* passing registry username and password
* enhance the case for creating docker config json with user credentials
* refactoring code
* unit test and maintaing user provided docker config json file
* go generate
* remove addtional file addition to unit test
Co-authored-by: anilkeshav27 <you@example.com>
* feat(cpe): provide go templating functions
* change type
* fix: type in test
* chore: add comment for exported function
* fix: ensure that custom returns string properly
* fix types and add tests
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
For running open source vulnerability scans in de-coupled processes
it is helpful to allow that steps only create
compliance reports to inform users/teams
but not fail the pipeline.
This can now be achieved constitently with the flag:
`failOnSevereVulnerabilities`
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Sets git reference and gitRemoteCommitId.
Jenkins has 2 strategies - 'Merging the pull request with the current target branch revision' and 'The current pull request revision'. When 'Merging the pull request with the current target branch revision' is run, Jenkins creates a local merge commit and runs a job for that particular merge commitId. This commitId is then used for codeql to upload sarif, on upload it throws an error as the merge commit does not exist in github. To resolve this we have introduces a new variable 'gitRemoteCommitId' in commonPipelineEnvironment which gives the remote merge commit id.
* Update abapEnvironmentPushATCSystemConfig.go
* Update abapEnvironmentPushATCSystemConfig.go
ATC Configuration - new fields
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Test - new attributes
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Tests 2
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Test 2
* Update abapEnvironmentPushATCSystemConfig_test.go
Unittest 3
Co-authored-by: Daniel Bernd <93763187+danManSAP@users.noreply.github.com>
* enable build without values
* add sap-client as option
* use function from /net/url to add parameters
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
* chore: cleanup linting issues in abap steps
* update
* do not break on errors during testing
* Fix warning
Co-authored-by: Daniel Mieg <daniel.mieg@sap.com>
* including comma seperated strings as arguments
* fix unit test
* adding unit test
* fix unit test no param case
Co-authored-by: anilkeshav27 <you@example.com>
* Add ans implementation
* Remove todo comment
* Rename test function
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
* Better wording
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
* Add reading of response body function
* Use http pkg ReadResponseBody
* Check read error
* Better test case description
* Fix formatting
* Create own package for read response body
* Omit empty nested resource struct
* Separate Resource struct from Event struct
* Merge and unmarshall instead of only unmarshalling
* Improve status code error message
* Remove unchangeable event fields
* Separate event parts
* Change log level setter function
* Restructure ans send test
* Revert exporting readResponseBody function
Instead the code is duplicated in the xsuaa and ans package
* Add check correct ans setup request
* Add set options function for mocking
* Review fixes
* Correct function name
* Use strict unmarshalling
* Validate event
* Move functions
* Add documentation comments
* improve test
* Validate event
* Add logrus hook for ans
* Set defaults on new hook creation
* Fix log level on error
* Don't alter entry log level
* Set severity fatal on 'fatal error' log message
* Ensure that log entries don't affect each other
* Remove unnecessary correlationID
* Use file path instead of event template string
* Improve warning messages
* Add empty log message check
* Allow configuration from file and string
* Add sourceEventId to tags
* Change resourceType to Pipeline
* Use structured config approach
* Use new log level set function
* Check correct setup and return error
* Mock http requests
* Only send log level warning or higher
* Use new function name
* One-liner ifs
* Improve test name
* Fix tests
* Prevent double firing
* Reduce Fire test size
* Add error message to test
* Reduce newANSHook test size
* Further check error
* Rename to defaultEvent in hook struct
* Reduce ifs further
* Fix set error category test
The ansHook Fire test cannot run in parallel, as it would affect the
other tests that use the error category.
* Change function name to SetServiceKey
* Validate event
* Rename to eventTemplate in hook struct
* Move copy to event.go
* Fix function mix
* Remove unnecessary cleanup
* Remove parallel test
The translation fails now and again when parallel is on.
* Remove prefix test
* Remove unused copyEvent function
* Fix ifs
* Add docu comment
* Register ans hook from pkg
* register hook and setup event template seperately
* Exclusively read eventTemplate from environment
* setupEventTemplate tests
* adjust hook levels test
* sync tests- wlill still fail
* migrate TestANSHook_registerANSHook test
* fixes
* Introduce necessary parameters
* Setup hook test
* Use file instead
* Adapt helper for ans
* Generate go files
* Add ans config to general config
* Change generator
* Regenerate steps
* Allow hook config from user config
Merges with hook config from defaults
* Remove ans flags from root command
* Get environment variables
* Generate files
* Add test when calling merge twice
* Update generator
* Regenerate steps
* Check two location for ans service key env var
* Re-generate
* Fix if
* Generate files with fix
* Duplicate config struct
* Add type casting test for ans config
* Fix helper
* Fix format
* Fix type casting of config
* Revert "Allow hook config from user config"
This reverts commit 4864499a4c497998c9ffc3e157ef491be955e68e.
* Revert "Add test when calling merge twice"
This reverts commit b82320fd07b82f5a597c5071049d918bcf62de00.
* Add ans config tests
* Improve helper code
* Re-generate commands
* Fix helper unit tests
* Change to only one argument
* Fix helper tests
* Re-generate
* Revert piper and config changes
* Re-generate missing step
* Generate new steps
* [ANS] Add servicekey credential to environment (#3684)
* Add ANS credential
* Switch to hooks and remove comments
* Add subsection for ans
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Remove changes to piper.go
* Remove formatting
* Add test for ANS
* Define hook credential seperately from step credential
* Add test for retrieval from general section
* Add comment
* Get ans hook info from DefaultValueCache
* [ANS] Add documentation (#3704)
* Add ANS credential
* Switch to hooks and remove comments
* Add subsection for ans
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Remove changes to piper.go
* Remove formatting
* Add test for ANS
* Define hook credential seperately from step credential
* Add test for retrieval from general section
* Add comment
* Add documentation
* Review changes
* Review comments
* Improve documentation further
* Add note of two event templates
* Add log level destinction
* Further improvements
* Improve text
* Remove unused things
* Add ANS credential
* Switch to hooks and remove comments
* Add subsection for ans
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Remove changes to piper.go
* Remove formatting
* Add test for ANS
* Define hook credential seperately from step credential
* Add test for retrieval from general section
* Add comment
* Get ans hook info from DefaultValueCache
* Improvements
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* New lines
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
* Add ans implementation
* Remove todo comment
* Rename test function
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
* Better wording
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
* Add reading of response body function
* Use http pkg ReadResponseBody
* Check read error
* Better test case description
* Fix formatting
* Create own package for read response body
* Omit empty nested resource struct
* Separate Resource struct from Event struct
* Merge and unmarshall instead of only unmarshalling
* Improve status code error message
* Remove unchangeable event fields
* Separate event parts
* Change log level setter function
* Restructure ans send test
* Revert exporting readResponseBody function
Instead the code is duplicated in the xsuaa and ans package
* Add check correct ans setup request
* Add set options function for mocking
* Review fixes
* Correct function name
* Use strict unmarshalling
* Validate event
* Move functions
* Add documentation comments
* improve test
* Validate event
* Add logrus hook for ans
* Set defaults on new hook creation
* Fix log level on error
* Don't alter entry log level
* Set severity fatal on 'fatal error' log message
* Ensure that log entries don't affect each other
* Remove unnecessary correlationID
* Use file path instead of event template string
* Improve warning messages
* Add empty log message check
* Allow configuration from file and string
* Add sourceEventId to tags
* Change resourceType to Pipeline
* Use structured config approach
* Use new log level set function
* Check correct setup and return error
* Mock http requests
* Only send log level warning or higher
* Use new function name
* One-liner ifs
* Improve test name
* Fix tests
* Prevent double firing
* Reduce Fire test size
* Add error message to test
* Reduce newANSHook test size
* Further check error
* Rename to defaultEvent in hook struct
* Reduce ifs further
* Fix set error category test
The ansHook Fire test cannot run in parallel, as it would affect the
other tests that use the error category.
* Change function name to SetServiceKey
* Validate event
* Rename to eventTemplate in hook struct
* Move copy to event.go
* Fix function mix
* Remove unnecessary cleanup
* Remove parallel test
The translation fails now and again when parallel is on.
* Remove prefix test
* Remove unused copyEvent function
* Fix ifs
* Add docu comment
* Register ans hook from pkg
* register hook and setup event template seperately
* Exclusively read eventTemplate from environment
* setupEventTemplate tests
* adjust hook levels test
* sync tests- wlill still fail
* migrate TestANSHook_registerANSHook test
* fixes
* Add ans send event step
* Fix tests
* Add groovy wrapper
* Add groovy wrapper test
* Fix function names
* Reduce ifs
* Fix docu
* We always set the timestamp
* Validate event
* Test unknown field in json
* Make test list test
* Set all event fields as separate parameters
* Generate and fix code
* Review fixes
* Format test file
* Format go code
* Fix common steps tests
* Print event to console if verbose
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
* add Step azureBlobUpload
* add azure sdk and unit tests
* add Documentation
* fix Groovy Wrapper
* adopt the requested changes from awsS3Upload
* fix lint tests
* downgrade azure sdk to go 1.17
* multiple fixes e.g. use of temporary files for tests
* fix tests
* Update cmd/azureBlobUpload.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update cmd/azureBlobUpload.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update documentation/docs/steps/azureBlobUpload.md
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update documentation/docs/steps/azureBlobUpload.md
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update documentation/docs/steps/azureBlobUpload.md
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update documentation/docs/steps/azureBlobUpload.md
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* requested changes
* use latest version of azure sdk after update to go 1.18
* change staticcheck from 1.1.0 to 1.2.0
* try to fix lint test by pre-compiling go 1.18
* fix caching for lint test
* improve error handling by dividing runner
* improve error handling and add validation
* multiple naming fixes
* add new test for unmarshalling JSON-Structs
* Update cmd/azureBlobUpload_test.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update cmd/azureBlobUpload_test.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update cmd/azureBlobUpload_test.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* fix JSON unmarshall test
* Update documentation/docs/steps/azureBlobUpload.md
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update cmd/azureBlobUpload_test.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Update cmd/azureBlobUpload.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* fix uploadFunc
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* adding arguments
* splitting strings into args and checking position
* addtional check on adding arguments
* unit testing
* refactoring code
* unit test clean up
* add unit test for multiple params in multiple scripts
* unit test name
Co-authored-by: anilkeshav27 <you@example.com>
* Improvements were made
* fixed tests
* fixed issues
* fix versioning
* fix Inclusive Language warnings
* gradle support to fortifyExecuteScan. Classpath resolving
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* feat(fortfiyExecuteScan): proper XML unescaping, added rulepacks to SARIF, added kingdom/type/subtype to tags
* feat(fortifyExecuteScan): proper handling of severity, kinds, levels in SARIF
* fix(fortifyExecuteScan): edge case when handling properties taht could lead to a crash
* fix(fortifyExecuteScan): ensure SARIF processing is done after latest FPR is processed by SSC
* enhance build step
* Update abapEnvironmentBuild.go
* build with addonDescriptor
* use addondescriptor
* Use Addondescriptor
* add error
* improve logging
* rename intervall to interval
* update yaml
* Update abapEnvironmentBuild.go
* Update abapEnvironmentBuild.yaml
* insert generation phase
* we do not know what we have done
* Add createServiceKey to test
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
Co-authored-by: Daniel Mieg <daniel.mieg@sap.com>
* fix(helmExecute): respect version from Chart
using version from CPE can create failure situations in case format is not semver.
This is the case for maven artifacts, for example.
* chore: simplify condition
* chore: cleanup
* chore: cleanup
* explicitly adding tar extension to project name when constructing the targetFilePath for whitesource docker image download
* comments
* correcting comment for better readability
* replace spaces in the project name with underscroe
* better comments
* passing legacy format download
* appending format to value
* keeping the download format for protecode as legacy
* improving docu
* keeping legacy format the default
* keeping tar file name same as project name to avoid duplicate names
* keeping legacy format download hard coded
Co-authored-by: anilkeshav27 <you@example.com>
