Kevin Stiehl
a48b8afc31
fix(commonPipelineEnvironment): keep json numbers untouched ( #2908 )
...
* keep numbers untouched
* rebase master
2021-06-23 20:20:43 +02:00
Sven Merk
e94cbb0840
Revert "fix(fortifyExecuteScan): Support MTA interdepedencies ( #2916 )" ( #2937 )
...
This reverts commit f7bc956058
.
2021-06-23 17:20:15 +02:00
larsbrueckner
61fe88e199
Add "toolrecord" files to Fortify, Checkmarx, Protecode and Whitesource results ( #2929 )
...
* Toolrecord framework -
provide a common entry point for post processing code scan results
Changes to be committed:
new file: pkg/toolrecord/REAMDE_toolrecord.md
new file: pkg/toolrecord/toolrecord_main.go
new file: pkg/toolrecord/toolrecord_test.go
* Add toolrecord file to Checkmarx results
modified: cmd/checkmarxExecuteScan.go
* Add toolrecord file to Fortify results
modified: cmd/fortifyExecuteScan.go
* Add toolrecord file to Whitesource results
modified: cmd/whitesourceExecuteScan.go
* unset umask (#2927 )
* (feat) adds error logging output for downloading reports from whitesource (#2928 )
* Add toolrecord file to Protecode results
* address code climate findings (1/2)
* address codeclimate findings (2/2)
* add comments to all methods
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-23 15:05:00 +02:00
Sven Merk
ab9e154d10
Replace io.Copy ( #2934 )
...
* Replace io.Copy
* Test coverage
* Improve test
* Fix fmt
* Improve error handling in test
* Fix code
* Improve test error log
* Fix fmt
* Fix unix file handles
* Fix error message
* Resolve code climate issue
2021-06-23 14:41:52 +02:00
Sven Merk
f7bc956058
fix(fortifyExecuteScan): Support MTA interdepedencies ( #2916 )
...
* Make sure artifacts go to local repo
* Just package
* Fix test
2021-06-23 11:55:34 +02:00
Daniel Mieg
ccdedd4599
Add stage defaults ( #2841 )
...
* Add stage defaults
* Adapt defaults
* Change default file
* Rename config files
* Add defaults for Build stage
* Change and escape cfServiceKeyConfig
* Remove service key config
* Fix typo
* Change quotes
* Add default for Publish
* Add cfDeleteServicesKeys to defaults
2021-06-23 10:04:15 +02:00
Andre
f63ac3bba0
mavenExecuteIntegration: add maven lifecycle goal as parameter ( #2930 )
...
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2021-06-22 12:51:47 +02:00
tiloKo
7d2d9820e2
Technical Communication User ( #2931 )
...
* Technical Communication User
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
2021-06-21 17:56:12 +02:00
Peter Persiel
b8ded5e6f3
Review "Build and Publish Add-on Products on SAP Cloud Platform ABAP … ( #2925 )
...
* Review "Build and Publish Add-on Products on SAP Cloud Platform ABAP Environment"
* Update documentation/docs/scenarios/abapEnvironmentAddons.md
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
2021-06-21 16:42:02 +02:00
ffeldmann
6671afb909
(feat) adds error logging output for downloading reports from whitesource ( #2928 )
2021-06-21 13:36:08 +02:00
Kevin Stiehl
c0ae0df2f0
unset umask ( #2927 )
2021-06-21 09:45:10 +02:00
Oliver Nocon
8883a5148c
feat(mavenBuild): accept build profiles ( #2921 )
2021-06-18 11:57:00 +02:00
Kevin Stiehl
49dfc1f422
fix(pipelineEnv): use env instead of heredoc ( #2923 )
2021-06-18 11:00:59 +02:00
Kevin Stiehl
792d435a7f
fix(commonPipelineEnvironment) file and directory permissions ( #2924 )
2021-06-18 09:56:31 +02:00
tiloKo
9db249fe1c
Docu updates abap steps ( #2910 )
...
* docu updates
* go generate
* remove example as better explained in scenario docu
* Update abapAddonAssemblyKitCheckCVs_generated.go
* PV Step update
* md lint
* create TV
* publish TV
* lint
* register
* release
* reserve
* yaml lint
* Update abapAddonAssemblyKitRegisterPackages_generated.go
* Update resources/metadata/abapAddonAssemblyKitCreateTargetVector.yaml
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* Update resources/metadata/abapAddonAssemblyKitPublishTargetVector.yaml
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* refer
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
2021-06-17 21:28:15 +02:00
Kevin Stiehl
29b991d6fc
feat(commonPipelineEnv): consume pipeline environment from env variable if set ( #2919 )
...
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-17 16:54:57 +02:00
Kevin Stiehl
80974ea930
update docker image ( #2918 )
...
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-06-17 16:19:39 +02:00
Oliver Nocon
d6b7a0f566
fix(commonPipelineEnvironment): StackOverflowError ( #2917 )
...
* chore(cpe): add debug messages and catch error
* fix catch
* fix variable declaration
* fix type name
* check for instanceof JSONNull
* check for net.sf.json.JSONNull
* fix formatting
* fix StackOverflow exception
* Update vars/writePipelineEnv.groovy
2021-06-17 15:42:39 +02:00
Johannes Schneider
3fa46f20d3
report vulnerability reports in the aggregated vulnerability report only ( #2915 )
2021-06-17 13:58:10 +02:00
Oliver Nocon
188e409a87
feat(protecodeExecuteScan): allow scanning a binary ( #2889 )
...
* feat(protecodeExecuteScan): allow scanning a binary
so far the step only accepts a Docker image or a FetchURL
This adds functionality to also pass a FilePath
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Update protecodeExecuteScan.go
* Fix fmt
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Sven Merk <s.merk@sap.com>
2021-06-17 09:40:21 +02:00
Oliver Nocon
78d7c4c71a
fix(githubCreateIssue): prevent panic for Github error ( #2914 )
...
In case the Github connection leads to an error it can happen that a nil pointer dereference exception can occur.
This is to fix this.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-16 22:31:01 +02:00
Kevin Stiehl
a03be973bc
fix(cpe): add more null checks ( #2913 )
2021-06-16 18:04:37 +02:00
Kevin Stiehl
ff507b959e
pin kaniko version to v1.3.0-debug (latest working version) ( #2911 )
2021-06-16 16:37:39 +02:00
Kevin Stiehl
173e887064
[CPE] Missing pipeline environment in sonar docker container ( #2909 )
...
* execute writepipeline env in sonar
* non exisitng dir is no error
* add log message
2021-06-16 11:46:55 +02:00
Oliver Nocon
0b48bfcc73
feat: retrieve metadata by stepName - corrected ( #2892 )
...
* refactored getConfig to allow stepName param for metadata fetching
* extended step generator
* go generate
* Update cmd/getConfig.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update cmd/getConfig.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update cmd/getConfig.go
* update generated files
* update golden files to care for generator update
* update and add tests
* update generated files
* Update cmd/getConfig.go
* Update cmd/getConfig.go
* update/fix formatting
* feat: retrieve metadata by stepName - corrected
* update generation
* update condition logic for defaults
* update generation & tests
* support multiple conditions
* update generation
* Add generated
Co-authored-by: Leander Schulz <leander.schulz01@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Sven Merk <s.merk@sap.com>
2021-06-16 08:43:30 +02:00
Sven Merk
07b90dc10b
fix(fortifyExecuteScan): Throw error on classpath detection issues ( #2876 )
...
* Update fortifyExecuteScan.go
* Raise error to the top level
* Update fortifyExecuteScan.go
* Update fortifyExecuteScan.go
* Fix code and test
* Add tests
* Fix test
* Last attempt
2021-06-16 08:15:41 +02:00
Christopher Fenner
367ca6211a
refactor(protecode): simplify protecode calls ( #2838 )
...
* simplify protecode calls
* add todos
* reomve todo
* restore go.sum
* Update cmd/protecodeExecuteScan.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Apply suggestions from code review
* remove productID
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-15 22:29:24 +02:00
Kevin Stiehl
eb6ffc334a
[CPE] write commonPipelineEnvironment even when it's empty ( #2904 )
...
* writePipelineEnv even when map is empty
* mock write and read PipelineEnv calls
2021-06-15 18:42:04 +02:00
Sven Merk
a43f46465a
feat(fortifyExecuteScan): HTML report for Fortify ( #2879 )
...
* Tune test
* Fix report implementation
* Fix tests
* Fix values
* Fix code and test
* Report writing fix
* Commit generated sources
* Update cmd/fortifyExecuteScan.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Externalize report generation
* Fix fmt
* Fix fmt 2
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-15 14:53:42 +02:00
Kevin Stiehl
d1c8abc6b3
refactor: move common pipeline environment handling to golang ( #2823 )
...
* make use of new read,writePipelineEnv Steps in groovy
* remove unused cat
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-15 14:34:56 +02:00
Kevin Stiehl
1079aaba53
ci(release): remove unused copies and name downloads correctly ( #2897 )
2021-06-15 14:04:38 +02:00
Sven Merk
7fa31ae9cc
feat(http): Resilience via retry on intermittent communication issues ( #2877 )
...
* feat(http): Resilience on connectivity issues
* Update whitesourceExecuteScan.go
* Update splunk_test.go
* Fix initialization
* Change http interaction
* Fix fmt and tests
* Final test fix
2021-06-15 11:13:24 +02:00
Tom Bendrath
3520b36558
Add mtaBuild step parameters: target, source ( #2858 )
...
* Add mtaBuild step parameters: target, source
* Add unit test for mtaBuild with custom source
* Simplify mtaBuild parameter defaults for source, target
* Fix mtaBuild default values and path in unit test
* Only append custom target and source params in mtaBuild
* Set mtaBuild source and target to ./ when not customized
* mtaBuild unit test: fix expected params sequence
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2021-06-14 16:06:47 +02:00
Oliver Feldmann
f9bfb037a0
Don't configure secret with config file ( #2866 )
2021-06-14 15:42:23 +02:00
Marcus Holl
fe5ce61d9e
rfc upload ( #2533 )
...
* Add RFC upload command
2021-06-14 12:36:18 +02:00
Oliver Nocon
4250ca8bed
Revert "feat(getConfig): retrieve metadata by stepName ( #2736 )" ( #2891 )
...
This reverts commit ae4a24c594
.
2021-06-14 10:57:44 +02:00
Andre
62810d01d0
docs: fortifyExecuteScan - aggregator pom ( #2847 )
...
* document fortify specifics
* go generate
* Update resources/metadata/fortify.yaml
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Update resources/metadata/fortify.yaml
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Update resources/metadata/fortify.yaml
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* go generate
* Apply suggestions from code review
* chore
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-14 09:54:45 +02:00
lndrschlz
ae4a24c594
feat(getConfig): retrieve metadata by stepName ( #2736 )
...
* refactored getConfig to allow stepName param for metadata fetching
* extended step generator
* go generate
* Update cmd/getConfig.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update cmd/getConfig.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update cmd/getConfig.go
* update generated files
* update golden files to care for generator update
* update and add tests
* update generated files
* Update cmd/getConfig.go
* Update cmd/getConfig.go
* update/fix formatting
Co-authored-by: Leander Schulz <leander.schulz01@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
2021-06-14 08:58:41 +02:00
Kevin Stiehl
6c7814e4d5
feat(cpm): Add read and write CPE Go step ( #2888 )
...
* add read write cpe go steps
* Update pkg/piperenv/CPEMap.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update pkg/piperenv/CPEMap.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Update pkg/piperenv/environment.go
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* rename file
* add error handling
* add error handling
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-11 16:17:40 +02:00
Oliver Feldmann
d0f7400122
kubernetesDeploy - Allow docker config.json file ( #2829 )
...
* Introduce docker config.json parameter for kubectl
* Use docker config.json parameter for helm
* Export definition of kube secret parameters
* fix username password existence check
* choose more fitting name for secret spec
* Adopt review suggestions
Co-authored-by: Roland Stengel <r.stengel@sap.com>
2021-06-11 10:41:03 +02:00
Marc Bormeth
84c3cd399d
fix: orchestrator detection ( #2886 )
...
* Fix Orchestrator detection
* Add unit tests
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-10 23:47:38 +02:00
Oliver Nocon
bcb76eff06
fix(windows build): fix golang.org/x/sys ( #2887 )
...
* chore: release binaries for darwin and win
* fix(windows build): fix golang.org/x/sys
This is necessary doe to a dependency of github.com/hashicorp/vault to docker@v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible\pkg\system\filesys_windows.go
This creates a build error.
Further information can be found here:
https://github.com/golang/go/issues/34610
* Update .github/workflows/upload-go-master.yml
* update go.sum
2021-06-10 16:50:17 +02:00
Oliver Nocon
06e67db5e3
chore: release binaries for darwin and win ( #2883 )
...
* chore: release binaries for darwin and win
* Apply suggestions from code review
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-10 12:39:23 +02:00
Roland Stengel
1eab39d847
solman upload split git documentation ( #2831 )
...
* Split git commit message scan from solman upload
2021-06-10 10:16:22 +02:00
Johannes Schneider
c22e0a1f0e
[WhitesourceExecuteScan] Fix Inconsistencies in Aggregated Report ( #2872 )
...
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2021-06-09 15:56:56 +02:00
Sven Merk
def816247a
Update snakeyaml to fix security vulnerability ( #2878 )
...
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-06-09 12:59:01 +02:00
Marc Bormeth
911d4bc770
feat(sonar): make step orchestrator-agnostic ( #2874 )
...
* Make sonarExecuteScan orchestrator-agnostic
* Increase coverage + support empty or false env vars
* Use cleared env for unit tests
* Refactor to standalone package
* Fix review findings
* Fix review findings
* Fix unit test
* Add logging
* Refactor
* Add to codeowners 😎
* Apply suggestions from code review
* Remove unreachable code
* no message
* fix typos
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-09 09:38:52 +02:00
Sven Merk
b7b775c981
Update whitesourceExecuteScan.go ( #2875 )
2021-06-08 11:03:57 +02:00
Roland Stengel
e794d4884b
solman upload split git groovy ( #2782 )
...
* Split git commit message scan from solman upload - groovy part
2021-06-07 10:34:36 +02:00
Nico Schmoigl
764040bf37
fix: typo ( #2856 )
...
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-04 12:38:29 +02:00