1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

11 Commits

Author SHA1 Message Date
thtri
4c2845b79c
fix(fortify):add SSC project identifier to ouput and JSON report (#3787) 2022-05-20 10:24:16 +02:00
Oliver Nocon
20c5f0a63b
fix(optimization) use proper cpe reference (#3683) 2022-03-31 10:52:54 +02:00
Oliver Nocon
276844e6a2
fix(optimization): expose parameters to general section (#3680) 2022-03-30 12:20:51 +02:00
Eugene Kortelyov
8ced7f8184
Feature/fortify execute scan gradle (#3582)
* initial fortify gradle commit

* initial fortify gradle commit

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-28 11:35:38 +01:00
Philipp Stehle
4c18f2a128
feat: Add support for deprecating step parameters (#3554)
this was already used in fortifyExecuteScan, but had no effect.

Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
2022-02-23 15:16:05 +01:00
Siarhei Pazdniakou
98e28befe1
feat(fortifyExecuteScan): add gcs upload to the step (#3424)
* Add gcs upload to fortifyExecuteScan step

* go generate

* Patterns were updated

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-21 09:23:54 +01:00
Oliver Nocon
a4a0873081
feat(checkmarx): create GitHub issue with findings (#3543)
* feat(checkmarx): create GitHub issue with findings

* add github issue reporting
2022-02-17 15:16:55 +01:00
xgoffin
2cebf370c9
feat(fortifyExecuteScan): added conversion to SARIF for FPR files (#3485)
* feat(FPRtoSARIF): boilerplate & comments

* Feat(Ingest): Build done, Vulnerabilities partway

* feat(Vulnerabilities): now entirely parsed

* feat(Ingestion): handle Description object

* feat(FprToSarif): integration in Piper step, full xml structure

* feat(fpr_to_sarif): base program. Need to replace names in messages

* feat(fpr_to_sarif): message substitution and custom definition integration

* fix(fpr_to_sarif): missing replacement in tools object

* fix(fortifyExecuteScan): unit tests

* fix(fpr_to_sarif): failing unit test

* Fix fortify folder creation for generating sarif

* deletion of unzip folder

* fix(fortifyExecuteScan): change logging to info

* feat(fpr_to_sarif): better unit test

* fix(fpr_to_sarif): pr tests failing

* feat(fpr_to_sarif): add specific properties to sarif

* feat(fpr_to_sarif): severity integration

* fix(fpr_to_sarif): unit test fixed

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Sumeet PATIL <sumeet.patil@sap.com>
2022-02-08 14:10:40 +01:00
Sven Merk
01c6f1a66c
fix(fortifyExecuteScan): User assignment based on PR ownership (#3472)
* Debug PR user details

* Check association

* Change to login

* Fix PR creator assignment

* Improve docs

* Fix test
2022-01-27 10:45:45 +01:00
Sven Merk
6520115950
Upload Fortify scan results to GitHub issue (#3300)
* fix(fortifyExecuteScan): Propagate translation errors

Force translation related errors to stop the execution of the step.

* Extend testcase

* Update fortifyExecuteScan.go

* Fix fmt and test

* Fix code

* feat(fortifyExecuteScan): Create GitHub issue

* Fix expectation

* Fix fmt

* Fix fmt add test

* Added tests

* Go fmt

* Add switch

* Rewrite githubCreateIssue

* Fix tests

* Added switch

* Issue only in case of violations

* Fix CPE reference

* Add  debug message to issue creation/update

* Update fortifyExecuteScan.go

* Add credential for GH to groovy wrapper

* Update fortifyExecuteScan.go
2022-01-21 10:52:17 +01:00
Philipp Stehle
f9f0cbfd33
enforce that step metadata yaml file is called <step>.yaml (#3226)
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
2021-11-15 14:20:20 +01:00