Sven Merk
a1988f6808
feat(whitesourceExecuteScan): GitHub issue creation + SARIF ( #3535 )
...
* Add GH issue creation + SARIF
* Code cleanup
* Fix fmt, add debug
* Code enhancements
* Fix
* Added debug info
* Rework UA log scan
* Fix code
* read UA version
* Fix nil reference
* Extraction
* Credentials
* Issue creation
* Error handling
* Fix issue creation
* query escape
* Query escape 2
* Revert
* Test avoid update
* HTTP client
* Add support for custom TLS certs
* Fix code
* Fix code 2
* Fix code 3
* Disable cert check
* Fix auth
* Remove implicit trust
* Skip verification
* Fix
* Fix client
* Fix HTTP auth
* Fix trusted certs
* Trim version
* Code
* Add token
* Added token handling to client
* Fix token
* Cleanup
* Fix token
* Token rework
* Fix code
* Kick out oauth client
* Kick out oauth client
* Transport wrapping
* Token
* Simplification
* Refactor
* Variation
* Check
* Fix
* Debug
* Switch client
* Variation
* Debug
* Switch to cert check
* Add debug
* Parse self
* Cleanup
* Update resources/metadata/whitesourceExecuteScan.yaml
* Add debug
* Expose subjects
* Patch
* Debug
* Debug2
* Debug3
* Fix logging response body
* Cleanup
* Cleanup
* Fix request body logging
* Cleanup import
* Fix import cycle
* Cleanup
* Fix fmt
* Fix NopCloser reference
* Regenerate
* Reintroduce
* Fix test
* Fix tests
* Correction
* Fix error
* Code fix
* Fix tests
* Add tests
* Fix code climate issues
* Code climate
* Code climate again
* Code climate again
* Fix fmt
* Fix fmt 2
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-23 09:30:19 +01:00
Oliver Nocon
a4a0873081
feat(checkmarx): create GitHub issue with findings ( #3543 )
...
* feat(checkmarx): create GitHub issue with findings
* add github issue reporting
2022-02-17 15:16:55 +01:00
Christian Volk
b0e4599d4d
feat(malwareExecuteScan): refactoring and docker support ( #3421 )
...
* feat(malwareExecuteScan): add support for scanning docker images
* refactoring
* print out finding if available
* generate toolrecord for malware scan
* persist scan report
* docs
* fix
* fix
* rollback cmd/init_unix.go
* auhenticated pull
* fix
* fix: report shall be consistent with the api model
* gcs upload
* fix linter
2022-01-24 09:48:01 +01:00
Pavel Busko
1750b75cb8
feat(cnbBuild): preserve maven test results in the workspace ( #3429 )
...
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
2022-01-14 11:05:11 +01:00
Oliver Nocon
31cd2df1bd
chore(docker): add re-use functionality for config.json ( #3244 )
...
* feat: func for Docker config.json
Provide re-use function to create/update Docker conifg.json
* add comment
* update WhiteSource step
* fixes and additional tests
* Delete whitesourceExecuteScan.go
* revert whitersource changes
* chore: update formatting
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-11-04 10:19:33 +01:00
Pavel Busko
cba94dcb35
Cnb build custom buildpacks ( #3090 )
...
* [WIP] cnbBuild custom buildpacks draft
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* Store custom buildpacks in the dedicated tmp folder
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
* added test
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* updated documentation
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
* use Files for toml files cleanup
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* Add missing function to the FileUtils interface
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
2021-09-14 16:14:50 +02:00
Oliver Nocon
805a8fd88f
feat(config): read config/defaults with authentication ( #2975 )
...
* feat(config):read config/defaults with authentication
This change allows to use defaults and config files from a protected GitHub repository.
The options `--customConfig` and `--defaultConfig` already allowed to provide a link to an uprotected file.
Now, by passing a value in the form `<hostname>:<token>` to parameter `gitHubTokens` (this parameter can be passed multiple times) a token can be provided for dedicated hosts.
This makes it possible to use a link like
`https://api.github.com/repos/SAP/jenkins-library/contents/resources/my-defaults.yml?ref=master `
as reference to a default file or similarly as reference to a configuration file.
* update generation to allow protected config/defaults
* fix CodeClimate issues
* update missing generations
2021-07-08 15:26:07 +02:00
Mikalai Dzemidzenka
b82ecb0ff7
convert batsExecuteTests to go implementation ( #2737 )
...
* convert batsExecuteTests to go implementation
* added additional test cases, added container definition to batsExecuteTests.yaml
* added influx, for junit added container definition
* added parameter envVars
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-04-29 16:50:23 +02:00
Roland Stengel
cd8515acce
Go Unit Tests fail due to windows/linux file separator mismatch ( #2662 )
...
* Go Unit Tests fail due to windows/linux
file separator mismatch. See issue 2660.
* review results
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-03-03 22:58:29 +01:00
Marcus Holl
0b9dd80008
Provide getters for stdout, stderr on ShellRunner, ExecRunner ( #1787 )
...
* Provide getters for stdout, stderr on ShellRunner, ExecRunner
we need that in order to set the streams back in case we have to scan the command
output ourselvs during some function calls.
2021-02-05 10:54:38 +01:00
Oliver Nocon
a104b2a06d
feat(whitesourceExecuteScan): UA for all build tools, e.g. maven & npm ( #2501 )
...
* feat(whitesource): add config helper
this helps to ease & enforce config settings
* fix accidential change of class
* add todos wrt java download
* use existing scanOptions, add option to download jre
* update generation
* fix generation
* allow running UA via go library
* correct image, improve logging
* add removal of downloaded JVM
* update java creation and deletion
* refactor and add log output
* remove obsolete ToDo
* increase test coverage
* increase test coverage
* adding aliases and tests
* make go modules as default
* maven: update behavior of projectNaming
* add Docker capabilities
* correct parameter name
* retrieve Docker coordinates
* docker coordinates only to provide artifact
* add ToDos
* add mta capability
* add aliases, mvn arguments for settings
* clean up groovy part
* update defaults
* add container for pip
* add defaults, add maven specifics, ...
* properly download settings
* maven: check existence of excluded files
* fix reporting
* Update CommonStepsTest.groovy
* update comment
* fix CodeClimate finding
* add tests for pip & fix minor issues
* fix order of pip build descriptors
* update pip container options
* fix pip virtualEnv parameter
* update report permissions
* fix test
* update container options
* add use fileUtils to load properties file
* update parameter description
* adding Docker scanning defaults
* clean up configHelper
* consider also npm tool cache
* add todos
2021-02-03 14:52:48 +01:00
Daniel Kurzynski
9a18489cc4
Refactor maven utils and add tests for install artifacts ( #2318 )
...
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-11-10 17:14:55 +01:00
Daniel Mieg
aa9dd3b199
Add step abapEnvironmentCreateSystem ( #2273 )
...
* Create initial step
* Add parameters for system creation
* Creating a tmp manifest.yml
* Add descriptions
* regenerate
* Create tests
* fix codeclimate issue
* Test
* Test2
* Test3
* Replace os.getTempDir
* Change to fileUtils
* Remove FileUtil
2020-11-03 12:02:13 +01:00
Stephan Aßmus
54ea3ed51a
whitesourceExecuteScan: bypass UA for mta, maven, npm and yarn ( #1879 )
...
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
2020-09-29 12:44:31 +02:00
Stephan Aßmus
33e6e13787
Refactor whitesourceExecuteScan, fix polling, error handling ( #2036 )
2020-09-18 11:54:45 +02:00
Daniel Kurzynski
8ee0d358b9
Support maven params in detect scan ( #1855 )
...
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-07-30 10:35:46 +02:00
Daniel Kurzynski
bcab73d332
Support m2path for mtaBuild ( #1850 )
...
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
2020-07-28 17:06:17 +02:00
Stephan Aßmus
61fed83475
Improve self-consistency of file system mock ( #1815 )
2020-07-20 14:23:33 +02:00
Marcus Holl
8af0540de2
Introduce chmod in file utils ( #1808 )
2020-07-16 14:25:01 +02:00
Marcus Holl
49d4f6269a
Introduce stat command into Files utils and correspoding mock ( #1721 )
...
Introduce stat command into Files utils and correspoding mock
2020-07-15 10:31:36 +02:00
Marcus Holl
38c5604798
file mock: Dont store content of written or deleted file ( #1717 )
...
Don't store the content of the written files with the written files
we can lookup that in the files map
2020-07-14 15:37:08 +02:00
Oliver Nocon
dc296b0727
Allow retrieving exit code from command execution ( #1728 )
...
* Allow retrieving exit code from command execution
This will be helpful to derive error categories in case
an executable provides context-specific error codes.
* make sure that we always have a non 0 exit code for errors
2020-06-30 12:57:27 +02:00
Marcus Holl
d1130a11ac
Support file modes in file system mock ( #1716 )
...
Support file mode in file system mock
2020-06-25 14:39:15 +02:00
Marcus Holl
295d526531
file system mock: Add capabilities for checks if a file has been written ( #1706 )
...
* Add capabilities for checks if a file has been written
With the current file system mock we cannot assert if
a file has been written. E.g. we cannot distiguish between
files added to the virtual file system before the test and files
explicitly written. In contrast to that we can check for deleted
files.
With the change here we get a func HasWritteFile(name).
[Q] Wouln't it be possible to check based on the file content
if a file has been written (the new file should have another
content as the file registered before).
[A] We should not assert some file content here since the
produced file content can be created by another "class" which
is unit tested somewhere else. With that approach we would test
the producer here again.
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-06-24 11:27:28 +02:00
Kevin Hudemann
ceb3dd0a04
Refactor pkg/npm and npmExecuteScripts ( #1684 )
...
This change refactors the npm pkg and npmExecuteScripts implementations
to be reusable for future steps, e.g., npmExecuteLint.
In addition, it fixes few small bugs related to unit test execution on
Windows and the fileUtils mocking implementation.
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-06-18 17:30:17 +02:00
Daniel Kurzynski
0222bf83d1
Run npm scripts in virtual frame buffer and extend command.go to run executable asynchronously ( #1669 )
...
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
2020-06-16 11:42:51 +02:00
Stephan Aßmus
f855658e06
Enhance piperutils.Files and mock.FilesMock ( #1664 )
...
* Flesh out piperutils.Files and mock.FilesMock functionality
* Avoid a lot of code-duplication via embedding
2020-06-15 09:47:33 +02:00
Stephan Aßmus
f90a4f9eae
Provide an ExecRunner implementation for running commands in docker ( #1606 )
...
* ExecRunner implementation for executing commands within docker
* Add whole-file example as documentation
2020-06-02 14:24:06 +02:00
Daniel Kurzynski
a40ac015a8
Add tests for maven build ( #1276 )
2020-03-26 08:23:21 +01:00
Marcus Holl
2918ee52cc
Eliminte envMockRunner ( #1233 )
...
ExecMockRunner and ShellMockRunner both needs an environment. "Extending"
here leads to "subclasses" for both cases. That is more long-winded since
it could be.
2020-03-03 10:26:34 +01:00
Marcus Holl
52b0991a36
Get rid of two dimensional env array ( #1235 )
...
I don't understand why there should be a two dimensional array.
When dealing with envs we have normally a list containing entries like
[]string{"DEBUG=true", "HOME=/home/me"}
Having two dimensional env arrays would mean to have several alternate
environment in the tests at the same time. Don't think there is a need
for that.
2020-03-03 09:26:32 +01:00
Florian Geckeler
9dc352029a
Add tag release when building go binary
2020-02-27 15:01:37 +01:00
Florian Geckeler
ef330e1eee
Move mock capabilities to pkg/mock/runner and adapt all tests
2020-02-27 12:11:22 +01:00