1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

4454 Commits

Author SHA1 Message Date
xgoffin
c35d85fecc
feat(SARIF): ContextRegion is now a pointer, can be omitted. In checkmarxExecuteScan: threadflows now added, only first location saved (#3844) 2022-06-22 08:54:24 +02:00
Oliver Feldmann
810d197665
[ANS] Step implementation (#3764)
* Add ans implementation

* Remove todo comment

* Rename test function

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Better wording

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Add reading of response body function

* Use http pkg ReadResponseBody

* Check read error

* Better test case description

* Fix formatting

* Create own package for read response body

* Omit empty nested resource struct

* Separate Resource struct from Event struct

* Merge and unmarshall instead of only unmarshalling

* Improve status code error message

* Remove unchangeable event fields

* Separate event parts

* Change log level setter function

* Restructure ans send test

* Revert exporting readResponseBody function

Instead the code is duplicated in the xsuaa and ans package

* Add check correct ans setup request

* Add set options function for mocking

* Review fixes

* Correct function name

* Use strict unmarshalling

* Validate event

* Move functions

* Add documentation comments

* improve test

* Validate event

* Add logrus hook for ans

* Set defaults on new hook creation

* Fix log level on error

* Don't alter entry log level

* Set severity fatal on 'fatal error' log message

* Ensure that log entries don't affect each other

* Remove unnecessary correlationID

* Use file path instead of event template string

* Improve warning messages

* Add empty log message check

* Allow configuration from file and string

* Add sourceEventId to tags

* Change resourceType to Pipeline

* Use structured config approach

* Use new log level set function

* Check correct setup and return error

* Mock http requests

* Only send log level warning or higher

* Use new function name

* One-liner ifs

* Improve test name

* Fix tests

* Prevent double firing

* Reduce Fire test size

* Add error message to test

* Reduce newANSHook test size

* Further check error

* Rename to defaultEvent in hook struct

* Reduce ifs further

* Fix set error category test

The ansHook Fire test cannot run in parallel, as it would affect the
other tests that use the error category.

* Change function name to SetServiceKey

* Validate event

* Rename to eventTemplate in hook struct

* Move copy to event.go

* Fix function mix

* Remove unnecessary cleanup

* Remove parallel test

The translation fails now and again when parallel is on.

* Remove prefix test

* Remove unused copyEvent function

* Fix ifs

* Add docu comment

* Register ans hook from pkg

* register hook and setup event template seperately

* Exclusively read eventTemplate from environment

* setupEventTemplate tests

* adjust hook levels test

* sync tests- wlill still fail

* migrate TestANSHook_registerANSHook test

* fixes

* Add ans send event step

* Fix tests

* Add groovy wrapper

* Add groovy wrapper test

* Fix function names

* Reduce ifs

* Fix docu

* We always set the timestamp

* Validate event

* Test unknown field in json

* Make test list test

* Set all event fields as separate parameters

* Generate and fix code

* Review fixes

* Format test file

* Format go code

* Fix common steps tests

* Print event to console if verbose

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
2022-06-21 15:45:07 +02:00
Mayur Belur Mohan
cdea4b7713
ApiProxyList Command (#3794)
* ApiProxyList Command

* CodeReview Fixes

* CodeReview Fixes

* CodeReview FIxes

* CodeReview Fixes

* CodeReview FIxes

* CodeReview Fixes

* fixing unit test

* doc fixes

* Update documentation/docs/steps/apiProxyList.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* CodeReview Fixes

* CodeReview Fixes

* CodeReview Fixes

* codereview fix

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2022-06-21 13:08:00 +02:00
Daniel Kurzynski
8768d2bb74
Add githubCreatePullRequest.groovy (#3706)
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-20 15:05:28 +02:00
Oliver Feldmann
c5b83de7e1
[ANS] logrus hook (#3671)
* Add ans implementation

* Remove todo comment

* Rename test function

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Better wording

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Add reading of response body function

* Use http pkg ReadResponseBody

* Check read error

* Better test case description

* Fix formatting

* Create own package for read response body

* Omit empty nested resource struct

* Separate Resource struct from Event struct

* Merge and unmarshall instead of only unmarshalling

* Improve status code error message

* Remove unchangeable event fields

* Separate event parts

* Change log level setter function

* Restructure ans send test

* Revert exporting readResponseBody function

Instead the code is duplicated in the xsuaa and ans package

* Add check correct ans setup request

* Add set options function for mocking

* Review fixes

* Correct function name

* Use strict unmarshalling

* Validate event

* Move functions

* Add documentation comments

* improve test

* Validate event

* Add logrus hook for ans

* Set defaults on new hook creation

* Fix log level on error

* Don't alter entry log level

* Set severity fatal on 'fatal error' log message

* Ensure that log entries don't affect each other

* Remove unnecessary correlationID

* Use file path instead of event template string

* Improve warning messages

* Add empty log message check

* Allow configuration from file and string

* Add sourceEventId to tags

* Change resourceType to Pipeline

* Use structured config approach

* Use new log level set function

* Check correct setup and return error

* Mock http requests

* Only send log level warning or higher

* Use new function name

* One-liner ifs

* Improve test name

* Fix tests

* Prevent double firing

* Reduce Fire test size

* Add error message to test

* Reduce newANSHook test size

* Further check error

* Rename to defaultEvent in hook struct

* Reduce ifs further

* Fix set error category test

The ansHook Fire test cannot run in parallel, as it would affect the
other tests that use the error category.

* Change function name to SetServiceKey

* Validate event

* Rename to eventTemplate in hook struct

* Move copy to event.go

* Fix function mix

* Remove unnecessary cleanup

* Remove parallel test

The translation fails now and again when parallel is on.

* Remove prefix test

* Remove unused copyEvent function

* Fix ifs

* Add docu comment

* Register ans hook from pkg

* register hook and setup event template seperately

* Exclusively read eventTemplate from environment

* setupEventTemplate tests

* adjust hook levels test

* sync tests- wlill still fail

* migrate TestANSHook_registerANSHook test

* fixes

* review - cleanup, reuse poke

* Apply suggestions from code review

* Change subject

* Review fixes

* Set stepName 'n/a' if not available

* Fix fire tests

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
2022-06-17 16:40:45 +02:00
xgoffin
0457601efd
feat(sarif): add GUID as part of properties, change ruleID (#3838) 2022-06-17 08:53:44 +02:00
xgoffin
c11110d791
feat(sarif): add a "conversion" object to SARIF files (#3837)
* feat(fortifyExecuteScan): add conversion object

* feat(checkmarxExecuteScan): add conversion object
2022-06-16 15:24:23 +02:00
Peter Persiel
6ab3ab2841
Update abapEnvironmentPipelineStageDefaults.yml (#3831)
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
2022-06-15 15:46:50 +02:00
tiloKo
be5e850eab
Abap pipeline build stage skip create service key (#3832)
* CreateServiceKey only if host was not configured
2022-06-15 14:57:28 +02:00
Ralf Pannemans
d28a48896c
cnbBuild: add alias for imageNames for easier valueMapping in helmDeploy (#3822)
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Sumit Kulhadia <sumit.kulhadia@sap.com>
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
2022-06-15 14:17:46 +02:00
Hilmar Falkenberg
e828a94c85
add FortifyReportData.URL to scanReport (#3821)
hopefully that gives users a direct link back to the original fortify project+version

Co-authored-by: xgoffin <86716549+xgoffin@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-15 13:45:09 +02:00
Pavel Busko
4ab32f7e7c feat(cnbBuild): generate buildSettingInfo
Co-authored-by: Sumit Kulhadia <sumit.kulhadia@sap.com>
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
2022-06-15 12:37:21 +02:00
Julian Schmitt
dd0aae6ded
Create azureBlobUpload (#3766)
* add Step azureBlobUpload

* add azure sdk and unit tests

* add Documentation

* fix Groovy Wrapper

* adopt the requested changes from awsS3Upload

* fix lint tests

* downgrade azure sdk to go 1.17

* multiple fixes e.g. use of temporary files for tests

* fix tests

* Update cmd/azureBlobUpload.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update cmd/azureBlobUpload.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update documentation/docs/steps/azureBlobUpload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update documentation/docs/steps/azureBlobUpload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update documentation/docs/steps/azureBlobUpload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update documentation/docs/steps/azureBlobUpload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* requested changes

* use latest version of azure sdk after update to go 1.18

* change staticcheck from 1.1.0 to 1.2.0

* try to fix lint test by pre-compiling go 1.18

* fix caching for lint test

* improve error handling by dividing runner

* improve error handling and add validation

* multiple naming fixes

* add new test for unmarshalling JSON-Structs

* Update cmd/azureBlobUpload_test.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update cmd/azureBlobUpload_test.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update cmd/azureBlobUpload_test.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* fix JSON unmarshall test

* Update documentation/docs/steps/azureBlobUpload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update cmd/azureBlobUpload_test.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Update cmd/azureBlobUpload.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* fix uploadFunc

Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2022-06-15 09:41:02 +02:00
Oliver Nocon
0d29a00b9a
doc: using dedicated versions (#3809)
* Update introduction.md

* Update introduction.md
2022-06-14 16:41:38 +02:00
Sven Merk
88f4d67cdd
Added reference to pkg/http and guidance on retry capabilities (#3784)
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-14 16:26:58 +02:00
tiloKo
114e91f328
Update abapEnvironmentAssembleConfirm.go (#3825)
* Update abapEnvironmentAssembleConfirm.go
2022-06-13 13:13:15 +02:00
Anil Keshav
011ba40f87
feat (shellExecute) extend shellExecute to accept script arguments (#3823)
* adding arguments

* splitting strings into args and checking position

* addtional check on adding arguments

* unit testing

* refactoring code

* unit test clean up

* add unit test for multiple params in multiple scripts

* unit test name

Co-authored-by: anilkeshav27 <you@example.com>
2022-06-10 16:10:46 +02:00
xgoffin
5edb0d2566
feat(fortifyExecuteScan): implement a system to limit the number of API calls upon request failures (#3818)
* feat(fortifyExecuteScan): add a max number of retries for API calls in SARIF conversion

* feat(checkmarxExecuteScan): implement max number of retries on API call for descriptions in SARIF processing

* feat(checkmarx/fortify): extra logging line when failing an API request in SARIF conversion

* fix(fortifyExecuteScan): panic if undefined projectversion in sarif

* fix(fortifyExecuteScan): logging improvement

* fix(fortifyExecuteScan): wrong if condition caused crash

* fix(fortifyExecuteScan): do not log if retries hit -1, adjust logging

* fix(SARIF): commenting API calls for Checkmarx until a solution can be found for the API issues

* feat(SARIF): add omitempty to extensions
2022-06-09 10:32:08 +02:00
Siarhei Pazdniakou
92837fde18
feat(gradleExecuteBuild, fortifyExecuteScan): gradle improvements (#3807)
* Improvements were made

* fixed tests

* fixed issues

* fix versioning

* fix Inclusive Language warnings

* gradle support to fortifyExecuteScan. Classpath resolving

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-06-07 10:24:10 +02:00
Oliver Feldmann
aecf1babd9
[ANS] Add SAP Alert Notification Service to pkg (#3654)
* Add ans implementation

* Remove todo comment

* Rename test function

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Better wording

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>

* Add reading of response body function

* Use http pkg ReadResponseBody

* Check read error

* Better test case description

* Fix formatting

* Create own package for read response body

* Omit empty nested resource struct

* Separate Resource struct from Event struct

* Merge and unmarshall instead of only unmarshalling

* Improve status code error message

* Remove unchangeable event fields

* Separate event parts

* Change log level setter function

* Restructure ans send test

* Revert exporting readResponseBody function

Instead the code is duplicated in the xsuaa and ans package

* Add check correct ans setup request

* Add set options function for mocking

* Review fixes

* Correct function name

* Use strict unmarshalling

* Validate event

* Move functions

* Add documentation comments

* improve test

Co-authored-by: Linda Siebert <39100394+LindaSieb@users.noreply.github.com>
Co-authored-by: Roland Stengel <r.stengel@sap.com>
2022-06-03 10:16:14 +02:00
xgoffin
903f273012
feat(checkmarxExecuteScan): added API to get description, incorporated to SARIF file (#3814) 2022-06-01 15:48:56 +02:00
Julian Schmitt
ea001341cb
upgrade lint-test to go 1.18 (#3804)
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2022-05-25 15:30:52 +02:00
Daniel Mieg
8ce7577a34
Handle empty http response correctly (#3805) 2022-05-25 13:57:13 +02:00
Daniel Bernd
52a532e8dc
remove LAST_CHANGED_AT mentioning (#3803)
Co-authored-by: Daniel Bernd <93763187+danManSAP@users.noreply.github.com>
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
2022-05-25 10:49:02 +02:00
xgoffin
6a43e9f455
feat(fortifyExecuteScan): further improvements to the SARIF generation (#3799)
* feat(fortfiyExecuteScan): proper XML unescaping, added rulepacks to SARIF, added kingdom/type/subtype to tags

* feat(fortifyExecuteScan): proper handling of severity, kinds, levels in SARIF

* fix(fortifyExecuteScan): edge case when handling properties taht could lead to a crash

* fix(fortifyExecuteScan): ensure SARIF processing is done after latest FPR is processed by SSC
2022-05-24 13:40:49 +02:00
Daniel Mieg
ddb28899bf
ABAP Environment Create Tag: Add Groovy Step and Docu (#3797)
* Add groovy and docu

* Fix lint issue
2022-05-23 16:28:46 +02:00
Daniel Mieg
cda6e71ab9
Add ABAP step: createTag (#3633)
* Cloud Platform -> BTP

* Initial generation of new step

* add flag

* wip

* Fix warnings

* Add command

* Added Tag Decription

* Add status check

* Improve handling

* Improve handling

* Add test for happy path

* Add test reports to gitignore

* Add second test

* Improve createTag

* Add testcase

* Adaptions

* Add test

* Update cmd/abapEnvironmentCreateTag.go

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>

* Update cmd/abapEnvironmentCreateTag.go

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>

* Adapt error handling

* Improve coding

* Add info

* Disallow repositories and repositoryName at the
same time

* Regenerate

* Adapt to feedback

* Update cmd/abapEnvironmentCreateTag.go

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>

* Update cmd/abapEnvironmentCreateTag.go

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
2022-05-23 15:15:22 +02:00
rosemarieB
d30395931b
Do not merge before go live of steampunk 2205! Insert generic build step into abap environment pipeline (#3507)
* enhance build step

* Update abapEnvironmentBuild.go

* build with addonDescriptor

* use addondescriptor

* Use Addondescriptor

* add error

* improve logging

* rename intervall to interval

* update yaml

* Update abapEnvironmentBuild.go

* Update abapEnvironmentBuild.yaml

* insert generation phase

* we do not know what we have done

* Add createServiceKey to test

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
Co-authored-by: Daniel Mieg <daniel.mieg@sap.com>
2022-05-23 13:47:03 +02:00
Christopher Fenner
d883a729b0
docs(sonar): update dead link (#3795) 2022-05-23 11:40:55 +02:00
Marc Vornetran
2dbb198804
fix(malwareExecuteScan): Set ImageFormat to tarball (#3791) 2022-05-23 11:22:49 +02:00
Philipp Stehle
17ed9468cb
replace depreacted strings.Title function (#3786) 2022-05-20 18:50:03 +02:00
Peter Persiel
93bcb711c1
Add-on Registration now in Landscape Portal app (#3792) 2022-05-20 15:00:08 +02:00
thtri
4c2845b79c
fix(fortify):add SSC project identifier to ouput and JSON report (#3787) 2022-05-20 10:24:16 +02:00
Daniel Mieg
a5fcc7517b
Improve logging (#3788) 2022-05-19 16:59:37 +02:00
xgoffin
1fde2ce677
feat(checkmarxExecuteScan): improvements to SARIF file generation (#3781)
* feat(checkmarxExecuteScan): respect SARIF standard more closely

* fix(checkmarxExecuteScan): edge case where message would be empty in SARIF

* fix(checkmarxExecuteScan): better message handling to ensure field is populated

* feat(checkmarxExecuteScan): SARIF file readability

* feat(checkmarxExecuteScan): include the helpURL as part of the Help object

* fix(sarif): remove wrong structure addition

* feat(checkmarxExecuteScan): safer handling of version in SARIF file

* feat(checkmarxExecuteScan): add CWE number to tags
2022-05-19 14:57:13 +02:00
Daniel Mieg
1d850c0acc
Debug config keys in general section (#3785)
* Make config keys available in general

* Test

* Log Formatting

* Fix

* Remove echo

* Dashed length

* Add comment

* revert changes
2022-05-19 14:18:14 +02:00
Thorsten Duda
7748e81b59
Update go version to 1.18 (#3783)
* Update go version to 1.18

* Update go version to 1.18

* Create awsS3Upload (#3737)

* add Step awsS3Upload

* fix JSON Read

* fix groovy wrapper

* change credentials to secret text

* Change credentials type to token

* add cleanup for environment variables

* Add AwsS3UploadCommand to piper.go

* add documentation of awsS3Upload

* Fix JSON String Example in Documentation

* add the Upload of whole directories

* add Logging to awsS3Upload.go

* imporve Logging

* fix and improve unit tests

* fix non-existing-filepaths-Bug

* fix windows filepaths

* remove ... from logging

* change step description

* fix PR Tests

* remove redundant code

* try to run tests sequentially

* fix file.Close

* executed go mod tidy

* requested changes

* fix comments and awsCredentials

* Update documentation/docs/steps/awsS3Upload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* use temporary files for unit tests

* executed go generate

Co-authored-by: ffeldmann <f.feldmann@sap.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>

* fix go.sum

* Fix project config reset when preset is set (#3782)

Co-authored-by: Julian Schmitt <97178428+JulianPSchmitt@users.noreply.github.com>
Co-authored-by: ffeldmann <f.feldmann@sap.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Adrien <99400874+hubadr@users.noreply.github.com>
2022-05-19 10:30:10 +02:00
Adrien
3d48364862
Fix project config reset when preset is set (#3782) 2022-05-18 17:10:00 +02:00
Julian Schmitt
6714794066
Create awsS3Upload (#3737)
* add Step awsS3Upload

* fix JSON Read

* fix groovy wrapper

* change credentials to secret text

* Change credentials type to token

* add cleanup for environment variables

* Add AwsS3UploadCommand to piper.go

* add documentation of awsS3Upload

* Fix JSON String Example in Documentation

* add the Upload of whole directories

* add Logging to awsS3Upload.go

* imporve Logging

* fix and improve unit tests

* fix non-existing-filepaths-Bug

* fix windows filepaths

* remove ... from logging

* change step description

* fix PR Tests

* remove redundant code

* try to run tests sequentially

* fix file.Close

* executed go mod tidy

* requested changes

* fix comments and awsCredentials

* Update documentation/docs/steps/awsS3Upload.md

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* use temporary files for unit tests

* executed go generate

Co-authored-by: ffeldmann <f.feldmann@sap.com>
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2022-05-18 10:37:54 +02:00
Oliver Nocon
6070549704
fix(helmExecute): respect version from Chart (#3780)
* fix(helmExecute): respect version from Chart

using version from CPE can create failure situations in case format is not semver.
This is the case for maven artifacts, for example.

* chore: simplify condition

* chore: cleanup

* chore: cleanup
2022-05-18 08:58:01 +02:00
Thorsten Duda
434e4529d5
cfcli update (#3777)
* cfcli update

* cfcli update
2022-05-17 08:53:19 +02:00
Mayur Belur Mohan
ef2db4c2b0
ApiProviderUpload Command (#3663)
* ApiProviderUpload Command

* formatting fix

* formatting fix

* formatting fix

* formatting fix

* CodeReview Changes

* CodeReview Fix

* CodeReview fix

* CodeReview Fix

* CodeReview FIx

* CodeReview FIxes

* CodeReview Fixes

* CodeReview Fixes

* CodeReview Fixes

* CodeReview Fix

* CodeReview Fix

* CodeReview Fixes

* CodeReview Fix

* Doc Fixes

* CodeReview Fix

* CodeReview Fixes

* Doc Fixes

* Update cmd/apiProviderUpload_test.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* CodeReview FIxes

* Update cmd/apiProviderUpload.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* CodeReview Fixes

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2022-05-16 11:52:04 +02:00
Oliver Nocon
57347702d4
fix(versioning): correct propagated version (#3778) 2022-05-16 10:02:25 +02:00
Anil Keshav
e6724d7f05
fix (whitesourceExecuteScan) keep tar extension for target image donwload (#3774)
* explicitly adding tar extension to project name when constructing the targetFilePath for whitesource docker image download

* comments

* correcting comment for better readability

* replace spaces in the project name with underscroe

* better comments

* passing legacy format download

* appending format to value

* keeping the download format for protecode as legacy

* improving docu

* keeping legacy format the default

* keeping tar file name same as project name to avoid duplicate names

* keeping legacy format download hard coded

Co-authored-by: anilkeshav27 <you@example.com>
2022-05-13 18:56:41 +02:00
Anil Keshav
b7cc1eb62f
parsing the entire url and not spliting it (#3775)
Co-authored-by: anilkeshav27 <you@example.com>
2022-05-13 10:02:46 +02:00
xgoffin
7d9f018529
feat(fortifyExecuteScan): SARIF generation improvements (#3769)
* feat(fpr_to_sarif & GHAS): adjustments to fit some rules

* feat(fortifyExecuteScan): fit GH ingestion rules better

* feat(fortifyExecuteScan): readability in SARIF report

* feat(fortifyExecuteScan): restore escaped chars in XML text

* feat(fortifyExecuteScan): properly replace threadflowlocations in each threadflow

* fix(fortifyExecuteScan): fixed missing threadflow in SARIF generation

* feat(fortifyExecuteScan): properly handle threadflows when a node has another node as Reason (node-in-node edge case)

* feat(fortifyExecuteScan): better sarif ruleID field

Co-authored-by: thtri <trinhthanhhai@gmail.com>
2022-05-11 17:05:51 +02:00
Daniel Mieg
3fea61e8b0
Add debug flag to stage config (#3771) 2022-05-09 14:12:53 +02:00
Ashly Mathew
3c288e81ad
fix (golang) : publish binaries to custom in cpe (#3767)
Signed-off-by: Ashly Mathew <ashly.mathew@sap.com>
2022-05-05 15:06:42 +02:00
Ashly Mathew
823ef47db6
Golang build publish binaries and add group id (#3749)
* Add golang binaries to CPE and add groupID in coordinates

Signed-off-by: Ashly Mathew <ashly.mathew@sap.com>

* Introducing binaries as artifacts

Signed-off-by: Ashly Mathew <ashly.mathew@sap.com>
2022-05-05 12:39:59 +02:00
Giridhar Shenoy
fe9b3a796b
detectExecuteScan: fix project version limiting api call (#3754)
* fix project version limiting issue

* add tests for detectExecute
2022-05-05 09:58:43 +02:00