larsbrueckner
1e4b88a6f8
detectExecuteScan: fix toolrun data ( #4366 )
2023-05-17 17:21:03 +05:30
Srinikitha Kondreddy
a76b20f09f
Upgrade sonar scanner cli image version to 4.8 ( #4362 )
...
* Uprade sonar scanner cli version to 4.8
* Update download url
2023-05-17 09:24:27 +02:00
Srinikitha Kondreddy
1d78ef35d4
Add proxy config to sonar scan step ( #4333 )
...
* Add proxy config for sonar scan step
Update sonar.go
Import fmt
Update sonar.go
Use serverUrl from config
Update sonarExecuteScan.go
Add proxy param
Add proxy check
Update sonarExecuteScan.go
Update sonarExecuteScan.go
Update http.go
Update sonarExecuteScan.go
Update sonarExecuteScan.go
Add env variable
Fix typo
Fix string
Split host port
Typo
Remove echoes
* Code review change
* Refactor
* Update cmd/sonarExecuteScan.go
Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>
* Add proxy config for sonar scan step
Update sonar.go
Import fmt
Update sonar.go
Use serverUrl from config
Update sonarExecuteScan.go
Add proxy param
Add proxy check
Update sonarExecuteScan.go
Update sonarExecuteScan.go
Update http.go
Update sonarExecuteScan.go
Update sonarExecuteScan.go
Add env variable
Fix typo
Fix string
Split host port
Typo
Remove echoes
* Code review change
* Refactor
* Update cmd/sonarExecuteScan.go
Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>
* Add compatability to other usecases
---------
Co-authored-by: dimitrij-afonitschkin <131276293+dimitrij-afonitschkin@users.noreply.github.com>
2023-05-16 09:31:33 +02:00
thtri
659cf9f988
Checkmarx/CheckmarxOne: update include/exclude stash file patterns ( #4358 )
...
* feat(checkmarxOne): add default file patterns for stash
* fix(checkmarx): add missing stash file patterns
* fix(checkmarx-checmarxOne): support TypeScript (issue #3073 )
2023-05-15 10:42:11 +02:00
Ashly Mathew
00f376d757
fix(npm) use npm install for cyclonedx ( #4357 )
2023-05-11 14:32:39 +02:00
Ashly Mathew
f476e8ddce
fix(npm): Update npm cyclonedx/bom to cyclonedx-npm ( #4342 )
...
* fix(npm): Update npm cycloneDx to cyclonedx-npm
* Remove --no-validate and fix ut
* remove global
* Change to npm
* Apply suggestions from code review
---------
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2023-05-11 09:55:54 +02:00
Ralf Pannemans
019ef17fd7
feat(helmExecute): Allow custom delimiter ( #4312 )
...
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
Co-authored-by: Jan von Loewenstein <jan.von.loewenstein@sap.com>
2023-05-08 16:24:24 +02:00
Daria Kuznetsova
7de6f38d98
fix(codeqlExecuteScan): fixed regexp pattern to correctly parse ssh url ( #4349 )
2023-05-05 18:57:47 +02:00
Pavel Busko
35a55044b4
Add renderSubchartNotes property to helmExecute and kubernetesDeploy ( #4238 )
...
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
2023-05-05 14:23:11 +02:00
michaelkubiaczyk
d12f01d90f
Adding support for CheckmarxOne platform ( #4317 )
...
* Initial in progress
* compiling but not yet functional
* Missed file
* updated checkmarxone step
* Working up to fetching a project then breaks
* Missed file
* Breaks when retrieving projects+proxy set
* Create project & run scan working, now polling
* Fixed polling
* added back the zipfile remove command
* Fixed polling again
* Generates and downloads PDF report
* Updated and working, prep for refactor
* Added compliance steps
* Cleanup, reporting, added groovy connector
* fixed groovy file
* checkmarxone to checkmarxOne
* checkmarxone to checkmarxOne
* split credentials (id+secret, apikey), renamed pullrequestname to branch, groovy fix
* Fixed filenames & yaml
* missed the metadata_generated.go
* added json to sarif conversion
* fix:type in new checkmarxone package
* fix:type in new checkmarxone package
* removed test logs, added temp error log for creds
* extra debugging to fix crash
* improved auth logging, fixed query parse issue
* fixed bug with group fetch when using oauth user
* CWE can be -1 if not defined, can't be uint
* Query also had CweID
* Disabled predicates-fetch in sarif generation
* Removing leftover info log message
* Better error handling
* fixed default preset configuration
* removing .bat files - sorry
* Cleanup per initial review
* refactoring per Gist, fixed project find, add apps
* small fix - sorry for commit noise while testing
* Fixing issues with incremental scans.
* removing maxretries
* Updated per PR feedback, further changes todo toda
* JSON Report changes and reporting cleanup
* removing .bat (again?)
* adding docs, groovy unit test, linter fixes
* Started adding tests maybe 15% covered
* fix(checkmarxOne): test cases for pkg and reporting
* fix(checkmarxOne):fix formatting
* feat(checkmarxone): update interface with missing method
* feat(checkmarxone):change runStep signature to be able to inject dependency
* feat(checkmarxone): add tests for step (wip)
* Adding a bit more coverage
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix code review
* feat(checkmarxOne): fix integration test PR
---------
Co-authored-by: thtri <trinhthanhhai@gmail.com>
Co-authored-by: Thanh-Hai Trinh <thanh.hai.trinh@sap.com>
2023-05-05 14:05:58 +02:00
Vyacheslav Starostin
a84bba9030
fix(containerPushToRegistry): add new --multi-arch=all flag to skopeo ( #4347 )
...
* Fix
* Fix
2023-05-04 17:52:45 +06:00
Vyacheslav Starostin
dda575a9f0
feat(containerPushToRegistry): add new --multi-arch=all flag to skopeo ( #4346 )
...
* Add --multi-arch=all
* Fix tests
2023-05-04 14:42:56 +06:00
Ashly Mathew
ca74be10ad
Change maven schema version to 1.4 ( #4337 )
2023-05-04 10:29:32 +02:00
Christopher Fenner
56c12a6f5f
feat(karma): add verbose logging for karma ( #4340 )
...
* feat(karma): add verbose logging for karma
* Update karmaExecuteTests_test.go
* Update karmaExecuteTests.go
* Update karmaExecuteTests.go
* fmt
* correct test case
2023-05-04 09:38:23 +02:00
Jk1484
ffc931aad1
feat(golangBuild): use 'unit' build tag to include tests during test execution ( #4345 )
...
* Added unit tag as argument. Added description to runTests command. Changed code generator to have unit build tag in generated unit test files.
* Added unit build tag to all unit test files.
* added to new unit test unit build tag
* Update verify-go.yml
* small fix
---------
Co-authored-by: Muhammadali Nazarov <Muhammadali.Nazarov@acronis.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2023-05-03 21:02:11 +05:00
sumeet patil
70ed56b22d
fix(codeqlExecuteScan): checkForComplaince flag refactoring ( #4344 )
2023-05-03 12:29:04 +02:00
Alexander Link
70b09d6868
Improve error message for integrationArtifactGetServiceEndpoint ( #4341 )
2023-05-02 16:34:24 +02:00
SiarheiKrystseu
fbb27b2b6d
DESS-1710: modified WaitForBuildToFinish function ( #4270 )
...
* DESS-1710: modified WaitForBuildToFinish function - added exception handling
* DESS-1710: fixed parameters in WaitForBuildToFinish
* DESS-1710: added error handling in WaitForBuildToFinish
* DESS-1710: formatted build.go
* DESS-1710: fixed error logging
* DESS-1710: fixed Poll retrying
* DESS-1710: renamed WaitForBuildToFinish
* DESS-1710: refactored WaitForBuildToFinish
* DESS-1710: changed maxRetries to 4 attempt
* DESS-1710: fixed error handling
---------
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Ashly Mathew <ashly.mathew@sap.com>
2023-05-02 09:58:41 +02:00
sumeet patil
6dad124367
feat(codeqlExecuteScan): CodeQL compliance report and check ( #4335 )
...
* CodeQL compliance report and check
* fix test cases
---------
Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com>
2023-04-28 15:47:05 +02:00
Ashly Mathew
58e9344eb0
Add description to long description for gradle step ( #4336 )
2023-04-27 09:09:52 +02:00
Anil Keshav
17c9f5ca65
feat (kuberenetesDeploy) allow adding a timeout to the helm test commands ( #4310 )
...
* adding a timeout for helm test
* extending test cases
* Upadate the helmTestWaitSeconds parameter
* Add timeout parameter for helm test command
* Update tests
---------
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
2023-04-24 18:58:24 +06:00
kamil7108
54d543a2c3
A retry has been added to the curl that downloads the piper ( #4315 )
...
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2023-04-24 10:26:50 +02:00
Ashly Mathew
01cfb07d15
feat(gradle): Support for more than one task/flags ( #4329 )
...
* feat(gradle) support task list
* Change parameter name to buildFlags to align with other piper steps'
2023-04-24 09:09:31 +02:00
Maurice Breit
52944953eb
docs: add ascAppUpload ( #4330 )
2023-04-18 16:50:15 +02:00
Pavel Busko
5d8e89b08a
feat(cnbBuild): use SHA256 hashed values for redacted telemetry properties ( #4328 )
...
* feat(cnbBuild): use SHA256 hashed values for redacted telemetry properties
* update unit tests
2023-04-18 09:10:38 +02:00
Maurice Breit
4f4e667797
add ascAppUpload step ( #4286 )
...
* add ascAppUpload step
add step that uploads an app binary to Application Support Center (ASC)
* re-run go generate
* fix typo in CODEOWNERS
* Update CODEOWNERS
2023-04-18 08:56:32 +02:00
Jordi van Liempt
e3935ca088
feat(vault): Vault secret rotation for GH Actions ( #4280 )
...
* rotate Vault secret on GH Actions
* test alternative sodium package
* try doing it without libsodium
* disable validity check for testing purposes
* basic unit test
* re-enable secret validity check
* tidy
* tidy parameters
* forgot to update param names in code
* apply review feedback
* improve error logging
* update step metadata
* apply metadata suggestion from review
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* align githubToken param
* Fix secretStore
* Add alias for githubToken
* Move logic to separate file
---------
Co-authored-by: I557621 <jordi.van.liempt@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
2023-04-17 08:35:13 +02:00
Akramdzhon Azamov
f9617f5315
feat(blackduck): Npm extra parameters ( #4327 )
...
* added two new parameters for npm
---------
Co-authored-by: Andrei Kireev <andrei.kireev@sap.com>
2023-04-13 12:10:26 +02:00
Christopher Fenner
99603cdee9
chore(tests): correct test assertions ( #4276 )
2023-04-11 23:15:00 +02:00
gerstneralex
fd61f34ec2
Activate go implementation of tmsUpload ( #4308 )
...
* Activate go implementation
* Add unstash
* Comment some when conditions
* Remove unstash
* Print config parameter
* Add useGoStep parameter
* Uncomment when conditions
* Add traces
* Remove traces
* Remove useGoStep from metadata
* remove trace
* Add comment
* namedUser handling
2023-04-06 10:09:57 +02:00
tiloKo
126fbbcc69
reduce Log Output (Info -> Debug) ( #4322 )
...
Co-authored-by: ffeldmann <f.feldmann@sap.com>
2023-04-06 08:31:22 +02:00
tiloKo
a2c0f89222
remove obscuring log output ( #4320 )
2023-04-05 15:39:56 +02:00
Christopher Fenner
bee1ffe4f1
feat(golangBuild): create test report json file ( #4306 )
...
* feat(golangBuild): create test report json file
* Update golangBuild_test.go
* Update golangBuild_test.go
* Update integration_golang_test.go
* Update integration_golang_test.go
* Update golangBuild.go
* rename test files
* rename
2023-04-05 15:07:54 +02:00
Daria Kuznetsova
47c5a16cc0
fix(codeqlExecuteStep): parsing git url with dots in repo name ( #4318 )
...
* change regexp to parse repo URL with dots in repo name
* added regex to cut off username and token from URL & added test cases
2023-04-04 21:16:15 +02:00
Marco Rosa
6b18448124
Add credentialdiggerScan step ( #4141 )
...
* Add credentialdiggerScan metadata
* Integrate new step into piper process
* Add credentialdiggerScan implementation and tests
* Remove duplicated code
* Add doc file for credentialdiggerScan step
* Regenerate metadata
* Fix return type in tests
* Add credentialdiggerScan to CommonStepsTest
* Fix typo
* Improve code style
* Add support for custom rules file in stash
* Regenerate metadata for credentialdiggerScan
---------
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
2023-04-04 16:57:15 +02:00
larsbrueckner
489adaaf99
Blackduck toolrecord file: add Blackduck projectVersion name and href ( #4303 )
...
* Blackduck toolrecord file: add Blackduck projectVersion name and href
* fix codestyle
* fix build error
2023-04-04 14:17:13 +02:00
Daniel Mieg
7147209e3e
Improve logging for ABAP steps ( #4316 )
...
* Fix logs
* Increase number of entries
2023-04-04 12:46:03 +02:00
Daniel Mieg
549b32c675
Adapt to backend API changes ( #4309 )
...
* Remove legacy logging
* Implement new requests
* Improve Tests
* Adapt tests
* Refactor
* Fix tests
2023-03-31 15:26:38 +02:00
Pavel Busko
81d9a0ac8c
feat(cnbBuild): support Vault general purpose secrets as a binding content source ( #4281 )
...
* feat(cnbBuild): support Vault general purpose secrets as a binding content source
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* fix npm project integration test
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
---------
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Sumit Kulhadia <sumit.kulhadia@sap.com>
2023-03-31 09:36:59 +02:00
Anke Ravalitera
ba58d72022
Update texts of gCTS steps and scenario for SSL and queryP ( #4282 )
...
* Update texts of gCTS steps and scenario for SSL and queryP
* delete a trailing space
2023-03-29 12:31:27 +02:00
Andrei Kireev
ba761f0fc4
fix(detectExecuteScan): Fixed issue with duplication of parameters when specifying them in scanProperties ( #4304 )
...
* Fixed issue with duplication of parameters search.depth/search.continue/excluded.directories
2023-03-28 09:10:54 +02:00
Vyacheslav Starostin
d6e72995b0
githubPublishRelease: fix the link which points to changes between the last release and the new one ( #4296 )
2023-03-27 21:39:46 +06:00
gerstneralex
f5c33d51bb
Tms export ( #4160 )
...
* Change parameter type of nodeExtDescriptorMapping
(cherry picked from commit ca7ce0485a9821915b33c362681e4553a90aabb5
2023-03-27 16:55:29 +02:00
Oliver Feldmann
92a782a6c3
[Integration Suite] Store response in CPE ( #4277 )
...
* Store response body in CPE
* Also store response headers in CPE
2023-03-27 14:34:59 +00:00
Andrei Kireev
e55c2f857c
feat(detectExecuteScan) enabling possibility to scan MTA projects ( #4300 )
...
* feat(detectExecuteScan) enabling possibility to scan MTA projects
2023-03-27 10:42:39 +02:00
Marcus Holl
d76246d781
dockerExecuteOnKubernetes: return result of body closure ( #4301 )
2023-03-27 09:42:04 +02:00
Marcus Holl
b0f578a5a9
dockerExecuteOnKubernetes: log the first two level of the file system in verbose mode ( #4293 )
2023-03-23 09:27:13 +01:00
sumeet patil
d5d486ae3f
docs(codeqlExecuteScan): Improve codeqlExecuteScan githubToken docs ( #4292 )
2023-03-22 18:14:04 +05:30
Ashly Mathew
60f9d55bda
Add Step scope for mavenBuild ( #4291 )
2023-03-21 14:17:07 +01:00
Oliver Nocon
7c4262b0c6
chore (containerExecuteStructureTests): switch default container ( #4288 )
2023-03-21 08:06:22 +01:00
