* extend orchestator to provide stage name
* use orchestrator specific stage name
* fix test case
* remove comment
* fix test case
* prettify
* change something..
* do not exit
* Update pkg/orchestrator/azureDevOps.go
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* fix(kubernetesDeploy): created secret type incorrectly set because of double quotes
* fix(test): update tests
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* mta build config
* http request to upload mtar
* adding basic auth
* using put
* test file name
* hard coding the mta org and artifact is
* new version
* new version
* mtar group
* errors
* better error message
* log info
* log info
* correct mtar artifact name
* adding teh correct name
* test
* name changes
* clean up
* changing mtarVersion to version
* changing artifact name
* forcing release build
* forcing release build
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile update
* force profile update
* profile update
* debug
* debug
* debug
* debug
* rewrite xml update
* rewrite xml update
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* outputin publish repo url
* removing fetch coordinates condition
* checking settings xml
* fixing artifact id cpe
* release artifact, package and group to cpe
* including versioning type as a cpe
* creating new settings xml file
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* changing to project settings
* function name change
* using glbl settings xml
* modiying the npm settings
* modiying the npm settings
* modiying the npm settings
* modiying the npm settings
* using file path join for m2 settings file
* generator
* unit tests
* hardening error message
* removing versioningType
* removing versioningType
* new vault profile paths
* error message improvement
* unit test fixes
Co-authored-by: Your Name <you@example.com>
* release artifact, package and group to cpe
* including versioning type as a cpe
* unit test
* eliminating versioningType
Co-authored-by: Your Name <you@example.com>
* Docs for user provided builder images
Co-authored-by: Benjamin Haegenlaeuer <benjamin.haegenlaeuer@sap.com>
* check if provided dockerImage is a valid builder
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
Co-authored-by: Benjamin Haegenlaeuer <benjamin.haegenlaeuer@sap.com>
* feat(detectExecuteScan): generate ip result json
json will currently only be created in success cases.
No information about policy violation details available in the step yet.
* update report name
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* move blackduck api package
* detectExecuteStep :: Adding error code mapping
* detectExecuteScan :: fixing generate/format check failure
* detectExecuteScan :: fixing typo in test
* detectExecuteStep :: Fixing unit tests and formating issue
* detectExecuteStep :: fixing test case -> TestExitCodeMapping
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* add policy status reports
* add policy status and cumulus json
* update projectver link + test
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Fix broken link
* Add config info into documentation
* Add line
* Add lines
* Link documentation to protocodeExecuteScan
* Remove space
* Change wording
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
* Improve documentation for protecodeExecuteScan
protecodeExecuteScan expects that the docker config file is named
'config.json'.
The dockerConfigJSON parameter is used by protecodeExecuteScan to
retrieve the directory only (for environment variable DOCKER_CONFIG).
* Also improve documentation that is generated
* No relative references in generated documentation.
* Less complex documentation
* Remove irrelevant empty line
* Improvements after review
* Add blank line after code block
* Handle registry URL example as code
Markdown format checker does not like raw URLs.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Broken single containerImage argument has been removed
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
* revert containerRegistryUrl param name
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* mark containerImageName, containerImageTag and containerRegistryUrl as mandatory arguments
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Benjamin Haegenlaeuer <benjamin.haegenlaeuer@sap.com>
* modify wrapper http to hold ca rot
* modifying the http client for maven build
* adding checks
* eliminating seperate jks
* test tls true
* insecure flag remove
* error debug
* storing cert
* sap root cert
* error
* only child cert
* test
* maven test
* moving outside loop
* changing pointer
* dont download existing certs
* typo fix
* removing mavenBuild test
* code clean up
* making hadolint using always cert true
* custom tls link for hadolint trust
* error handel
* extended condition for modifying custom tls
* unit test case
* checing when to add the customLinks
* not breaking existing hadolint client config
Co-authored-by: Your Name <you@example.com>
* Implement cnbBuild step
Co-authored-by: Benjamin Haegenlaeuer <benjamin.haegenlaeuer@sap.com>
* Add cnbBuild groovy test
Co-authored-by: Benjamin Haegenlaeuer <benjamin.haegenlaeuer@sap.com>
* Add basic documentation template
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
* Support specifiying name, tag and registry
Co-authored-by: Pavel Busko <pbusko@users.noreply.github.com>
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
Co-authored-by: Pavel Busko <pbusko@users.noreply.github.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* add basic reporting
* write html and json reports
* fix syntax errors and tests
* sort values in report by vuln
* add more unit tests
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
it is possible to overwrite the entrypoint for docker execution:
https://docs.docker.com/engine/reference/run/#entrypoint-default-command-to-execute-at-runtime
This is ideally done by passing `entrypoint=''` and not pass two options to the call.
This also helps with escaping issues of the empty value on other systems.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Added checkIfStepActive step
* Implemented npmScripts condition. Code was refactored
* Added some unit tests
* Fixed go modules
* Fixed go modules
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* feat(detectExecuteScan): generate ip result json
json will currently only be created in success cases.
No information about policy violation details available in the step yet.
* update report name
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Toolrecord framework -
provide a common entry point for post processing code scan results
Changes to be committed:
new file: pkg/toolrecord/REAMDE_toolrecord.md
new file: pkg/toolrecord/toolrecord_main.go
new file: pkg/toolrecord/toolrecord_test.go
* Add toolrecord file to Checkmarx results
modified: cmd/checkmarxExecuteScan.go
* Add toolrecord file to Fortify results
modified: cmd/fortifyExecuteScan.go
* Add toolrecord file to Whitesource results
modified: cmd/whitesourceExecuteScan.go
* unset umask (#2927)
* (feat) adds error logging output for downloading reports from whitesource (#2928)
* Add toolrecord file to Protecode results
* address code climate findings (1/2)
* address codeclimate findings (2/2)
* add comments to all methods
* Toolrecord library:
- move all toolrun files into a subdirectory
- fix timestamp generation in filenames
* add protecode group's URL to toolrecord data
* fix syntax error from previous commit in cmd/protecodeExecuteScan.go
* toolrecord: fix projectVersionID and generated URLs in fortifyExecuteScan.go
* cmd/fortifyExecuteScan.go: replace a hard-coded servername with
config.ServerURL
* update description
* add toolrecord file to detectExecuteScan
* toolrecord/whitesource: add project names as context
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* using default java truststore
* default java keytore
* remove trust store
* working directory
* change dir java_home
* env variable
* trying to find jre home
* changing directory to jre home and java home
* trying java jre
* remving $
* trying to search the cacerts
* copying existing cacerts
* removing change directory
* searching for secrutiy folder only
* searching cacerts
* new path for cacert
* path to ca-cert
* new trust store
* changing cacert location
* only adding maven_opts env variable once
* log message
* ca cert path from user
* handelling interface modification
* enhance logs and code clean up
* code clean up
Co-authored-by: Your Name <you@example.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* feat(config):read config/defaults with authentication
This change allows to use defaults and config files from a protected GitHub repository.
The options `--customConfig` and `--defaultConfig` already allowed to provide a link to an uprotected file.
Now, by passing a value in the form `<hostname>:<token>` to parameter `gitHubTokens` (this parameter can be passed multiple times) a token can be provided for dedicated hosts.
This makes it possible to use a link like
`https://api.github.com/repos/SAP/jenkins-library/contents/resources/my-defaults.yml?ref=master`
as reference to a default file or similarly as reference to a configuration file.
* update generation to allow protected config/defaults
* fix CodeClimate issues
* update missing generations
* default images replaced with images with public CA
* go files regenerated
* node buster image changed to lts-stretch in npmExecuteScripts, hadolint image rollbackw
* go files regenerated
* node buster image changed to lts-stretch in npmExecuteLint
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Make credential id name more descriptive
* Improve serviceKey description
* Change descriptions to add word service
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
* new step integrationArtifactTriggerIntegrationTest
* add new step into allow list
* add the new step to main command
* refer cpe
* remove unused unit tests
* Check methods and URLs of http request
* Add TriggerIntegration to mockingutils
* Format code
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
* Change credential name in yaml
Change cpiAPIServiceKeyCredentialId to cpiApiServiceKeyCredentialsId in cpi yaml files
* Refactor groovy files
Change cpiAPIServiceKeyCredentialId to cpiApiServiceKeyCredentialsId in cpi groovy files
* Change credential name in md
Change cpiAPIServiceKeyCredentialId to cpiApiServiceKeyCredentialsId in cpi md files
* Make sure artifacts go to local repo
* Just package
* Fix test
* Try out silent mode
* Try fail at end
* Bring resilience back
* Follow new strategy
* Fix test
* Switch to service key for CPI GetMplStatus
Introduces read method for service key files, mock utils and tests.
* Use secret text instead of file
* Change serviceKey definition
* Update cpiUpload to use Service Key
retrieved the host and uaa information from service key
* Update cpiDeploy to use service key
retrieved the host and uaa information from service key
* Update cpiServiceEndpoint to use Service Key
retrieved the host and uaa information from service key
* Update cpiDownload to use Service Key
retrieved the host and uaa information from service key
* Update cpiUpdateConfig to use Service Key
retrieved the host and uaa information from service key
* Refactor serviceKey var name
* Fixed references to service key to follow the real format
they should be accessed through oauth instead of uaa because of the format of the json
* Rename ServiceKey to APIServiceKey
To support having a different service key(and for readability), we need to change the name to API.
* Add STAGES and STEPS yaml
add in to each yaml file of cpi integration
* Revert "Add STAGES and STEPS yaml"
This reverts commit aa2665d158.
* Change comments/formatting commonUtils
Make comments more understandable and follow code climate suggestions
* Change documentation files for steps
remove OAuth and host and change credentials to be servicekey
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
* feat(protecodeExecuteScan): allow scanning a binary
so far the step only accepts a Docker image or a FetchURL
This adds functionality to also pass a FilePath
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Fix fmt
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Sven Merk <s.merk@sap.com>
In case the Github connection leads to an error it can happen that a nil pointer dereference exception can occur.
This is to fix this.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Update fortifyExecuteScan.go
* Raise error to the top level
* Update fortifyExecuteScan.go
* Update fortifyExecuteScan.go
* Fix code and test
* Add tests
* Fix test
* Last attempt
* Add mtaBuild step parameters: target, source
* Add unit test for mtaBuild with custom source
* Simplify mtaBuild parameter defaults for source, target
* Fix mtaBuild default values and path in unit test
* Only append custom target and source params in mtaBuild
* Set mtaBuild source and target to ./ when not customized
* mtaBuild unit test: fix expected params sequence
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
* Introduce docker config.json parameter for kubectl
* Use docker config.json parameter for helm
* Export definition of kube secret parameters
* fix username password existence check
* choose more fitting name for secret spec
* Adopt review suggestions
Co-authored-by: Roland Stengel <r.stengel@sap.com>
* Make sonarExecuteScan orchestrator-agnostic
* Increase coverage + support empty or false env vars
* Use cleared env for unit tests
* Refactor to standalone package
* Fix review findings
* Fix review findings
* Fix unit test
* Add logging
* Refactor
* Add to codeowners 😎
* Apply suggestions from code review
* Remove unreachable code
* no message
* fix typos
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* modifying detect.maven.excluded.scopes from TEST to test
* new maven alt deployment flags
* changing flag names
* tlsCertificate addtion
* adding publish flags
* new flags
* publish flag
* enhance maven builds
* enhance maven builds
* creating new settings xml
* updating project settings
* changing interface for artifactPreparation that uses the same maven util niterface
* adding general scope to maven params
* global reference
* removing vault tmp
* debuging deployment user
* more debug
* maven build paras
* using smaller case
* adding incorrect error check
* adding deployment flags
* code refactor
* unit tests
* changing scope of paramter for tls certs
* new scope for tls
* remove trailing space in mavenBuild.yaml
* trailing space fix
* typo fix and jenkins secret
* including jenkins credentials for repo pass in the maven build groovy
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Adds headCommitId, which stores the head commit has of the current build, includes tests and generated files
* Adds headCommitId, which stores the head commit has of the current build, includes tests and generated files
* Go fmt fix
* Fixes artifactoryPrepareVersion test
* Removes xMake CommitId
* get rid of classic mta builder
* fix yaml lint error
* adding new line in yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Changed gcts deploy step to include create, clone and switching branches
* Added create only flag for repository
* Changed the logic of Rollback
* Added more logs to deployCommitToAbapSystem
* Changes to deploy to abap system
* Changes to deploy to abap system
* Changes to condition for pullbycommit
* Added Current commit deploy scope handling
* Changed VCS_NO_IMPORT to take abap bool
* Added delete config functionality
* Functionality to parse boolean configuration
* Fix to get config metadata url
* Added additional error messages for switch branch
* Better error dump handling
* Better error dump handling contd
* Added dump errors to all http requests
* Error logging changes
* More Unit Tests
* Added more logs
* Updated docs for gCTS deploy
* Added scope in documentation
* Removal of some nested loops, fix of unit tests
* Documentation changes and more comments in the code
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* add versioningModel parameter
* extract versioning model to own package
* move log message
* use versioning method
* add customScanVersion parameter
* use customScanVersion
* adjust docs on other steps
* add customScanVersion parameter
* use customScanVersion
* adjust docs on other steps
* change log message
* update test case
* fix typo
* correct variable name
* add versioningModel parameter
* extract versioning model to own package
* move log message
* use versioning method
* add customScanVersion parameter
* use customScanVersion
* adjust docs on other steps
* update test case
* Add dir to whitesource scan
* Add default for "dir" option
* Change param name to workDir
* Change param name WorkDir to ScanPath
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* added support for test credentials
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* clean detect code version
* Changes for detect codelocation
* remove unmap from scanProperties
* fix/add unit tests for remove unmap
* handle spaces in scanProperties
* update default scanproperties to remove deprecations
* Set default scanonchange to true
* handle multiple unmap true params
* add custom env variables
* fix codeclimate issues
* Update resources/metadata/detect.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update resources/metadata/detect.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* update generated files from yaml
* bug fix - revert code location changes
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* * Fixes filterFileGlob as it did not evaluate all patterns
* Adapts unit tests to cover all functionality
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* * Fixes comment
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* * Adds tests for error cases
* Adds mock utils to mock external calls for errors
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* * Adds test for os.Open
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Cleans code
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Makes test OS independent
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Makes TestFilterFileGlob run in parallel
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Marks all tests to run in parallel
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Add tests and error handling for string conversion and zip file
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Add tests and error handling for write file
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Add tests and error handling for write file
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Add tests and error handling for PathMatch
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Refactor zipFolder method to reduce complexity
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* simplify parameters
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Revert "simplify parameters"
This reverts commit 0bfc582808.
* Revert "Revert "simplify parameters""
This reverts commit 102633cf2d.
* Extract getWorkspace to reduce parameters
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Adapts tests to new error handling of 0 files zip
Only logs error for 0 files zip if no other errors appeared
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* Extract method to reduce complexity
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* rename method
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* remove method needing many parameters
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* remove strconv api
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* remove project variable as project is created in this method
Signed-off-by: Fabian Reh <fabian.reh@sap.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* clean detect code version
* Changes for detect codelocation
* remove unmap from scanProperties
* fix/add unit tests for remove unmap
* handle spaces in scanProperties
* update default scanproperties to remove deprecations
* Set default scanonchange to true
* handle multiple unmap true params
* add custom env variables
* fix codeclimate issues
* Update resources/metadata/detect.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update resources/metadata/detect.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* update generated files from yaml
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* clean detect code version
* Changes for detect codelocation
* remove unmap from scanProperties
* fix/add unit tests for remove unmap
* handle spaces in scanProperties
* update default scanproperties to remove deprecations
* Set default scanonchange to true
* handle multiple unmap true params
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* clean detect code version
* Changes for detect codelocation
* remove unmap from scanProperties
* fix/add unit tests for remove unmap
* handle spaces in scanProperties
* update default scanproperties to remove deprecations
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
don't use native build-tool specific plugins any longer.
They have been deprecated by WhiteSource mid 2019 already.
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Unit Test Assemble Package
* Remove obsolete lines
dust wiping
* climate change
* climate change #2
* climate change #3
* climate change #4
* climate change #5
* NSPC serial builds
* Actual Delivery Commit
* Download Delivery_logs.zip
* Publish Result
* Testing
* !Polling
* Provide Commit to BF only if set
* dust wiping
* More Dust to Wipe
* Publish more than on file
* Write Log for Publish
* fix unit test (now Dummy Entries)
* save one line of code for climate change
* Update cmd/abapEnvironmentAssemblePackages.go
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* More Detailed Log Messages
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* update data type of influx measurements
* Update checkmarx.yaml
* pick changes from #1885 for testing
* update generated code
* update to new datatype
* adjust to type changes
* change back to string type
* Update fortifyExecuteScan.go
* add typo to be backward compatible
* change type to int for files_scanned and lines_of_code_scanned
* add typo
* add measurements to whitesource
* update generated sources
* adjust test cases
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Add sca cmd extensibility
* Fix formatting
* HTTP retry
* Improve handling of retry on timeout
* Go fmt
* Fix test
* Fix test
* Test stability
* Fix test
* Fix test
* Fix test
* Update fortifyExecuteScan.go
* Go Unit Tests fail due to windows/linux
file separator mismatch. See issue 2660.
* review results
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Improvements
* Formatting
* Fix test
* Update resources/metadata/fortify.yaml
Enhance description
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Unify version handling with ws step
* Part 2
* go fmt
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Add new pipeline step
* new pipeline stage
* Cleanup Test
* Adding new step to pipeline - stage publish
* Move from Publish to Build
* Adjusting documentation for move from publish to build
* Change Release with Confirm Step in Build Stage
* codeclimate
* Code Climate
* Code Climate spaces
* Adjusting for Check if package is released in AssemblyConfirm
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
* Add new pipeline step
* new pipeline stage
* Cleanup Test
* Adding new step to pipeline - stage publish
* Move from Publish to Build
* Adjusting documentation for move from publish to build
* Change Release with Confirm Step in Build Stage
* codeclimate
* Code Climate
* Code Climate spaces
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>