fix
* Fixed filenames & yaml
* missed the metadata_generated.go
* added json to sarif conversion
* fix:type in new checkmarxone package
* fix:type in new checkmarxone package
* removed test logs, added temp error log for creds
* extra debugging to fix crash
* improved auth logging, fixed query parse issue
* fixed bug with group fetch when using oauth user
* CWE can be -1 if not defined, can't be uint
* Query also had CweID
* Disabled predicates-fetch in sarif generation
* Removing leftover info log message
* Better error handling
* fixed default preset configuration
* removing .bat files - sorry
* Cleanup per initial review
* refactoring per Gist, fixed project find, add apps
* small fix - sorry for commit noise while testing
* Fixing issues with incremental scans.
* removing maxretries
* Updated per PR feedback, further changes todo toda
* JSON Report changes and reporting cleanup
* removing .bat (again?)
* adding docs, groovy unit test, linter fixes
* Started adding tests maybe 15% covered
* fix(checkmarxOne): test cases for pkg and reporting
* fix(checkmarxOne):fix formatting
* feat(checkmarxone): update interface with missing method
* feat(checkmarxone):change runStep signature to be able to inject dependency
* feat(checkmarxone): add tests for step (wip)
* Adding a bit more coverage
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix integration test PR
* adding scan-summary bug workaround, reportgen fail
* enforceThresholds fix when no results passed in
* fixed gap when preset empty in yaml & project conf
* fixed another gap in preset selection
* fix 0-result panic
* fail when no preset is set anywhere
* removed comment
* initial project-under-app support
* fixing sarif reportgen
* some cleanup of error messages
* post-merge test fixes
* revert previous upstream merge
* fix:formatting
* fix(checkmarxOne):yamllint too many blank lines
* fix(checkmarxOne):unit test
* fix(checkmarxOne):generated code
---------
Co-authored-by: thtri <trinhthanhhai@gmail.com>
Co-authored-by: Thanh-Hai Trinh <thanh.hai.trinh@sap.com>
* enhancing protecode with registry credentials
* Use protecodeUtils instead of separate package
* Add target path for docker config to be created
* Fix tests
* Fix build flags
---------
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
Co-authored-by: Jan von Loewenstein <jan.von.loewenstein@sap.com>
* Initial in progress
* compiling but not yet functional
* Missed file
* updated checkmarxone step
* Working up to fetching a project then breaks
* Missed file
* Breaks when retrieving projects+proxy set
* Create project & run scan working, now polling
* Fixed polling
* added back the zipfile remove command
* Fixed polling again
* Generates and downloads PDF report
* Updated and working, prep for refactor
* Added compliance steps
* Cleanup, reporting, added groovy connector
* fixed groovy file
* checkmarxone to checkmarxOne
* checkmarxone to checkmarxOne
* split credentials (id+secret, apikey), renamed pullrequestname to branch, groovy fix
* Fixed filenames & yaml
* missed the metadata_generated.go
* added json to sarif conversion
* fix:type in new checkmarxone package
* fix:type in new checkmarxone package
* removed test logs, added temp error log for creds
* extra debugging to fix crash
* improved auth logging, fixed query parse issue
* fixed bug with group fetch when using oauth user
* CWE can be -1 if not defined, can't be uint
* Query also had CweID
* Disabled predicates-fetch in sarif generation
* Removing leftover info log message
* Better error handling
* fixed default preset configuration
* removing .bat files - sorry
* Cleanup per initial review
* refactoring per Gist, fixed project find, add apps
* small fix - sorry for commit noise while testing
* Fixing issues with incremental scans.
* removing maxretries
* Updated per PR feedback, further changes todo toda
* JSON Report changes and reporting cleanup
* removing .bat (again?)
* adding docs, groovy unit test, linter fixes
* Started adding tests maybe 15% covered
* fix(checkmarxOne): test cases for pkg and reporting
* fix(checkmarxOne):fix formatting
* feat(checkmarxone): update interface with missing method
* feat(checkmarxone):change runStep signature to be able to inject dependency
* feat(checkmarxone): add tests for step (wip)
* Adding a bit more coverage
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix integration test PR
---------
Co-authored-by: thtri <trinhthanhhai@gmail.com>
Co-authored-by: Thanh-Hai Trinh <thanh.hai.trinh@sap.com>
* Added unit tag as argument. Added description to runTests command. Changed code generator to have unit build tag in generated unit test files.
* Added unit build tag to all unit test files.
* added to new unit test unit build tag
* Update verify-go.yml
* small fix
---------
Co-authored-by: Muhammadali Nazarov <Muhammadali.Nazarov@acronis.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* adding a timeout for helm test
* extending test cases
* Upadate the helmTestWaitSeconds parameter
* Add timeout parameter for helm test command
* Update tests
---------
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
* add ascAppUpload step
add step that uploads an app binary to Application Support Center (ASC)
* re-run go generate
* fix typo in CODEOWNERS
* Update CODEOWNERS