1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

4454 Commits

Author SHA1 Message Date
thtri
ef3e720464
Classify Fortify & Checkmarx findings into audit group / Common properties (#3904)
* fix(fortify): suppressed issues got "Unknown" category and state

* fix (fortify-sarif): classify findings into audit group

* fix(fortify-checkmarx-sarif): common properties bag for Fortify and Checkmarx (accepting the risk of empty value)

* fix (checkmarx-sarif): classify findings into audit group

* fix (sarif): formatting
2022-07-21 11:15:55 +02:00
Oliver Nocon
f6a6448631
chore: fix linting issues (#3878)
* chore: fix linting issues

* add more fixes

* correct formatting

* Delete depl.yaml
2022-07-21 09:04:21 +02:00
sumeet patil
818be9d428
feat(codeql): new codeql db parameter (#3902) 2022-07-20 10:07:57 +02:00
thtri
604764998f
fix(fortify): suppressed issues got "Unknown" category and state (#3899) 2022-07-19 17:20:22 +02:00
Daniel Mieg
39a5ca04b1
Fix typo (#3901) 2022-07-19 16:04:15 +02:00
Oliver Nocon
890c437c3f
fix(whitesourceExecuteScan): failOnSevereVulnerabilities (#3894)
* fix(whitesourceExecuteScan): failOnSevereVulnerabilities

failOnSevereVulnerabilities has not been considered properly for security vulnerabilities.

* chore: remove comment

* chore: update formatting
2022-07-18 14:36:29 +02:00
sumeet patil
bc974ffdd2
Fix documentation for SARIF (#3895) 2022-07-18 12:19:04 +02:00
Anil Keshav
72896fab70
fix (kanikoExecute) enhance existing docker config json with additional credential params : user, password and registry Url (#3892)
* passing registry username and password

* enhance the case for creating docker config json with user credentials

* refactoring code

* unit test and maintaing user provided docker config json file

* go generate

* remove addtional file addition to unit test

Co-authored-by: anilkeshav27 <you@example.com>
2022-07-15 08:40:33 +02:00
Oliver Nocon
53f4ce96ae
feat(cpe): provide go templating functions (#3872)
* feat(cpe): provide go templating functions

* change type

* fix: type in test

* chore: add comment for exported function

* fix: ensure that custom returns string properly

* fix types and add tests

Co-authored-by: Anil Keshav <anil.keshav@sap.com>
2022-07-14 16:20:11 +02:00
Raghunath Deshpande
5cc1b8f418
whitesourceExecuteScan: configuration change: ignoreSourceFiles to fileSystemScan (#3446)
* Update scanPolling.go

Changing maxWaitTime from 15 to 30 to overcome WhiteSource results reflection in the backend issue.

* Update configHelper.go

* Reset configHelper changes to fix PR 3284

 Committer: raghunathd8

* ignoreSourceFiles to fileSystemScan

* Added ignoreSourceFiles param also

* minor adjustment

* minor adjustment again

* updated unit test

* tests fixed

* fmt-ed

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: raghunathd8 <root@docker-evaluation.openstack.eu-nl-1.cloud.sap>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: ffeldmann <f.feldmann@sap.com>
2022-07-13 14:32:53 +02:00
Anil Keshav
81e7423ea6
Revert "publishing master binary once after all builds (#3885)" (#3890)
This reverts commit c3b4925f0b.
2022-07-12 16:22:18 +02:00
Eng Zer Jun
0f4e30e9db
test: use T.TempDir to create temporary test directory (#3721)
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.

Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
	defer func() {
		if err := os.RemoveAll(dir); err != nil {
			t.Fatal(err)
		}
	}
is also tedious, but `t.TempDir` handles this for us nicely.

Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-07-12 15:19:12 +02:00
Oliver Nocon
b7c0831b7f
feat: allow OSVM scans to succeed with vulnerabilities (#3889)
For running open source vulnerability scans in de-coupled processes
it is helpful to allow that steps only create
compliance reports to inform users/teams
but not fail the pipeline.

This can now be achieved constitently with the flag:
`failOnSevereVulnerabilities`

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2022-07-12 11:43:24 +02:00
sumeet patil
9c4446ae0a
feat(codeql) merge commit git reference (#3877)
Sets git reference and gitRemoteCommitId.
Jenkins has 2 strategies - 'Merging the pull request with the current target branch revision' and 'The current pull request revision'. When 'Merging the pull request with the current target branch revision' is run, Jenkins creates a local merge commit and runs a job for that particular merge commitId. This commitId is then used for codeql to upload sarif, on upload it throws an error as the merge commit does not exist in github. To resolve this we have introduces a new variable 'gitRemoteCommitId' in commonPipelineEnvironment which gives the remote merge commit id.
2022-07-12 10:25:17 +02:00
Anil Keshav
4c4f8e3e97
feat (githubPublishRelease) creating release with assestPathList (#3887)
* creating release with assestPathList

* adding condition for version should be latest

Co-authored-by: anilkeshav27 <you@example.com>
2022-07-11 12:08:31 +02:00
Anil Keshav
c3b4925f0b
publishing master binary once after all builds (#3885)
Co-authored-by: anilkeshav27 <you@example.com>
2022-07-11 11:30:38 +02:00
Giridhar Shenoy
e6115a54b2
detectExecuteScan : Bug fix : Dont consider ignored components (#3867)
* fix project version limiting issue

* add tests for detectExecute

* fix bug with vuln count

* adjust unit tests

* update documentation for detect versions
2022-07-11 10:50:31 +02:00
Daniel Bernd
c4868f566f
ATC System Configuration - new Attributes (#3880)
* Update abapEnvironmentPushATCSystemConfig.go

* Update abapEnvironmentPushATCSystemConfig.go

ATC Configuration - new fields

* Update abapEnvironmentPushATCSystemConfig_test.go

Unit Test - new attributes

* Update abapEnvironmentPushATCSystemConfig_test.go

Unit Tests 2

* Update abapEnvironmentPushATCSystemConfig_test.go

Unit Test 2

* Update abapEnvironmentPushATCSystemConfig_test.go

Unittest 3

Co-authored-by: Daniel Bernd <93763187+danManSAP@users.noreply.github.com>
2022-07-11 09:41:39 +02:00
Pavel Busko
70d8331904 docs(cnbBuild): use correct address for the buildpacks in the example
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
2022-07-08 09:14:28 +02:00
Anil Keshav
47c63d2cc1
feat (commonPipelineEnvironment) enhance the cpe map to read git head commit id (#3865)
* reading the git head commit id in cpe map

Co-authored-by: anilkeshav27 <anil.keshav@sap.com>
Co-authored-by: Ashly Mathew <ashly.mathew@sap.com>
2022-07-07 16:27:32 +02:00
Mayur Belur Mohan
5931415d9c
ApiProviderList Command (#3879)
* ApiProviderList Command

* Metadata Fix

* Metadata Fix

* CodeReview Fixes

* Documentation Fixes

* unit test fix

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2022-07-07 15:48:59 +03:00
rosemarieB
000e3ab4a9
Add abap source client to generic build step (#3834)
* enable build without values

* add sap-client as option

* use function from /net/url to add parameters

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
2022-07-07 08:44:51 +02:00
Oliver Nocon
dbc459d6ea
chore: cleanup linting issues in abap steps (#3876)
* chore: cleanup linting issues in abap steps

* update

* do not break on errors during testing

* Fix warning

Co-authored-by: Daniel Mieg <daniel.mieg@sap.com>
2022-07-06 14:29:04 +02:00
Anil Keshav
8187bf2ec5
fix (shellExecute) including comma seperated strings as arguments (#3846)
* including comma seperated strings as arguments

* fix unit test

* adding unit test

* fix unit test no param case

Co-authored-by: anilkeshav27 <you@example.com>
2022-07-06 08:41:44 +02:00
raman-susla-epam
6bc96faba9
Update vault.go (#3875) 2022-07-05 16:20:53 +02:00
Vyacheslav Starostin
9e4b32778f
helmExecute: Improve RunHelmLint method (#3873)
* Update RunHelmLint method

* Add test

Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
2022-07-05 18:22:49 +06:00
Oliver Feldmann
ebedf412e4
remove Pipeline word in subject (#3874) 2022-07-05 11:55:07 +03:00
Daniel Mieg
6cf4e98b12
Add alias to CreateTag (#3871) 2022-07-05 09:59:37 +02:00
Ashly Mathew
8e9637bb4b
fix(docu): Mention productiveBranch to be a fixed branch name (#3869) 2022-07-01 12:24:09 +02:00
xgoffin
e4b22deec0
fix(fortifyExecuteScan): remove unneeded parameter (project), fix rule ID in rules (#3866)
* fix(fortifyExecuteScan): remove unneeded parameter (project), fix rule ID in rules

* trigger UT
2022-06-30 17:00:29 +02:00
ffeldmann
f490900f1f
feat(orchestrator package) Adds GetChangeSet functionality to Jenkins provider (#3852)
* Adds GetChangeSet functionality to Jenkins provider
2022-06-30 12:49:21 +02:00
Daniel Mieg
6ff4143b08
Execute checkout & pull when already cloned (#3850)
* Execute checkout & pull when already cloned

* Revert

* Disallow config overload

* Add custom error handler for clone

* Implement new pull parameters

* Add tests

* Formatting

* Rename Param

* Add comment

* Add docu

* Adapt testst to merge

* Fix Unit Test
2022-06-30 10:43:33 +02:00
Oliver Nocon
ce161590ae
fix(golangBuild): publish binary with default name (#3773)
* fix(golangBuild): publish binary with default name

* chore: merge changes with latest state

* fix & enhance tests
2022-06-30 09:57:48 +02:00
Daniel Mieg
8923d1e583
Add Execution Log (#3863)
* Add Execution Log

* Adapt Tests

* Remove log
2022-06-29 15:50:33 +02:00
Daniel Mieg
cf617cb30e
Add stage default (#3864) 2022-06-29 15:02:32 +02:00
Oliver Nocon
5da174aeb0
feat(kubernetesDeploy): add infrastructure extensibility (#3853)
* feat(kubernetesDeploy): add infrastructure extensibility

* update comment

* update error handling

* remove trailing spaces

* chore: refactor to use reuse capabilities

* chore: add tests

* fix: use proper download function

* fix: expose credentials via groovy step

* fix: test

* chore: remove comment

* chore: address CodeClimate findings
2022-06-29 12:00:37 +02:00
Siarhei Pazdniakou
ac821917d1
Fix helmExecute step (#3827)
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-29 10:03:54 +02:00
Pavel Busko
f12702a885 kubernetesDeploy: mark the image parameter as deprecated
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
2022-06-28 17:33:32 +02:00
xgoffin
51138cfb49
feat(checkmarxExecuteScan): remove some useless SARIF code, added security-severity (#3857) 2022-06-28 15:39:17 +02:00
Ralf Pannemans
31f4435352
fix(helmExecute): General fixes (#3691)
* Add missing credentials and config params

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* Add kubeConfigFileCredentialsId to secrets

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* Add helmExecute.md

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Add targetRepository credentials

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Add credentials

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* small fix

* small fix

* small fix

Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
Co-authored-by: Vitalii Sidorov <56587879+kingvvgo@users.noreply.github.com>
Co-authored-by: “Vitalii <“vitalii.sidorov@sap.com”>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-28 13:03:03 +02:00
Martin Zuber
092cd548a0
fix(pythonBuild): Disable progress bar during twine upload (#3858)
* Disable progress bar during twine upload in pythonBuild step.

* Adapt unit tests.
2022-06-28 12:15:25 +02:00
Daniel Mieg
3184785c5e
Add parameter to pull step (#3851)
* Add parameter to pull step

* Add test for config

* Adapt docu

* Update resources/metadata/abapEnvironmentPullGitRepo.yaml

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>

* Regenerate

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
2022-06-28 11:02:15 +02:00
Ashly Mathew
64a1cfdee4
fix : update mkdocs.yml (#3856)
Signed-off-by: Ashly Mathew <ashly.mathew@sap.com>
2022-06-27 17:07:55 +02:00
Vinayak S
b25f596af5
fix(fortify): project version fetch bug (#3854)
Fixed the filter for projectversion GET call
2022-06-27 14:43:57 +02:00
Oliver Feldmann
9af9a2418d
Change pipeline prefix to pipeline (#3855) 2022-06-27 11:38:33 +02:00
Ashly Mathew
fc143235d4
fix : update mkdocs version (#3847) 2022-06-27 10:11:13 +02:00
Martin Zuber
1cb1a203cb
Support custom general purpose vault credentials without prefix. (#3779)
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
2022-06-27 09:24:52 +02:00
sumeet patil
78cf40799e
feat(codeql): new codeql piper step (#3765)
* codeql piper step
2022-06-24 09:04:24 +02:00
Julian Schmitt
0cb487a8e8
Upgrade Dockerfile to Go 1.18 (#3845)
* upgrade Dockerfile to go 1.18

* add blank line

* fix PiperGoUtils.groovy
2022-06-22 15:59:47 +02:00
Linda Siebert
acbcc5646b
[ANS] Change helper and re-generate steps (#3675)
* Add ans implementation

* Remove todo comment

* Rename test function

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Better wording

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Add reading of response body function

* Use http pkg ReadResponseBody

* Check read error

* Better test case description

* Fix formatting

* Create own package for read response body

* Omit empty nested resource struct

* Separate Resource struct from Event struct

* Merge and unmarshall instead of only unmarshalling

* Improve status code error message

* Remove unchangeable event fields

* Separate event parts

* Change log level setter function

* Restructure ans send test

* Revert exporting readResponseBody function

Instead the code is duplicated in the xsuaa and ans package

* Add check correct ans setup request

* Add set options function for mocking

* Review fixes

* Correct function name

* Use strict unmarshalling

* Validate event

* Move functions

* Add documentation comments

* improve test

* Validate event

* Add logrus hook for ans

* Set defaults on new hook creation

* Fix log level on error

* Don't alter entry log level

* Set severity fatal on 'fatal error' log message

* Ensure that log entries don't affect each other

* Remove unnecessary correlationID

* Use file path instead of event template string

* Improve warning messages

* Add empty log message check

* Allow configuration from file and string

* Add sourceEventId to tags

* Change resourceType to Pipeline

* Use structured config approach

* Use new log level set function

* Check correct setup and return error

* Mock http requests

* Only send log level warning or higher

* Use new function name

* One-liner ifs

* Improve test name

* Fix tests

* Prevent double firing

* Reduce Fire test size

* Add error message to test

* Reduce newANSHook test size

* Further check error

* Rename to defaultEvent in hook struct

* Reduce ifs further

* Fix set error category test

The ansHook Fire test cannot run in parallel, as it would affect the
other tests that use the error category.

* Change function name to SetServiceKey

* Validate event

* Rename to eventTemplate in hook struct

* Move copy to event.go

* Fix function mix

* Remove unnecessary cleanup

* Remove parallel test

The translation fails now and again when parallel is on.

* Remove prefix test

* Remove unused copyEvent function

* Fix ifs

* Add docu comment

* Register ans hook from pkg

* register hook and setup event template seperately

* Exclusively read eventTemplate from environment

* setupEventTemplate tests

* adjust hook levels test

* sync tests- wlill still fail

* migrate TestANSHook_registerANSHook test

* fixes

* Introduce necessary parameters

* Setup hook test

* Use file instead

* Adapt helper for ans

* Generate go files

* Add ans config to general config

* Change generator

* Regenerate steps

* Allow hook config from user config

Merges with hook config from defaults

* Remove ans flags from root command

* Get environment variables

* Generate files

* Add test when calling merge twice

* Update generator

* Regenerate steps

* Check two location for ans service key env var

* Re-generate

* Fix if

* Generate files with fix

* Duplicate config struct

* Add type casting test for ans config

* Fix helper

* Fix format

* Fix type casting of config

* Revert "Allow hook config from user config"

This reverts commit 4864499a4c497998c9ffc3e157ef491be955e68e.

* Revert "Add test when calling merge twice"

This reverts commit b82320fd07b82f5a597c5071049d918bcf62de00.

* Add ans config tests

* Improve helper code

* Re-generate commands

* Fix helper unit tests

* Change to only one argument

* Fix helper tests

* Re-generate

* Revert piper and config changes

* Re-generate missing step

* Generate new steps

* [ANS] Add servicekey credential to environment (#3684)

* Add ANS credential

* Switch to hooks and remove comments

* Add subsection for ans

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Remove changes to piper.go

* Remove formatting

* Add test for ANS

* Define hook credential seperately from step credential

* Add test for retrieval from general section

* Add comment

* Get ans hook info from DefaultValueCache

* [ANS] Add documentation (#3704)

* Add ANS credential

* Switch to hooks and remove comments

* Add subsection for ans

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Remove changes to piper.go

* Remove formatting

* Add test for ANS

* Define hook credential seperately from step credential

* Add test for retrieval from general section

* Add comment

* Add documentation

* Review changes

* Review comments

* Improve documentation further

* Add note of two event templates

* Add log level destinction

* Further improvements

* Improve text

* Remove unused things

* Add ANS credential

* Switch to hooks and remove comments

* Add subsection for ans

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Remove changes to piper.go

* Remove formatting

* Add test for ANS

* Define hook credential seperately from step credential

* Add test for retrieval from general section

* Add comment

* Get ans hook info from DefaultValueCache

* Improvements

Co-authored-by: Linda Siebert <linda.siebert@sap.com>
Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* New lines

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2022-06-22 13:31:17 +02:00