* Add getAndRenderImageInfo func
* Add unit tests
* Add comments
* Improve value files handling
* Rename getAndRenderImageInfo to parseAndRenderCPETemplate
* Clean up
* Update logic to parse and render templates
* Update tests
* Test: use t.TempDir for creating temporary dir
* Use ParseTemplate method from piperenv pkg
* Fix err message
* Fix test
* Cleanup of SBOM generation parameters
Adding `false` does not what is intended. If the parameters are added to the call, license texts and dev dependencies are included
* Fixed unit test
* fix(fortify): suppressed issues got "Unknown" category and state
* fix (fortify-sarif): classify findings into audit group
* fix(fortify-checkmarx-sarif): common properties bag for Fortify and Checkmarx (accepting the risk of empty value)
* fix (checkmarx-sarif): classify findings into audit group
* fix (sarif): formatting
* fix(whitesourceExecuteScan): failOnSevereVulnerabilities
failOnSevereVulnerabilities has not been considered properly for security vulnerabilities.
* chore: remove comment
* chore: update formatting
* passing registry username and password
* enhance the case for creating docker config json with user credentials
* refactoring code
* unit test and maintaing user provided docker config json file
* go generate
* remove addtional file addition to unit test
Co-authored-by: anilkeshav27 <you@example.com>
* feat(cpe): provide go templating functions
* change type
* fix: type in test
* chore: add comment for exported function
* fix: ensure that custom returns string properly
* fix types and add tests
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
* Update scanPolling.go
Changing maxWaitTime from 15 to 30 to overcome WhiteSource results reflection in the backend issue.
* Update configHelper.go
* Reset configHelper changes to fix PR 3284
Committer: raghunathd8
* ignoreSourceFiles to fileSystemScan
* Added ignoreSourceFiles param also
* minor adjustment
* minor adjustment again
* updated unit test
* tests fixed
* fmt-ed
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: raghunathd8 <root@docker-evaluation.openstack.eu-nl-1.cloud.sap>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: ffeldmann <f.feldmann@sap.com>
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
For running open source vulnerability scans in de-coupled processes
it is helpful to allow that steps only create
compliance reports to inform users/teams
but not fail the pipeline.
This can now be achieved constitently with the flag:
`failOnSevereVulnerabilities`
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Sets git reference and gitRemoteCommitId.
Jenkins has 2 strategies - 'Merging the pull request with the current target branch revision' and 'The current pull request revision'. When 'Merging the pull request with the current target branch revision' is run, Jenkins creates a local merge commit and runs a job for that particular merge commitId. This commitId is then used for codeql to upload sarif, on upload it throws an error as the merge commit does not exist in github. To resolve this we have introduces a new variable 'gitRemoteCommitId' in commonPipelineEnvironment which gives the remote merge commit id.
* Update abapEnvironmentPushATCSystemConfig.go
* Update abapEnvironmentPushATCSystemConfig.go
ATC Configuration - new fields
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Test - new attributes
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Tests 2
* Update abapEnvironmentPushATCSystemConfig_test.go
Unit Test 2
* Update abapEnvironmentPushATCSystemConfig_test.go
Unittest 3
Co-authored-by: Daniel Bernd <93763187+danManSAP@users.noreply.github.com>
* enable build without values
* add sap-client as option
* use function from /net/url to add parameters
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
* chore: cleanup linting issues in abap steps
* update
* do not break on errors during testing
* Fix warning
Co-authored-by: Daniel Mieg <daniel.mieg@sap.com>
* including comma seperated strings as arguments
* fix unit test
* adding unit test
* fix unit test no param case
Co-authored-by: anilkeshav27 <you@example.com>