* Fix project lookup
* Added test for space
* Update pkg/fortify/fortify.go
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* added support for test credentials
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Introduce transport request create solman
* log the transport request id also in case creation failed
maybe there are some rare cases where a transport request id is returned nevertheless.
* report exit code always
* inline parameter
* Provide more parameters in log message, might help with troubleshooting
Co-authored-by: Roland Stengel <r.stengel@sap.com>
* Unit Test Assemble Package
* Remove obsolete lines
dust wiping
* climate change
* climate change #2
* climate change #3
* climate change #4
* climate change #5
* NSPC serial builds
* Actual Delivery Commit
* Download Delivery_logs.zip
* Publish Result
* Testing
* !Polling
* Provide Commit to BF only if set
* dust wiping
* More Dust to Wipe
* Publish more than on file
* Write Log for Publish
* fix unit test (now Dummy Entries)
* save one line of code for climate change
* Update cmd/abapEnvironmentAssemblePackages.go
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* More Detailed Log Messages
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* update data type of influx measurements
* Update checkmarx.yaml
* pick changes from #1885 for testing
* update generated code
* update to new datatype
* adjust to type changes
* change back to string type
* Update fortifyExecuteScan.go
* add typo to be backward compatible
* change type to int for files_scanned and lines_of_code_scanned
* add typo
* add measurements to whitesource
* update generated sources
* adjust test cases
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Add sca cmd extensibility
* Fix formatting
* HTTP retry
* Improve handling of retry on timeout
* Go fmt
* Fix test
* Fix test
* Test stability
* Fix test
* Fix test
* Fix test
* Update fortifyExecuteScan.go
do not fail step in case mta contains only node modules.
No pom.xml required then.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Go Unit Tests fail due to windows/linux
file separator mismatch. See issue 2660.
* review results
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Improvements
* Formatting
* Fix test
* Update resources/metadata/fortify.yaml
Enhance description
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Unify version handling with ws step
* Part 2
* go fmt
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* fix(whitesource): remove parameters from scan call
parameters are forced into the config thus they don't need to be passed again.
* add proper project to config
* fix(whitesourceExecuteScan) correctly handle structured projects
report file names of projects which had a structure in the name
like `@test/myProject ` were incorrectly handled
This now prevents that reports are targeted to a sub directory.
Structure is now part of the filename.
* fix CodeClimate finding
* Provide getters for stdout, stderr on ShellRunner, ExecRunner
we need that in order to set the streams back in case we have to scan the command
output ourselvs during some function calls.
In case of policy violations, the scan is failed and default behavior is to not update the project in the WS system.
See docs at https://whitesource.atlassian.net/wiki/spaces/WD/pages/33914890/Maven+Plugin.
Since this is inconvenient and we also changed the behavior already for NPM, we force the update.
* LogRange provide git log ref1..ref2
This we need for checking inside the commit range
for transportRequestIds and changeDocumentIDs in the
body of the commit message.
* LogRange provide git log ref1..ref2
This we need for checking inside the commit range
for transportRequestIds and changeDocumentIDs in the
body of the commit message.
* [refactoring] Make room for other upload action: move package
In the near future we will have more upload actions, like
SOLMAN, RFC. Here we prepare the package structure for that.
* don't use aliasing
* rename entities (no leading CTS)
From the current location inside "cmd" the npmExecutorMock cannot
be used from any coding inside "pkg".
When we would like to re-use the npm functionality we have also to
provide tests and this requires having a mock.
In order to be able to use the mock from pkg we move the mock from
"cmd" to "pkg" into package "npm".
With the shift from package "cmd" to "npm" a lot of fields in the mock
has been made public.
Up to now we get a message 'Requested resource could not be found' which is not very
helpul during troubleshooting based on the log. With this change we tell the reader
which resource could not be resolved.
First a bug fix is addressed in which the pull policy could not be configured to false by configuring the general configuration. It could neither be configured via dockerExecute or dockerExecuteOnKubernetes, even though this parameter is docker specific. Only by configuring the specific step where one wants to set the pull policy to false can it be configured.
As the bug stems from zero values being in the context config map, which is also addressed with this PR. That is the second part: Context config parameters are only set if they have a value.
* Don't set pull image if not configured
Otherwise, if the pull policy is not set explicitly for a step, dockerPullImage is set to true. Thus, before this change, it cannot be set in the general, or in dockerExecute or in dockerExecuteOnKubernetes configuration.
* Fix unit tests
* Add pullImage parameter test
* Do not place empty default values in context config
* Use putIfNotEmpty for sidecar container options
* Export common configuration
Keys that are set by both main and sidecar container can be exported
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* Upload in Chunks
* fix unit tests for file upload in chunks
* upload in chunks review round 1
* Upload in Chunks - review round 2 - comments
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
Test verifies that correct pom.xml is used as provided in the parameters
Also removed the --file pom.xml in the tests as maven should take pom.xml as default
Up to now the code generator is not able to handle the type
map[string]interface{} which is important for nested
configurations.
With that change we support such nested configuration.
Fo now parameters with a map type are not supported via
command line parameters. Those parameters are simply
ommitted. But with this change is it possible to read
such nested structures from the pipeline configuration
(.pipeline/config.yml).
As a next step we can discuss if we would like to support
such values also via command line parameters. One possible
approach could be
```
./piper <command> -myParam key1=val1 --myParam key2=val2
```
which gets finally collected inside our map:
```
map["key1"] = "val1"
map["key2"] = "val2"
```
This is of course hard to do for deeper nestings. In that case
providing a pointer to a file might be more suitable.
In that context we need to consider how to
- declare the default values for map like parameters in our
metadata files.
- deal with the different types we have for the parameter
itself wrt the yaml like config on the one hand and on the
level of the command line parameters on the other hand. Maybe for
that we have to extend the metadata format (e.g. describe an
alternate type receiving the values from the command line, like
[]string. With that approach values for simple nested (... not deep
nested) params can be provided like described above, it would be
possible to represent these parameters for the command line parser
as string slice entries like "[]string{key1=val1, key2=val2". These
parameters needs in this case transformed "by us" into the map we
use further down the road.
In case we agree in principle on an approach as outlined here we should
adjust the golden files reflecting this use case.
* initial commit of yaml file
* initial commit for HaDoLint in GO
* add helper function to load file from url
* load config file
* write report information to disk
* comment the code
* refactor groovy code
* remove download function from FileUtils
* use http.Downloader
* rename step files
* update generated files
* update generated files
* remove duplicate commands
* add credentials for config url
* add generated test file
* reuse piperExecuteBin functions
* correct step name
* update go step
* deactivate test
* fix import
* use differing go step name
* rename step
* correct result publishing
* correct command name
* expose tls insecure flag
* hand through error
* disable tls verification
* fix tls disabling
* use credentials
* mow
* reformat
* add qgate only if set
* correct report name
* remove old defaults
* add qgate to defaults
* handle report name
* restore default
* remove unused step config
* use piperExecuteBin
* remove obsolete type
* add test cases
* remove groovy tests
* move client parameter handling to run function
* use custom interfaces and mockery
* remove commented code
* correct struct names
* rename parameter dockerfile
* add further asserts
* cleanup
* change file permission to read/write
* remove tokenize
* add further comments
* init http client only if necessary
* add todo
* Revert "rename parameter dockerfile"
This reverts commit 2a570685b8.
* add alias for dockerfile parameter
* correct test case
* Apply suggestions from code review
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* add comment about mock assertions
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Is there any benefit from having
```
assert.Error(./.)
assert.EqualError(./.)
```
?
assert.Error ensures that we have an error.
assert.EqualError ensures that we have an error and
moreover it checks for a specific error. Hence
assert.EqualError does all and more what assert.Error
does.
In case there is a benefit from that pattern this PR should not be merged.
In case there is not benefit from that pattern we should abandong that pattern.
* Make sure the UA scan is known to the scan object. Fixes downloading reports later on.
* Move polling into pkg/whitesource, add test for e2e scan
* Remove conditions from stash config resource
* Don't use version stored in CPE. This will prevent the versioningModel from being applied.
This change extends the npmExecuteScripts step to support execution of
npm scripts for specific modules. Previously, it was not possible to
execute npm scripts only for specific modules. Now, if the parameter
buildDesriptorList is set the scripts defined by the runScripts
parameter will be executed for the modules defined by
buildDescriptorList. Note, in this case the buildDescriptorExcludeList
will be ignored.
* makes containerImage not mandatory
* Adds kubectl container
* Adds log statement to debug
* adds general to container image
* removes GENERAL again
Removes condition from Kubectl container
* removes workDir
* marks logs as debug
* adds workingdir again
* Adds author to commits
* Adds commit time now
* remove deprecated and reorder
* adds deprecated again to containerRegistryUrl
Adds GENERAL scope to containerImage
* updates generated file
* Renames containerImageNameTag
* adds else case
* adds debug log
* code cleanup
* adds debug log
* revert
* adds debug logs
* revert
* makes root path not hidden
* revert
* Read container properties
* Removes debug message
* Removes debug message
* Removes general scope again
* Fixes unit test
* Adds helm capabilities to the gitopsUpdateDeployment step
* Adds helm capabilities to gitopsUpdateDeployment step
* Removes condition from input field
* Adds test for invalid deploy tool
* Fixes typo
* Adds tests for git errors and file errors
Simplifies test setup
* Adds test for error on image name extraction
* fixes URL variable name
* adds workind directory to paths
* Refactors too long method
* Reverts refactoring method
* Adds repository name as parameter
* Adds glob method
* Test glob method
* Revert "Test glob method"
This reverts commit ac11b54c14.
* Revert "Adds glob method"
This reverts commit ddf47ddebe.
* Revert "Adds repository name as parameter"
This reverts commit 8fc471c909.
* Removes getWd
* Adds stash deployDescriptor
* removes = from paramters
* Revert "removes = from paramters"
This reverts commit 3ecb3665e2.
* Adds " around parameters
* adds logging of all files
* Updates helm to version 3.3.4
* Clean up debug logs
* Raise error if no branch name provided.
Defaulting should be handled by step configuration.
* clean code
* Updates fields and adds checks for required field for certain deploy tools
* Fixes default commit message
* Update long description
* Removes default parameter
* Update resources/metadata/gitopsUpdateDeployment.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Updates yaml file
* Add error category and removes too much wrapping
* Update generated file
* Checks all parameters before returning the error
* Introduces constant
* Renames constant
* Fixes unit tests
* unexpose constants
* Makes tests thread safe and resilient to failed deletion
* Remove methods that did not work properly with hash containers rather than tags.
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Should avoid issues with this file being owned by root (perhaps via running in docker container), preventing the workspace from being cleaned properly.
* makes containerImage not mandatory
* Adds kubectl container
* Adds log statement to debug
* adds general to container image
* removes GENERAL again
Removes condition from Kubectl container
* removes workDir
* marks logs as debug
* adds workingdir again
* Adds author to commits
* Adds commit time now
* remove deprecated and reorder
* adds deprecated again to containerRegistryUrl
Adds GENERAL scope to containerImage
* updates generated file
* Renames containerImageNameTag
* adds else case
* adds debug log
* code cleanup
* adds debug log
* revert
* adds debug logs
* revert
* makes root path not hidden
* revert
* Read container properties
* Removes debug message
* Removes debug message
* Removes general scope again
* Fixes unit test
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* add vaultSecretFileReferences
* fix test
* fix test
* go generate
* remove code duplication
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* kanikoExecute: improve user experience
* ensure proper tags
* update permissions
in case a container runs with a different user
we need to make sure that the orchestrator user
can work on the file
* update permissions
* ensure availablility of directories on Jenkins
* (fix) clean up tmp dir in test
* add resilience for incorrect step yaml
* incorporate PR feedback
* Adds piper step to update deployment configuration in external git repository.
https://github.wdf.sap.corp/ContinuousDelivery/piper-ita/issues/21
* Adds handling of branchName as an optional parameter
* Update resources/metadata/gitopsUpdateDeployment.yaml
Feedback about description
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Adapt to interface guide
* Refactors to GitopsExecRunner
* Refactors to GitopsExecRunner in test
* Removes unnecessary mocked methods
* Adds tests for git utils
* Adds new step to CommonStepsTest.groovy
* Updates description from yaml
* Restricts visibility of methods and interfaces
Adds comments where necessary
* Updates comments
* Fixes URL name
* updates description
* updates generated file
* Fixes compile issue in CommonStepsTest.groovy
* Updates long description
* Updates test to run green on all kind of OS
* Removes global variables from tests
* Default branch: master
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Typo in Hierarchy
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Refactors test to allow parallel execution
* Renames utility variable in gitopsUpdateDeployment.go
* Renames error variables in gitopsUpdateDeployment.go
* simplified parameters for kubectl
* Refactors util classes to use parameters rather than global variables
* makes username and password mandatory
* remove unnecessary mandatory flag
* remove new methods from mock that are not necessary
* replaces with EqualError
* replaces with NoError
* update generated file
* refactor tests
* refactor tests
* make tests parallel executable
* parallel execution of tests
* Refactors interfaces to stop exposing interfaces
* Feedback from PR
* Simplifies failing mocks
* Renames variables and interfaces
* Fixes error messages
* shorten variable names
* Renames unused parameters in tests
* Cleanup nil parameters
* Typo
* Wrap errors and remove unnecessary logs
* Remove containername and filePath from GENERAL scope
* correct generated file
* corrects expected error messages
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* remove docs generator code from step-generator
* add docs generator to dedicated package
* add test cases
* add entry point for docs generation
* make output more readable
* read additional defaults
* add custo defaults parameters
* remove commented code
* adjust custom default parameter in workflow
* remove conflict leftovers
* handle custom default values
* remove comment
* extract code to function
* extract metadata reading to function
* do not print empty strings in favor of PIPER_* env vars
* extract new code to own metadata file
* only reset default on booleans
* remove obsolete test case
* kanikoExecute: improve user experience
* ensure proper tags
* update permissions
in case a container runs with a different user
we need to make sure that the orchestrator user
can work on the file
* update permissions
* ensure availablility of directories on Jenkins
* (fix) clean up tmp dir in test
* add resilience for incorrect step yaml
* incorporate PR feedback
* add type to sonar field
* respect type of influx fields
* update generated code
* switch type
* copy changes from #1885
* log JSON data
* read simple values from json
* Update InfluxData.groovy
* Revert "Update InfluxData.groovy"
This reverts commit c8cfdf381f.
* Revert "read simple values from json"
This reverts commit 94b69866d2.
* Revert "copy changes from #1885"
This reverts commit 2471b4475e.
* update TODO
* handle non-string values as JSON
* change value type to interface in resources
* regenerate code
* add test cases
* handle reading of json files
* write json data to json files
* fix assignment
* use GetResourceParameter
* add test case
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* add code block type
* add parameters to hand in library and binary name
* use library and binary name parameters
* add test cases
* use yaml file to distintuish custom from regular steps
* add test case
Vars file handling centralized
We have the same coding for handling varsf-files and vars. With that change we shift to having one common coding for that
* remove docs generator code from step-generator
* add docs generator to dedicated package
* add test cases
* add entry point for docs generation
* make output more readable
* remove dead code
* fix redundant type issues
* cleanup
* extract report function for protecode package
* use speaking status constant for API results
* remove unconsidered return value
* correct switch statement
* handle severe vulnerabilities
* Apply suggestions from code review
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* correct test name
* return errors from WriteReport function
* expose ReportData struct
* set Error Category
* refactor constant visibility
* change type name
* describe type
* change type name
* fail after report generation
* do not fail on report write errors
* add error as return value
* fix typo
* use require statements
* assert major vulnerabilities
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* Fix
* Adapt errors
* Consider unexpected JSON
* defer closing the response body
* Add comments to explain function
* Improve assert statements semantically
* Change comment format due to CodeClimate
* Extract sub function
The SAP NPM registry has been migrated to the default public registry,
thus the separate configuration with the sapNpmRegistry is not required
anymore.
All packages from npm.sap.com have been migrated to npmjs.org
and in the future SAP packages will only be available from the default
public registry.
Currently, the mtaBuild step installs the wrong artifact in a spring project making use of the "repackage" feature. This PR fixes that by checking if an ".original" jar file exists and using that instead.
* Add abaputils pkg and go files
* Add ReadServiceKeyAbapEnvironment function
* Fixes
* Add structs for SC, Pull and Branch
* Minor Improvements
* Adapt unit tests to new abaputils pkg
* Fixes
* Add adapted tests
* Fixes
* Fix cloudfoundry test
* Add check for host prefix (HTTPS)
* Fix tests + cleanup
* Fixes
* Fixes
* Fix
* Add mock for abaputils pkg unit tests
* Adapt abaputils comments
* Add abapEnvironmentCheckoutBranch step setup
* Change description of abapEnvCheckoutBranch step
* Add http client code
* Disable code due to missing interace
* Add coding for use of abaputils
* Adapt checkout branch step
* Adapt URL for checkout_branch function import
* Fixes
* Add unit test for missing params case
* Fix for missing mapping of CfSpace
* Fix for missing mapping of CfSpace
* Add working code for a Branch Checkout
* Fix host schema
* Remove LogoutOption param of unit tests and steps
* Fix unit test
* Fix unit test CF ReadServiceKey
* Add abapEnvironmentCheckoutBranch step setup
* Change description of abapEnvCheckoutBranch step
* Add http client code
* Disable code due to missing interace
* Add coding for use of abaputils
* Adapt checkout branch step
* Adapt URL for checkout_branch function import
* Fixes
* Fix for missing mapping of CfSpace
* Add working code for a Branch Checkout
* Adapt changes of abautils pkg
* Add test for polling
* Minor fix
* Fix yaml spacing
* Add longdescription to yaml
* Refactor abaputil methods
* Refactoring
* Refactoring
* Minor fix
* Minor fixeds
* Adapt to new abaputils.AUtilsMock
* Delete obsolete initial checks for params
* Fix manageGitRepoUtils_test.go
* Adjust pollEntity tests
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
* Add abaputils pkg and go files
* Add ReadServiceKeyAbapEnvironment function
* Fixes
* Add structs for SC, Pull and Branch
* Minor Improvements
* Adapt unit tests to new abaputils pkg
* Fixes
* Add adapted tests
* Fixes
* Fix cloudfoundry test
* Add check for host prefix (HTTPS)
* Fix tests + cleanup
* Fixes
* Fixes
* Fix
* Add mock for abaputils pkg unit tests
* Adapt abaputils comments
* Add unit test for missing params case
* Fix for missing mapping of CfSpace
* Fix host schema
* Remove LogoutOption param of unit tests and steps
* Fix unit test
* Fix unit test CF ReadServiceKey
Co-authored-by: Daniel Mieg <56156797+DanielMieg@users.noreply.github.com>
This change adds a buildDescriptorExcludeList parameter to
npmExecuteScripts, to enable the exclusion of certain directories when
executing npm scripts. Previously, npmExecuteScripts could only execute
scripts in all packages.
Now it is possible to provide paths or patterns as elements of the
buildDescriptorExcludeList to exclude packages when executing npm scripts.
* Dont work upon a global command.Command instance inside cloudfoundry package
o Up to now we work on a private and shared instance of command.Command inside
the cloudfounrdy package. We need to be able either configure this instance
(environment variables) according to the use case. One option is to hand over
an already configured instance which is used elsewhere. This is what we do with
this commit.
o With this commit we remove the instance which is shared within the cloudfounrdy
package and to provide an instance with a receiver which gets handed over to the
functions. Hence we are thread save: parallel invoctation of e.g. Login will not
affect each other.
o Up to now we work on a private and shared instance of command.Command inside
the cloudfounrdy package. We need to be able either configure this instance
(environment variables) according to the use case. One option is to hand over
an already configured instance which is used elsewhere. This is what we do with
this commit.
o With this commit we remove the instance which is shared within the cloudfounrdy
package and to provide an instance with a receiver which gets handed over to the
functions. Hence we are thread save: parallel invoctation of e.g. Login will not
affect each other.
* Added Vault package
* added support for logical path lookups instead of api paths
* added integration tests
* add integration tests and mock tests
* Replace mock with mockery generated one
* update tests to use mockery
* create mocks sub package
- mock is used now for cf api commands
- tests for cf api and cfk login are checking which
commands are really executed
- some minor simplifications wrt asserts
* [refactoring] move the shell/command related interfaces into pkg/command
otherwise we are not able to use the corresponding mocks for the items contained in pkg since
these interfaces are not visible from the pkg folder
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
* Whitesource MVP for Gradle, Golang, and NPM/Yarn
* Refactoring
* Refactor and cleanup, better error checking
* publish stepResults, use pkg/versioning, bubble up errors, add gomod versioning support
* Run gofmt and cleanup comments
* Resolve PR comments
* Update resources/metadata/whitesource.yaml
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Only determine project coordinates if they are missing
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* Gradle versioning artifact
* fix gradle artifact version regexp and refactor
* Fix token extraction from output buffer
* Fix some issues with pip and jsonfile versioning logic
* Remove useless spacing
* Remove unnecessary test file and fix naming style for JSONDescriptor
* Automatically download wss-unified-agent if file does not exist
* adds downloadVulnerabilityReport, checkSecurityViolations, minor refactoring
* adds config.ReportDirectoryName, improves readability
* Version-wide reporting for vulnerabilities and list of libraries.
* Refactor and improve build accuracy
* fix sed command
* Add includes file pattern config option
* Adds --exclude command line flag
* run go mod tidy and regenerate step framework
* Fix unit tests
* revert changes
* poll project status before downloading reports
* merge with master
* go mod tidy, go fmt, and fix whitesource unit test
* sync go.mod
* sync go.mod again
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Allow retrieving exit code from command execution
This will be helpful to derive error categories in case
an executable provides context-specific error codes.
* make sure that we always have a non 0 exit code for errors
* Add capabilities for checks if a file has been written
With the current file system mock we cannot assert if
a file has been written. E.g. we cannot distiguish between
files added to the virtual file system before the test and files
explicitly written. In contrast to that we can check for deleted
files.
With the change here we get a func HasWritteFile(name).
[Q] Wouln't it be possible to check based on the file content
if a file has been written (the new file should have another
content as the file registered before).
[A] We should not assert some file content here since the
produced file content can be created by another "class" which
is unit tested somewhere else. With that approach we would test
the producer here again.
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* Add error category parsing to cmd execution
It is now possible to define `ErrorCategoryMapping` as a `map[string][]string` on a `Command`.
The format contains the category as key which has a list of error patterns assigned.
Example:
```
cmd := Command{
ErrorCategoryMapping: map[string][]string
"build": {"build failed"},
"compliance": {"vulnerabilities found", "outdated components found"},
"test": {"some tests failed"},
},
}
```
Setting this map triggers console log parsing when executing a command.
If a match is found the error category is stored and
it will automatically be added to the `errorDetails.json`.
* clean up go.mod
* fix test
* fix test
* Update DEVELOPMENT.md
* fix tests
* address long console content without line breaks
* scan condition update
* fix test
* add missing comment for exported function
* Update pkg/command/command.go
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* Add possibility to add category to failures
It is now possible to set the error category within the flow.
When exiting the program the error category can be used.
There is a convenience function available for exiting with a previously set category,
for example
```
log.SetErrorCategory(log.ErrorCompliance)
...
log.FatalError(err, "configuration error")
```
* extend test
* go mod tidy
* add missing comment
* update information about error categories
* Update DEVELOPMENT.md
This change refactors the npm pkg and npmExecuteScripts implementations
to be reusable for future steps, e.g., npmExecuteLint.
In addition, it fixes few small bugs related to unit test execution on
Windows and the fileUtils mocking implementation.
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
There are use cases where we need to run `GetStepConfig()` multiple times.
In such cases it is more efficient to load the files once and then resolve the
respective step configuration.
Extend mta build step to install maven artefacts after build to allow re-using them in later stages (additional unit or integration tests which might not be running as part of the "build" life-cycle).
* also reduce code duplication in token fetching
* concatenate classpaths from multi-maven projects
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
* Include error in the log.
In case the default text formatter is used, the error
will be contained in the log, too.
* Avoid stupid nil token printed in error message
* Add parameter "--ignoreCustomDefaults"
* Pass to piper customDefaults from config also via --defaultConfig
... and add "--ignoreCustomDefaults".
* Log output when ignoring customDefaults
Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>
* artifactPrepareVersion: additional options
it is now possible to use
* a Unix timestamp number
* a short commit hash
* Add dedicated Docker versioning scheme
Avoid maven error `Unknown lifecycle phase \"-\"` when the value of a define contains `-`.
Don't split and trim maven arguments. Expect they come in as a list, keep them as list.
This is a breaking change compared to the old Groovy implementation which relied on using a shell for calling maven.
As an example, consider this diff:
```diff
- goals: 'org.apache.maven.plugins:maven-help-plugin:3.1.0:evaluate',
- defines: "-Dexpression=$pomPathExpression -DforceStdout -q",
+ goals: ['org.apache.maven.plugins:maven-help-plugin:3.1.0:evaluate'],
+ defines: ["-Dexpression=$pomPathExpression", "-DforceStdout", "-q"],
```
* extract StepConfiguration generation to separate file
* add general options to parameter and config table
* fix test case
* remove telemetry flag from docs
* Revert "extract StepConfiguration generation to separate file"
This reverts commit df80dab8cd.
The TransportTimeout value is now applied to the "response header
timeout" and "expect continue timeout" as is. Previously there
was a hard limit of 10 seconds and 1 second respectively (originating
from the article I based the previous PR on). While this doesn't
allow for fine-grained control, it is reasonable to apply the meaning
of "transport timeout" to any state or phase of a HTTP connection.
This change should solve the needs of some Piper clients to configure
very long response header timeouts of 5 minutes and above.
Do not exit with os.Exit(1) but using log.Entry().Fatal() instead
* Golang: forward error details
* extend groovy wrapper to provide proper error message
* create closure for error handling
* add code blocks
* set parameters name in code block
* change test cases
* set parameters name in code block
* add step configuratio caption
* remove details caption
* add code block for docker settings
* add code block for stash content
* add code block for defaults
* add code block for sidecar image & name
* correct test cases
* add code block for docker
* correct test cases
Also establish mavenExecute() via new JenkinsMavenExecuteRule in Groovy Unit Tests.
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
* use sonar go in groovy
* use SONAR_TOKEN
* only use owner/repo if both are set
* trim version to major version digit
* fix code climate issues
* remove Sonar defaults
* use sonar go step
* use SONAR_TOKEN
* use certs from parameters
* use docker workspace & options
* add instance parameter
* implement branchName
* implement branchName
* remove duplicate default
* update docs
* fix TODOs
* remove merge mess
* fix code climate issue
* address comments
* respect custom defaults and custom config file name
* fix typo
* remove obsolete test cases
* disable CommonStepChecks
* check step config instead of context config
* remove TODOs
* respect jenkins PR envvars
* use value from stepConfig
* Update vars/sonarExecuteScan.groovy
* rename options to config
* correct type for options
* add test cases
* log sonar.options in debug message
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* iterate over found pom.xml files for maven projects, deploy found artifacts
* classifiers are found by testing prefix/suffix of artifact
* Remove additionalClassifiers option
* Improve documentation
* Fix fallback for finalBuildName
* Ignore mvn modules with packaging != pom but no target dir
* Fail when main artifact is missing, add more tests
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
* Fix typos
* Support aliases also for secrets
* Adapt & extend Unit Tests
* Output deprecation warning for param/secret aliases
... if the alias is marked as 'deprecated'.
* Config and Defaults via http(s)
Add the possibility to use http(s) urls as path to
* config.yml
* defaults
* Remove comment
* Addressing PR feedback
* Fix error handling
* Replace the default maximum request deadline with a default timeout on the transport level.
* Keep the possibility to set a maximum request deadline.
Artifacts to upload are assembled for MTA projects and Maven projects with optional application sub-module. Then maven deploy:deploy-file is used as backend to upload bundles of artifacts plus sub-artifacts.
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
* Golang step metadata: Config aliases for steps
This will ease following scenarios:
* config migration due to step name changes
* re-use of more general config, e.g. `mavenExecute` in `mavenBuild`
* fix CodeClimate finding
* Fix panic if original stage config does not exist yet
This might provide useful context to the user.
For example when you try to upload a SNAPSHOT jar to a maven-release
repo in nexus, this will print an error like
returned with response 400 Repository version policy: RELEASE does
not allow version: 1.0-SNAPSHOT
instead of
returned with HTTP Code 400
The nexus package implements uploading artifacts to a Nexus repository manager version 2 or 3 via HTTP. It also generates the MD5 and SHA1 hash files for the uploaded artifacts in the Nexus repository.
Have strategy for environment variable handling only once
And provide also a test checking if the environment variables
are present in the forked process.
The strategy applied for setting the environment variables is now
different from what it was before. Before the environment was
fully replaced by the new environment variables. Now we append
our environment variables to the list of environment variables available
by default for the forked process.
Co-authored-by: Florian Geckeler <43751896+fgeckeler@users.noreply.github.com>
