1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

14 Commits

Author SHA1 Message Date
Oliver Nocon
19c1732826
Telemetry: report error category (#2085) 2020-09-29 13:49:40 +02:00
Sven Merk
c72020b7a5
fortifyExecuteScan: Clean and improve parameters (#2050)
* Fix PR feature

* Fix Fortify parameters

* Update resources/metadata/fortify.yaml

* Update resources/metadata/fortify.yaml

* Update resources/metadata/fortify.yaml

* Update resources/metadata/fortify.yaml

* Update resources/metadata/fortify.yaml

* Update resources/metadata/fortify.yaml

* Update descriptions

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
2020-09-22 17:39:40 +02:00
Sven Merk
612d3a645b
Support verify only mode for SAST tools (#2018)
* Support verify only mode for SAST

* Include feedback

* Add tests

* Fix imports
2020-09-18 08:19:34 +02:00
Kevin Stiehl
d589038206
Vault AppRole login (#1971)
* added interpolation package in config

* vault allow paths to hold config references

* allow referencing properties in vaultPaths

* fix small typo

* add approleAuth

* register resolved secrets to logger

* generate steps

* clean up

* add integration test

* add vault to context filter

* reduce Cognitive Complexity & added tests

* Update pkg/config/stepmeta_test.go

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>

* go generate

* go generate after merge

* rename VaultAppRole* to VaultRole*

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2020-09-16 14:50:09 +02:00
Christopher Fenner
8007e4af51
docs: link credentialIDs to parameter (#1961) 2020-08-28 15:38:15 +02:00
Stephan Aßmus
9009c831fb
Declare non-optional server URLs mandatory (#1866)
* Declare non-optional server URLs mandatory
2020-07-30 09:13:46 +02:00
Oliver Nocon
d8553ab53d
detectExecuteScan: update versioning (#1845)
* detectExecuteScan: update versioning

align with Fortify to also use the same versioning model by default.

* fix CodeClimate findings
2020-07-27 12:01:59 +02:00
Oliver Nocon
eafe383d54
Add error category parsing to cmd execution (#1703)
* Add error category parsing to cmd execution

It is now possible to define `ErrorCategoryMapping` as a `map[string][]string` on a `Command`.
The format contains the category as key which has a list of error patterns assigned.
Example:

```
cmd := Command{
  ErrorCategoryMapping: map[string][]string
    "build": {"build failed"},
    "compliance": {"vulnerabilities found", "outdated components found"},
    "test": {"some tests failed"},
  },
}
```

Setting this map triggers console log parsing when executing a command.
If a match is found the error category is stored and
it will automatically be added to the `errorDetails.json`.

* clean up go.mod

* fix test

* fix test

* Update DEVELOPMENT.md

* fix tests

* address long console content without line breaks

* scan condition update

* fix test

* add missing comment for exported function

* Update pkg/command/command.go

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2020-06-24 10:04:05 +02:00
Christopher Fenner
c42553593e
fix: remove unused variables from generated step coding (#1698)
* remove unused parameters from generated code

* update steps

* update steps

* correct golden files

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-06-23 18:05:21 +02:00
Daniel Kurzynski
743fca43e1
Remove projectVersion from fortify documentation (#1628)
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-06-17 17:47:59 +02:00
Daniel Kurzynski
cf9a41850e
Needed CLI separator for Fortify tools depends on platform (#1616)
* Update fortify.yaml
* src, exclude and pythonAdditionalPaths are now lists of strings
* Re-implement pythonIncludes and pythonExcludes as aliases of src and exclude
* Fix using the correct separator (; on windows, : on everything else)
* Tokenize also python "includes"
* mvnCustomArgs was removed

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-06-02 13:47:07 +02:00
Stephan Aßmus
a24a7aad23
Fortify: Using mvn to auto-resolve classpath needs additional params (#1607)
* also reduce code duplication in token fetching
* concatenate classpaths from multi-maven projects

Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
2020-05-29 15:42:35 +02:00
Florian Wilhelm
0857c9a3c6
Allow custom options for src, exclude in fortify translate (#1592)
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Kevin Hudemann <kevin.hudemann@sap.com>
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
2020-05-27 11:45:01 +02:00
Sven Merk
af2a01c064
Fortify implementation in golang (#1428) 2020-05-25 19:48:59 +02:00