* Implemented validation for the option possibleValues
* Has been added the option mandatoryIf to config with validation
* Fixed issues found during code review
* improved golang template
* Fixed tests. Added validation for mandatoryIf option
* Fix typo
* Fixed tests
* Validation was refactored. Added options
* Added default value for parameters with possibleValues option
* Validation was moved after the configuration resolution
* Canceled some default values
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* extend orchestator to provide stage name
* use orchestrator specific stage name
* fix test case
* remove comment
* fix test case
* prettify
* change something..
* do not exit
* Update pkg/orchestrator/azureDevOps.go
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* mta build config
* http request to upload mtar
* adding basic auth
* using put
* test file name
* hard coding the mta org and artifact is
* new version
* new version
* mtar group
* errors
* better error message
* log info
* log info
* correct mtar artifact name
* adding teh correct name
* test
* name changes
* clean up
* changing mtarVersion to version
* changing artifact name
* forcing release build
* forcing release build
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile
* force profile update
* force profile update
* profile update
* debug
* debug
* debug
* debug
* rewrite xml update
* rewrite xml update
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* unmarshal solution
* outputin publish repo url
* removing fetch coordinates condition
* checking settings xml
* fixing artifact id cpe
* release artifact, package and group to cpe
* including versioning type as a cpe
* creating new settings xml file
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* creating parent folder
* changing to project settings
* function name change
* using glbl settings xml
* modiying the npm settings
* modiying the npm settings
* modiying the npm settings
* modiying the npm settings
* using file path join for m2 settings file
* generator
* unit tests
* hardening error message
* removing versioningType
* removing versioningType
* new vault profile paths
* error message improvement
* unit test fixes
Co-authored-by: Your Name <you@example.com>
* add policy status reports
* add policy status and cumulus json
* update projectver link + test
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* modify wrapper http to hold ca rot
* modifying the http client for maven build
* adding checks
* eliminating seperate jks
* test tls true
* insecure flag remove
* error debug
* storing cert
* sap root cert
* error
* only child cert
* test
* maven test
* moving outside loop
* changing pointer
* dont download existing certs
* typo fix
* removing mavenBuild test
* code clean up
* making hadolint using always cert true
* custom tls link for hadolint trust
* error handel
* extended condition for modifying custom tls
* unit test case
* checing when to add the customLinks
* not breaking existing hadolint client config
Co-authored-by: Your Name <you@example.com>
This follows up on #3024
Setting emptyValue to s.th. like `--entrypoint=''` will break in case the argument is properly escaped.
Docker will return with
`container process caused: exec: "''": executable file not found in $PATH`
* feat(detectExecuteScan): generate ip result json
json will currently only be created in success cases.
No information about policy violation details available in the step yet.
* update report name
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* Update cmd/detectExecuteScan_test.go
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
* move blackduck api package
* fix broken unit test
* added tests for new api calls
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
it is possible to overwrite the entrypoint for docker execution:
https://docs.docker.com/engine/reference/run/#entrypoint-default-command-to-execute-at-runtime
This is ideally done by passing `entrypoint=''` and not pass two options to the call.
This also helps with escaping issues of the empty value on other systems.
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* Added checkIfStepActive step
* Implemented npmScripts condition. Code was refactored
* Added some unit tests
* Fixed go modules
* Fixed go modules
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Improved logging of splunk connectivity errors
* Splunk logging
* Moved error logging message
* Bugfix for response body
* Moves response body check, logging of connectivity errors
* Reformatting
* Adds check if response body is nil
* Toolrecord framework -
provide a common entry point for post processing code scan results
Changes to be committed:
new file: pkg/toolrecord/REAMDE_toolrecord.md
new file: pkg/toolrecord/toolrecord_main.go
new file: pkg/toolrecord/toolrecord_test.go
* Add toolrecord file to Checkmarx results
modified: cmd/checkmarxExecuteScan.go
* Add toolrecord file to Fortify results
modified: cmd/fortifyExecuteScan.go
* Add toolrecord file to Whitesource results
modified: cmd/whitesourceExecuteScan.go
* unset umask (#2927)
* (feat) adds error logging output for downloading reports from whitesource (#2928)
* Add toolrecord file to Protecode results
* address code climate findings (1/2)
* address codeclimate findings (2/2)
* add comments to all methods
* Toolrecord library:
- move all toolrun files into a subdirectory
- fix timestamp generation in filenames
* add protecode group's URL to toolrecord data
* fix syntax error from previous commit in cmd/protecodeExecuteScan.go
* toolrecord: fix projectVersionID and generated URLs in fortifyExecuteScan.go
* cmd/fortifyExecuteScan.go: replace a hard-coded servername with
config.ServerURL
* update description
* add toolrecord file to detectExecuteScan
* toolrecord/whitesource: add project names as context
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* using default java truststore
* default java keytore
* remove trust store
* working directory
* change dir java_home
* env variable
* trying to find jre home
* changing directory to jre home and java home
* trying java jre
* remving $
* trying to search the cacerts
* copying existing cacerts
* removing change directory
* searching for secrutiy folder only
* searching cacerts
* new path for cacert
* path to ca-cert
* new trust store
* changing cacert location
* only adding maven_opts env variable once
* log message
* ca cert path from user
* handelling interface modification
* enhance logs and code clean up
* code clean up
Co-authored-by: Your Name <you@example.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
