sap-jenkins-library

mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00

Author	SHA1	Message	Date
Sven Merk	f06890a9b2	SARIF format and GHIssue format improvements (#3646 ) * Improve reporting * Fix location * Align casing * Fix severity mapping * Fix format * Improve title * Title format * Fix severity * Align title * Fix schema reference * Fix schema reference * Fix fmt * Fix fmt2 * Fix tests * fix(sarif): proper handling of omitempty in SnippetSarif * fix(fortifyExecuteScan): sarif format version * Addressing comments * Fix SARIF * fix(sarif): omitempty handling * fix(fortifyExecuteScan): pointer indirection * Added TODOs for audit data Co-authored-by: Xavier Goffin <x.goffin@sap.com> Co-authored-by: xgoffin <86716549+xgoffin@users.noreply.github.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2022-03-22 14:47:19 +01:00
Sven Merk	c30e93bc6a	feat(detectExecuteScan): SARIF export and GH issue creation (#3637 ) * Added SARIF and GH issue creation	2022-03-17 15:32:48 +01:00
Sven Merk	a1988f6808	feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535 ) * Add GH issue creation + SARIF * Code cleanup * Fix fmt, add debug * Code enhancements * Fix * Added debug info * Rework UA log scan * Fix code * read UA version * Fix nil reference * Extraction * Credentials * Issue creation * Error handling * Fix issue creation * query escape * Query escape 2 * Revert * Test avoid update * HTTP client * Add support for custom TLS certs * Fix code * Fix code 2 * Fix code 3 * Disable cert check * Fix auth * Remove implicit trust * Skip verification * Fix * Fix client * Fix HTTP auth * Fix trusted certs * Trim version * Code * Add token * Added token handling to client * Fix token * Cleanup * Fix token * Token rework * Fix code * Kick out oauth client * Kick out oauth client * Transport wrapping * Token * Simplification * Refactor * Variation * Check * Fix * Debug * Switch client * Variation * Debug * Switch to cert check * Add debug * Parse self * Cleanup * Update resources/metadata/whitesourceExecuteScan.yaml * Add debug * Expose subjects * Patch * Debug * Debug2 * Debug3 * Fix logging response body * Cleanup * Cleanup * Fix request body logging * Cleanup import * Fix import cycle * Cleanup * Fix fmt * Fix NopCloser reference * Regenerate * Reintroduce * Fix test * Fix tests * Correction * Fix error * Code fix * Fix tests * Add tests * Fix code climate issues * Code climate * Code climate again * Code climate again * Fix fmt * Fix fmt 2 Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2022-02-23 09:30:19 +01:00
Sven Merk	f655033442	Add retry capability on sporadic WhiteSource error 3000 (#3183 ) * fix backslash mess * Added retry on error 3000 * Fix fmt * Fix check on error message	2021-10-21 09:37:41 +02:00
Oliver Nocon	b9cd425091	fix(whitesource) proper error message when tokens are not found (#2786 )	2021-04-23 11:33:10 +02:00
Oliver Nocon	d47a17c8fc	feat(whitesource): consolidated reporting and versioning alignment (#2571 ) * update reporting and add todo comments * enhance reporting, allow directory creation for reports * properly pass reports * update templating and increase verbosity of errors * add todo * add detail table * update sorting * add test and improve error message * fix error message in test * extend tests * enhance tests * enhance versioning behavior accoring to #1846 * create markdown overview report * small fix * fix small issue * make sure that report directory exists * align reporting directory with default directory from UA * add missing comments * add policy check incl. tests * enhance logging and tests * update versioning to allow custom version usage properly * fix report paths and golang image * update styling of md * update test	2021-02-10 16:18:00 +01:00
Stephan Aßmus	86f335811c	whitesourceExecuteScan-go: Implement parameters "timeout", "createProductFromPipeline" (#2246 )	2020-10-29 09:21:01 +01:00
Stephan Aßmus	33e6e13787	Refactor whitesourceExecuteScan, fix polling, error handling (#2036 )	2020-09-18 11:54:45 +02:00
Jordan Levin	34967c502c	Whitesource scan (MVP) (#1658 ) * Whitesource MVP for Gradle, Golang, and NPM/Yarn * Refactoring * Refactor and cleanup, better error checking * publish stepResults, use pkg/versioning, bubble up errors, add gomod versioning support * Run gofmt and cleanup comments * Resolve PR comments * Update resources/metadata/whitesource.yaml Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> * Only determine project coordinates if they are missing Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> * Gradle versioning artifact * fix gradle artifact version regexp and refactor * Fix token extraction from output buffer * Fix some issues with pip and jsonfile versioning logic * Remove useless spacing * Remove unnecessary test file and fix naming style for JSONDescriptor * Automatically download wss-unified-agent if file does not exist * adds downloadVulnerabilityReport, checkSecurityViolations, minor refactoring * adds config.ReportDirectoryName, improves readability * Version-wide reporting for vulnerabilities and list of libraries. * Refactor and improve build accuracy * fix sed command * Add includes file pattern config option * Adds --exclude command line flag * run go mod tidy and regenerate step framework * Fix unit tests * revert changes * poll project status before downloading reports * merge with master * go mod tidy, go fmt, and fix whitesource unit test * sync go.mod * sync go.mod again Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2020-07-01 07:54:13 +02:00
Oliver Nocon	243d196283	Add package for whitesource (#1577 )	2020-05-26 17:30:45 +02:00

10 Commits