jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-03-05 15:15:44 +02:00
Code Issues Releases Activity
3,605 Commits 113 Branches 474 Tags
Commit Graph

32 Commits

Author SHA1 Message Date
Sven Merk
7b553e1e9a
fix(fortifyExecuteScan): Address module interdependencies (#2938) 
* Make sure artifacts go to local repo

* Just package

* Fix test

* Try out silent mode

* Try fail at end

* Bring resilience back

* Follow new strategy

* Fix test
 2021-06-28 12:40:20 +02:00
Sven Merk
e94cbb0840
Revert "fix(fortifyExecuteScan): Support MTA interdepedencies (#2916)" (#2937) 
This reverts commit f7bc9560582abf8af2508f3897f8ca0b6da6451e.
 2021-06-23 17:20:15 +02:00
larsbrueckner
61fe88e199
Add "toolrecord" files to Fortify, Checkmarx, Protecode and Whitesource results (#2929) 
* Toolrecord framework -
provide a common entry point for post processing code scan results

Changes to be committed:
	new file:   pkg/toolrecord/REAMDE_toolrecord.md
	new file:   pkg/toolrecord/toolrecord_main.go
	new file:   pkg/toolrecord/toolrecord_test.go

* Add toolrecord file to Checkmarx results
modified:   cmd/checkmarxExecuteScan.go

* Add toolrecord file to Fortify results
	modified:   cmd/fortifyExecuteScan.go

* Add toolrecord file to Whitesource results
modified:   cmd/whitesourceExecuteScan.go

* unset umask (#2927)

* (feat) adds error logging output for downloading reports from whitesource (#2928)

* Add toolrecord file to Protecode results

* address code climate findings (1/2)

* address codeclimate findings (2/2)

* add comments to all methods

Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
 2021-06-23 15:05:00 +02:00
Sven Merk
f7bc956058
fix(fortifyExecuteScan): Support MTA interdepedencies (#2916) 
* Make sure artifacts go to local repo

* Just package

* Fix test
 2021-06-23 11:55:34 +02:00
Sven Merk
07b90dc10b
fix(fortifyExecuteScan): Throw error on classpath detection issues (#2876) 
* Update fortifyExecuteScan.go

* Raise error to the top level

* Update fortifyExecuteScan.go

* Update fortifyExecuteScan.go

* Fix code and test

* Add tests

* Fix test

* Last attempt
 2021-06-16 08:15:41 +02:00
Sven Merk
a43f46465a
feat(fortifyExecuteScan): HTML report for Fortify (#2879) 
* Tune test

* Fix report implementation

* Fix tests

* Fix values

* Fix code and test

* Report writing fix

* Commit generated sources

* Update cmd/fortifyExecuteScan.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Externalize report generation

* Fix fmt

* Fix fmt 2

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
 2021-06-15 14:53:42 +02:00
Sven Merk
03b5a9aaec
Fix handling of undefined buildTool values (#2719) 
* Fix handling of undefined buildTool values

* Fix fmt
 2021-03-25 09:59:49 +01:00
Sven Merk
d52a1a3619
Influx step execution reporting (#2700) 
* Influx step execution reporting

* influx for newmanExecute added

Co-authored-by: lndrschlz <leander.schulz01@sap.com>
 2021-03-18 10:32:03 +01:00
Sven Merk
e1ea56076f
Http improve retry on timeouts (#2681) 
* Add sca cmd extensibility

* Fix formatting

* HTTP retry

* Improve handling of retry on timeout

* Go fmt

* Fix test

* Fix test

* Test stability

* Fix test

* Fix test

* Fix test

* Update fortifyExecuteScan.go
 2021-03-09 13:41:07 +01:00
Sven Merk
afdc726a01
Fortify cmd parameters for scan (#2680) 
* Add sca cmd extensibility

* Fix formatting
 2021-03-09 13:16:21 +01:00
Sven Merk
84df77732c
fortifyExecuteScan: Pull request version not considered on upload (#2668) 2021-03-04 09:34:05 +01:00
Sven Merk
d2eb2877e0
fortifyExecuteScan: Functional enhancements (#2647) 
* Improvements

* Formatting

* Fix test

* Update resources/metadata/fortify.yaml

Enhance description

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>

* Unify version handling with ws step

* Part 2

* go fmt

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2021-02-26 13:43:03 +01:00
shellmann
61c190bb2b
Install artifacts before Fortify scan (#2351) 
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
 2020-11-16 10:29:21 +01:00
Oliver Nocon
a70933bbd4
fortifyExecuteScan: improve error categorization (#2295) 
* fortifyExecuteScan: improve error categorization

* reset error category in success case
 2020-11-11 13:04:45 +01:00
Daniel Kurzynski
9a18489cc4
Refactor maven utils and add tests for install artifacts (#2318) 
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
 2020-11-10 17:14:55 +01:00
Sven Merk
9d737575aa
fortifyExecuteScan: Fix report download (#2244) 
* Fix report download

* Update fortifyExecuteScan.go

* Update fortifyExecuteScan_test.go

* Update fortify.go

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2020-10-27 13:12:31 +01:00
Oliver Nocon
d0f987c7b5
fortifyExecuteScan: increase timeout (#2240) 
fixes #2183
 2020-10-27 11:11:53 +01:00
Christopher Fenner
86af3efcfe
fix(influx): adjust influx field types for fortify (#2219) 
* adjust influx field types

* fix test case

* simplify type conversion
 2020-10-22 11:40:42 +02:00
Sven Merk
58b6c04cd2
Update fortifyExecuteScan.go (#2093) 
* Update fortifyExecuteScan.go

* Update fortifyExecuteScan.go

* Docs are lying

Checked the API which returns a status similar to that of artifact

* Update fortifyExecuteScan_test.go
 2020-09-29 18:26:16 +02:00
Sven Merk
612d3a645b
Support verify only mode for SAST tools (#2018) 
* Support verify only mode for SAST

* Include feedback

* Add tests

* Fix imports
 2020-09-18 08:19:34 +02:00
Oliver Nocon
eef3bcde60
Add step for GitHub branch protection check (2) (#2016) 
* add step for GitHub branch protection check

* add command to piper command

* remove unnecessary parameter

* Update resources/metadata/githubbranchprotection.yaml

* add groovy part

* update generation & go mod tidy

* update groovy tests

* fix bug with go-github version

* Add step to check GitHub branch protection settings

* include PR review feedabck

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
 2020-09-14 12:05:12 +02:00
Oliver Nocon
d68e466c28
Revert "Add step for GitHub branch protection check (#2010)" (#2014) 
This reverts commit f1cfca2e7660ecfe3d53f55a619e6256ad48c416.
 2020-09-11 18:56:51 +02:00
Oliver Nocon
f1cfca2e76
Add step for GitHub branch protection check (#2010) 
* add step for GitHub branch protection check

* add command to piper command

* remove unnecessary parameter

* Update resources/metadata/githubbranchprotection.yaml

* add groovy part

* update generation & go mod tidy

* update groovy tests

* fix bug with go-github version

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
 2020-09-11 15:28:43 +02:00
Stephan Aßmus
54444c7e33
fortifyExecuteScan: Fix polling project status (#1908) 2020-08-11 15:29:00 +02:00
Stephan Aßmus
b8f5fd9b28
fortifyExecuteScan: Pass on maven options to versioning (#1895) 2020-08-07 10:31:15 +02:00
Oliver Nocon
d8553ab53d
detectExecuteScan: update versioning (#1845) 
* detectExecuteScan: update versioning

align with Fortify to also use the same versioning model by default.

* fix CodeClimate findings
 2020-07-27 12:01:59 +02:00
Daniel Kurzynski
0222bf83d1
Run npm scripts in virtual frame buffer and extend command.go to run executable asynchronously (#1669) 
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
 2020-06-16 11:42:51 +02:00
Daniel Kurzynski
cf9a41850e
Needed CLI separator for Fortify tools depends on platform (#1616) 
* Update fortify.yaml
* src, exclude and pythonAdditionalPaths are now lists of strings
* Re-implement pythonIncludes and pythonExcludes as aliases of src and exclude
* Fix using the correct separator (; on windows, : on everything else)
* Tokenize also python "includes"
* mvnCustomArgs was removed

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
 2020-06-02 13:47:07 +02:00
Stephan Aßmus
a24a7aad23
Fortify: Using mvn to auto-resolve classpath needs additional params (#1607) 
* also reduce code duplication in token fetching
* concatenate classpaths from multi-maven projects

Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
 2020-05-29 15:42:35 +02:00
Daniel Kurzynski
0a4309a2c2
Add build project name (#1610) 
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
 2020-05-28 10:45:06 +02:00
Florian Wilhelm
0857c9a3c6
Allow custom options for src, exclude in fortify translate (#1592) 
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Kevin Hudemann <kevin.hudemann@sap.com>
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
 2020-05-27 11:45:01 +02:00
Sven Merk
af2a01c064
Fortify implementation in golang (#1428) 2020-05-25 19:48:59 +02:00