1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

544 Commits

Author SHA1 Message Date
ffeldmann
37853bc569
Whitesource unified agent download resilience (#3230)
* Adds retry for whitesource download in case of 404 not found

* Adds retry mechanism for 'forbidden errors' which occasional happen when downloading the unified agent

Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
2021-11-02 15:10:04 +01:00
tiloKo
9464b345d0
abapEnvironmentAssemblePackages store file in workspace instead of cpe (#3232)
* initial refac

* fix unit test, no publish

* fix typo
2021-11-02 11:00:01 +01:00
Mayur Belur Mohan
3ee4339af1
ApiProxyDownload Command (#3197)
* ApiProxyDownload Command

* Lint Fixes

* Lint Fixes

* codereview fixes

* Code Review Fixes

* CodeReview Fixes

* CodeReview Fixes

* Code Review Fixes

* Code Review Changes

* CodeReview Fixes

* CodeReview Fixes

* CodeReview Fix

* CodeReview Fixes

* CodeReviw Fixes

* CodeReview Changes

* CodeReview Fixes

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2021-11-02 10:30:08 +01:00
sumeet patil
732845507d
Fortify JSON Report (#3212)
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-10-29 10:03:01 +02:00
tiloKo
a0ad624b9a
RobustConfirm (#3179)
confirm no longer done based on package status but now based on boolean indicator which is set during assembly step.
Thus confirm can now be placed after release packages.
2021-10-28 11:01:16 +02:00
Umidjon Urunov
53225b958f
protecodeExecuteScan -> file upload has been extended for "binary" uploads (#3156)
* changes to detectExec before master merge

* changes for detectExecuteScan

* self generated code added

* fix syntax errors and update docu

* added unit tests for fail and Group

* fix failOn bug

* add Groups as string array

* add Groups as string array

* tests and validation for groups, failOn

* Updated docs and added more tests

* documentation md files should not be changed

* Handle merge conflicts from PR 1845

* fix merge errors

* remove duplicate groups, merge error

* adding buildCode and buildTool as params

* switching build options

* building maven modules

* parameter correction

* parameter correction

* gnerate with new build parameter

* adding comments

* removing piper lib master and modifying goUtils to download 1.5.7 release

* first cleaning then installing

* multi module maven built

* multi module maven built removing unwanted code

* multi module maven built moving inside switch

* testing

* modifying the default use case to also call maven build

* modifying the default use case to also call maven build wih --

* corrected maven build command

* corrected maven build command with %v

* skipping test runs

* testing for MTA project with single pom

* adding absolute path to m2 path

* clean up

* adding switch for mta and maven and removing env from containers

* commiting changes for new detect step

* correting log message

* code clean up

* unit tests changes to detectExecute

* basic tests for new change

* restoring piperGoUtils to download correct piper binary

* code clean up

* code clean up

* protecodeExecuteScan :: fixing file upload for binaries

* protecodeExecuteScan :: fixing protecode generate file

* Fix upload test

* protecodeExecuteScan -> fixing tests

Co-authored-by: D072410 <giridhar.shenoy@sap.com>
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-10-21 10:03:42 +02:00
Sven Merk
f655033442
Add retry capability on sporadic WhiteSource error 3000 (#3183)
* fix backslash mess

* Added retry on error 3000

* Fix fmt

* Fix check on error message
2021-10-21 09:37:41 +02:00
Anil Keshav
b1b19dcace
feat (FileUtils) support for untar in fileutils (#3154)
* support for untar in fileutils

* handeling strip component level like tar cli

Co-authored-by: Your Name <you@example.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2021-10-20 14:10:39 +02:00
Oliver Nocon
db6b465ff1
chore(doc): conditionally mandatory parameters (#3172)
enhance documentation generation to properly reflect
parameters which are conditionally mandatory.
2021-10-12 12:49:38 +02:00
Oliver Nocon
ba694b6737
fix(doc) proper tab creation for step docs (#3169) 2021-10-11 16:51:54 +02:00
Oliver Nocon
60a114d738
chore(docs): improve step documentation (#3162)
* chore(docs): improve step documentation

* chore: fix test

* chore: add note box

* use latest mkdocs imgage

* add extensions and fix config
2021-10-11 15:22:24 +02:00
Pavel Busko
8a6c0b907f
use jarcoal/httpmock for http calls instead of mock server (#3165)
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
2021-10-11 11:33:51 +02:00
Pavel Busko
372cef04b4
feat(cnbBuild): added support for project.toml (#3163)
Co-authored-by: Sumit Kulhadia <sumit.kulhadia@sap.com>
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
2021-10-11 11:10:21 +02:00
Johannes Dillmann
6f13d6078d
Update whitesource go module settings (#3135) 2021-10-06 12:36:05 +02:00
Pavel Busko
2fb2843a2a
fix(generator): use quote template function instead of direct quotes (#3146) 2021-10-05 00:24:26 +02:00
Philipp Stehle
eae9912d50
docs(cnbBuild): replace dead link with own description for dockerConfigJsonCredentialsId (#3137)
* docs(cnbBuild): replace dead link with own description for dockerConfigJsonCredentialsId

* fix: generator does not properly quote descriptions
2021-10-01 14:24:59 +02:00
Johannes Dillmann
4f23507bb7
Support custom tls certs in cnbBuild (#3103)
Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
2021-10-01 13:48:24 +02:00
Pavel Busko
ae8ec77f98
fix(cnbBuild): put all custom buildpacks under single order entry (#3141) 2021-10-01 13:30:06 +02:00
Siarhei Pazdniakou
46bafc40a3
Improve validation of configuration (#3125)
* Implemented validation for the option possibleValues

* Has been added the option mandatoryIf to config with validation

* Fixed issues found during code review

* improved golang template

* Fixed tests. Added validation for mandatoryIf option

* Fix typo

* Fixed tests

* Validation was refactored. Added options

* Added default value for parameters with possibleValues option

* Validation was moved after the configuration resolution

* Canceled some default values

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-10-01 12:49:05 +02:00
Pavel Busko
4f5efc88d7
cnbBuild: use DockerCredentials secret during custom buildpacks download (#3138) 2021-10-01 10:05:15 +02:00
Pavel Busko
87162284e7
cnbBuild: buildEnvVars argument for setting custom build env vars (#3136) 2021-09-29 18:21:13 +02:00
Christopher Fenner
4525c1daa4
fix: use orchestrator specific stage name (#3127)
* extend orchestator to provide stage name

* use orchestrator specific stage name

* fix test case

* remove comment

* fix test case

* prettify

* change something..

* do not exit

* Update pkg/orchestrator/azureDevOps.go

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-09-29 08:31:45 +02:00
Anil Keshav
0978f1492a
(feat) mtaBuild publish mtar artifacts to remote remote repo (#3104)
* mta build config

* http request to upload mtar

* adding basic auth

* using put

* test file name

* hard coding the mta org and artifact is

* new version

* new version

* mtar group

* errors

* better error message

* log info

* log info

* correct mtar artifact name

* adding teh correct name

* test

* name changes

* clean up

* changing mtarVersion to version

* changing artifact name

* forcing release build

* forcing release build

* force profile

* force profile

* force profile

* force profile

* force profile

* force profile

* force profile

* force profile update

* force profile update

* profile update

* debug

* debug

* debug

* debug

* rewrite xml update

* rewrite xml update

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* unmarshal solution

* outputin publish repo url

* removing fetch coordinates condition

* checking settings xml

* fixing artifact id cpe

* release artifact, package and group to cpe

* including versioning type as a cpe

* creating new settings xml file

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* creating parent folder

* changing to project settings

* function name change

* using glbl settings xml

* modiying the npm settings

* modiying the npm settings

* modiying the npm settings

* modiying the npm settings

* using file path join for m2 settings file

* generator

* unit tests

* hardening error message

* removing versioningType

* removing versioningType

* new vault profile paths

* error message improvement

* unit test fixes

Co-authored-by: Your Name <you@example.com>
2021-09-23 15:33:30 +02:00
Daniel Mieg
e9b3e79f3a
Change loglevel to debug (#3107) 2021-09-23 10:05:44 +02:00
Eugene Kortelyov
56be54c504
Feature/vault refactoring (#3113)
* refactor vault code

* adjust generator

* wip: fix tests

* regenerate influxdb

* fix test

* add another test

* fix test & docs

* fix formatting

* Minorupdate and fixes

Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-09-21 13:06:32 +02:00
Sven Merk
86e8125279
feat(checkmarxExecuteScan): Improve cx report (#2991)
* Improve checkmarx report

* Fix test and fmt

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-09-15 09:45:56 +02:00
Pavel Busko
cba94dcb35
Cnb build custom buildpacks (#3090)
* [WIP] cnbBuild custom buildpacks draft

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Store custom buildpacks in the dedicated tmp folder

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* added test

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* updated documentation

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

* use Files for toml files cleanup

Co-authored-by: Pavel Busko <pavel.busko@sap.com>

* Add missing function to the FileUtils interface

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
2021-09-14 16:14:50 +02:00
Umidjon Urunov
3d341b4b24
protecodeExecuteScan -> adding replace binary option (#2778)
* protecodeExecuteScan -> [draft-1] adding replace binary option

* protecodeExecuteScan -> replace binary option extension

* protecodeExecuteStep :: fixing generete & format checks

* protecodeExecuteStep :: fixing TestUploadScanFileSuccess & clean up debug printings

* Update protecodeExecuteScan_test.go

* protecodeExecuteScan :: removing duplicate test cases

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-09-13 11:13:48 +02:00
larsbrueckner
ab396ce6f3
toolrecord: fix web ui URLs for whitesource, close #6 (#3096) 2021-09-10 13:20:54 +02:00
larsbrueckner
45cb97c8d9
pkg/toolrecord: log json marshalling errors; fix issues in whitesource and blackduck (#3049)
* pkg/toolrecord: log json marshalling errors

* toolrecord package: add internal check to ensure that generated files
are not empty

* cmd/whitesourceExecuteScan.go : rework createToolRecordWhitesource to
include all scanned projects

* pkg/toolrecord: new helper function to override default display values

* cmd/whitesourceExecuteScan: improve toolrecord file

* cmd/detectExecuteScan.go fix toolrecord file creation #3

* pkg/toolrecord: log json marshalling errors

* toolrecord package: add internal check to ensure that generated files
are not empty

* cmd/whitesourceExecuteScan.go : rework createToolRecordWhitesource to
include all scanned projects

* pkg/toolrecord: new helper function to override default display values

* cmd/whitesourceExecuteScan: improve toolrecord file

* fix merge conflict
2021-09-09 10:50:33 +02:00
Siarhei Pazdniakou
d8d533b154
ADO - Vault Secret Rotation (#3084)
* Implemented vault secret rotation for ADO

* Added tests

* Fixed issues
2021-09-08 16:48:12 +02:00
Giridhar Shenoy
b92e7f699c
detectExecuteScan : Policy reports in HTML, JSON and for cumulus (#3057)
* add policy status reports

* add policy status and cumulus json

* update projectver link + test

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-09-07 17:17:03 +02:00
Sven Merk
89124801c6
fortifyExecuteScan: Fix overall report status (#3081)
* fortifyExecuteScan: Fix overall report status

* Update reporting.go
2021-09-01 14:07:12 +02:00
ffeldmann
380f1fbfec
Adds retry for whitesource download in case of 404 not found (#3063)
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-08-19 14:49:24 +02:00
Anil Keshav
d29ba346f2
[feat] https communication enhancement : Eliminate skip tls skip verify in the piper http client (#3062)
* modify wrapper http to hold ca rot

* modifying the http client for maven build

* adding checks

* eliminating seperate jks

* test tls true

* insecure flag remove

* error debug

* storing cert

* sap root cert

* error

* only child cert

* test

* maven test

* moving outside loop

* changing pointer

* dont download existing certs

* typo fix

* removing mavenBuild test

* code clean up

* making hadolint using always cert true

* custom tls link for hadolint trust

* error handel

* extended condition for modifying custom tls

* unit test case

* checing when to add the customLinks

* not breaking existing hadolint client config

Co-authored-by: Your Name <you@example.com>
2021-08-19 11:29:33 +02:00
Oliver Nocon
37cea1b998
chore(docker): do not swallow error (#3056) 2021-08-17 15:52:18 +02:00
Oliver Nocon
5096b3bfe1
fix(checkIfStepActive): respect explicit (de-)activation (#3055) 2021-08-17 11:20:04 +02:00
Mayur Belur Mohan
2d412d9f3c
IntegrationArtifactResource Command (#3027)
* IntegrationArtifactResource Command

* Remove unused code

* Formatting fix

* formatting fix

* formatting fix

* formatting fix

* formatting fix

* CodeReview Fixes

* Code Review Fix

* Code Review Fixes

* Code Review Fixes

* Format fix

* format fix

* format fix

* format fix

* Code Review Fix

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2021-08-12 09:11:02 +02:00
Oliver Nocon
97b84429f1
feat(Vault): custom prefix for test credentials (#3043)
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-11 16:20:08 +02:00
Anil Keshav
c66c868d7c
remove schema parameter from cycloneDX for npm build (#3038)
Co-authored-by: Your Name <you@example.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-08-10 16:22:13 +02:00
Daniel Mieg
9c76b89fb8
Add telemetry for abapEnvironment steps (#3016)
* Remove explicit telemetry from signature

* Set log level

* ATC set error category
2021-08-04 17:31:16 +02:00
Oliver Nocon
f308fbfc0d
feat(getConfig) allow reading stage configuration (#3026)
* feat(getConfig) allow reading stage configuration

* update test

* use fix version of Selenium Image for Karma tests
2021-08-04 10:09:02 +02:00
Mayur Belur Mohan
c283b9319d
IntegrationArtifactUnDeploy Command (#3018)
* IntegrationArtifactUnDeploy Command

* formatting fix

* Code Review Fixex

* Code Review Fixes

* remove unused code

* Formating fixes

* formatting fixes

* formatting fix

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2021-08-02 16:27:16 +02:00
Oliver Nocon
6f32b437be
fix(dockerOptions) allow proper usage of empty values (#3025)
This follows up on #3024
Setting emptyValue to s.th. like `--entrypoint=''` will break in case the argument is properly escaped.

Docker will return with
`container process caused: exec: "''": executable file not found in $PATH`
2021-08-02 14:57:37 +02:00
Giridhar Shenoy
4aa59dbdcb
Move BlackDuck API helper to OS version (#3008)
* feat(detectExecuteScan): generate ip result json

json will currently only be created in success cases.

No information about policy violation details available in the step yet.

* update report name

* Update cmd/detectExecuteScan.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan_test.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan_test.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* move blackduck api package

* fix broken unit test

* added tests for new api calls

Co-authored-by: OliverNocon <oliver.nocon@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-08-02 11:18:58 +02:00
Oliver Nocon
f455a8a4a0
fix(dockerOptions) properly pass empty values (#3024)
it is possible to overwrite the entrypoint for docker execution:
https://docs.docker.com/engine/reference/run/#entrypoint-default-command-to-execute-at-runtime

This is ideally done by passing `entrypoint=''` and not pass two options to the call.
This also helps with escaping issues of the empty value on other systems.

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-02 10:21:14 +02:00
Martin Zuber
aa50cfb78d
Improve determining PR key in Azure DevOps provider. (#3007) 2021-08-02 10:08:33 +02:00
Mayur Belur Mohan
2f2fd84193
GetIntegrationArtifactMPLError function (#3000)
* GetIntegrationArtifactMPLError function

* formating fixes

* formating fixes

* formatting fixes

* formatting fixes

* Formatting fixes

* formatting fixes

* Code Review Fixes

* Code Review Fixes

* Code Review Fixes

* Code Review Fixes
2021-07-28 12:00:41 +02:00
Oliver Feldmann
7259ccc726
Remove version from deploy step (#2978) 2021-07-27 09:51:56 +02:00
Siarhei Pazdniakou
7a325e6fc8
Convert step/stage condition logic to golang (#2993)
* Added checkIfStepActive step

* Implemented npmScripts condition. Code was refactored

* Added some unit tests

* Fixed go modules

* Fixed go modules

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-07-26 07:47:43 +02:00
ffeldmann
39858cde2b
fix(splunkHook): Adds check if responseBody is nil (#3002)
* Improved logging of splunk connectivity errors

* Splunk logging

* Moved error logging message

* Bugfix for response body

* Moves response body check, logging of connectivity errors

* Reformatting

* Adds check if response body is nil
2021-07-23 16:02:27 +02:00
larsbrueckner
dbbbe1f0b3
Updates to toolrecord framework (#2986)
* Toolrecord framework -
provide a common entry point for post processing code scan results

Changes to be committed:
	new file:   pkg/toolrecord/REAMDE_toolrecord.md
	new file:   pkg/toolrecord/toolrecord_main.go
	new file:   pkg/toolrecord/toolrecord_test.go

* Add toolrecord file to Checkmarx results
modified:   cmd/checkmarxExecuteScan.go

* Add toolrecord file to Fortify results
	modified:   cmd/fortifyExecuteScan.go

* Add toolrecord file to Whitesource results
modified:   cmd/whitesourceExecuteScan.go

* unset umask (#2927)

* (feat) adds error logging output for downloading reports from whitesource (#2928)

* Add toolrecord file to Protecode results

* address code climate findings (1/2)

* address codeclimate findings (2/2)

* add comments to all methods

* Toolrecord library:
- move all toolrun files into a subdirectory
- fix timestamp generation in filenames

* add protecode group's URL to toolrecord data

* fix syntax error from previous commit in cmd/protecodeExecuteScan.go

* toolrecord: fix projectVersionID and generated URLs in fortifyExecuteScan.go

* cmd/fortifyExecuteScan.go: replace a hard-coded servername with
config.ServerURL

* update description

* add toolrecord file to detectExecuteScan

* toolrecord/whitesource: add project names as context

Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-07-23 08:48:48 +02:00
Anil Keshav
3c41788405
fix(mavenBuild) looses trust to existing java cacerts (#2977)
* using default java truststore

* default java keytore

* remove trust store

* working directory

* change dir java_home

* env variable

* trying to find jre home

* changing directory to jre home and java home

* trying java jre

* remving $

* trying to search the cacerts

* copying existing cacerts

* removing change directory

* searching for secrutiy folder only

* searching cacerts

* new path for cacert

* path to ca-cert

* new trust store

* changing cacert location

* only adding maven_opts env variable once

* log message

* ca cert path from user

* handelling interface modification

* enhance logs and code clean up

* code clean up

Co-authored-by: Your Name <you@example.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-07-22 11:06:46 +02:00
Mayur Belur Mohan
a763112fe6
integrationArtifactUpload Fixes (#2987)
* integrationArtifactUpload Fixes

* format fixes

* Doc fixes

* Fix unit tests

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2021-07-16 16:09:55 +02:00
Sven Merk
ee6d46a77c
fix(protecodeExecuteScan): Fix typo in report name (#2982)
* Fix exclude and enhance docs

* Fix test

* Fix test

* Add reporting to checkmarx step

* Improve text

* Add protecode report

* Fix fmt

* Add error handling

* Fix report name
2021-07-16 09:08:28 +02:00
Christopher Fenner
f78777f784
feat(npm): allow to publish artifact to registry (#2871)
* add new paraeters

* update generated sources

* run npm publish

* add repositoryUrl parameter

* handle registry credentials

* rename parameter

* handle base64encoding

* remove vault reference

* make username secret

* add publish method

* use publish method

* use dedicated registry

* use dry run

* fix

* prepend path

* fix workdir

* move code to npm package

* do changes

* update dependencies

* correct property init

* remomve dry-run

* regenerate

* add mock

* add logging

* add debug log

* dry-run

* remove try run

* remove append

* add debug outut

* change

* add debug output

* changes

* cleanup

* use different auth property

* add credential utils

* add debug log outputs

* remove auth handling & reuse writeFile

* rename

* fix debug output

* remove comments

* update comment

* rename function

* update docs

* update generated files

* handle npm ignore

* remove commented code

* add debug output
2021-07-15 14:46:04 +02:00
ffeldmann
4922a75ac1
Improves error logging for Splunk hook (#2966)
* Improved logging of splunk connectivity errors

* Splunk logging

* Moved error logging message

* Bugfix for response body

* Moves response body check, logging of connectivity errors

* Reformatting
2021-07-14 08:48:48 +02:00
ffeldmann
e9d8175c9b
Adds retry mechanism for whitesource in case the download of the unified agent or JRE fails (#2961) 2021-07-13 20:36:36 +02:00
Sven Merk
3e7595920f
feat(protecodeExecuteScan): Add protecode report (#2981)
* Fix exclude and enhance docs

* Fix test

* Fix test

* Add reporting to checkmarx step

* Improve text

* Add protecode report

* Fix fmt

* Add error handling
2021-07-12 12:20:25 +02:00
Sven Merk
9571fd28f4
feat(checkmarxExecuteScan): Reporting for pipeline optimization (#2976)
* Fix exclude and enhance docs

* Fix test

* Fix test

* Add reporting to checkmarx step

* Improve text
2021-07-09 10:19:42 +02:00
Oliver Nocon
805a8fd88f
feat(config): read config/defaults with authentication (#2975)
* feat(config):read config/defaults with authentication

This change allows to use defaults and config files from a protected GitHub repository.

The options `--customConfig` and `--defaultConfig` already allowed to provide a link to an uprotected file.

Now, by passing a value in the form `<hostname>:<token>` to parameter `gitHubTokens` (this parameter can be passed multiple times) a token can be provided for dedicated hosts.

This makes it possible to use a link like
`https://api.github.com/repos/SAP/jenkins-library/contents/resources/my-defaults.yml?ref=master`
as reference to a default file or similarly as reference to a configuration file.

* update generation to allow protected config/defaults

* fix CodeClimate issues

* update missing generations
2021-07-08 15:26:07 +02:00
Roland Stengel
e2fa05587d
RFC Upload GO (#2903)
* RFC Upload GO
- yaml review
- add cpe
- harmonize with solman
2021-07-01 13:11:21 +02:00
Siarhei Pazdniakou
54f2a0d471
Added go-based influxWriteData step (#2890)
* Added go-based influxWriteData step

* Wrote tests & fixed issues

* Fixed issues

* Created go-based step tests. Fixed issues

* Fixed issues

* Integration test was added

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-30 11:18:49 +02:00
Thorsten Duda
7910df0e8c
new step integrationArtifactTriggerIntegrationTest (#2951)
* new step integrationArtifactTriggerIntegrationTest

* add new step into allow list

* add the new step to main command

* refer cpe

* remove unused unit tests

* Check methods and URLs of http request

* Add TriggerIntegration to mockingutils

* Format code

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Linda Siebert <linda.siebert@sap.com>
2021-06-29 14:50:19 +02:00
Linda Siebert
78a29d782b
CPI - Introduce service key (#2901)
* Switch to service key for CPI GetMplStatus

Introduces read method for service key files, mock utils and tests.

* Use secret text instead of file

* Change serviceKey definition

* Update cpiUpload to use Service Key

retrieved the host and uaa information from service key

* Update cpiDeploy to use service key

retrieved the host and uaa information from service key

* Update cpiServiceEndpoint to use Service Key

retrieved the host and uaa information from service key

* Update cpiDownload to use Service Key

retrieved the host and uaa information from service key

* Update cpiUpdateConfig to use Service Key

retrieved the host and uaa information from service key

* Refactor serviceKey var name

* Fixed references to service key to follow the real format

they should be accessed through oauth instead of uaa because of the format of the json

* Rename ServiceKey to APIServiceKey

To support having a different service key(and for readability), we need to change the name to API.

* Add STAGES and STEPS yaml

add in to each yaml file of cpi integration

* Revert "Add STAGES and STEPS yaml"

This reverts commit aa2665d158.

* Change comments/formatting commonUtils

Make comments more understandable and follow code climate suggestions

* Change documentation files for steps

remove OAuth and host and change credentials to be servicekey

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Thorsten Duda <thorsten.duda@sap.com>
2021-06-28 10:50:33 +02:00
Marc Bormeth
b5357f9437
feat: Add environment information to orchestrator package (#2942)
* Fix Orchestrator detection

* Add unit tests

* Add environment info to orchestrator package
2021-06-25 10:50:56 +02:00
Kevin Stiehl
a48b8afc31
fix(commonPipelineEnvironment): keep json numbers untouched (#2908)
* keep numbers untouched

* rebase master
2021-06-23 20:20:43 +02:00
larsbrueckner
61fe88e199
Add "toolrecord" files to Fortify, Checkmarx, Protecode and Whitesource results (#2929)
* Toolrecord framework -
provide a common entry point for post processing code scan results

Changes to be committed:
	new file:   pkg/toolrecord/REAMDE_toolrecord.md
	new file:   pkg/toolrecord/toolrecord_main.go
	new file:   pkg/toolrecord/toolrecord_test.go

* Add toolrecord file to Checkmarx results
modified:   cmd/checkmarxExecuteScan.go

* Add toolrecord file to Fortify results
	modified:   cmd/fortifyExecuteScan.go

* Add toolrecord file to Whitesource results
modified:   cmd/whitesourceExecuteScan.go

* unset umask (#2927)

* (feat) adds error logging output for downloading reports from whitesource (#2928)

* Add toolrecord file to Protecode results

* address code climate findings (1/2)

* address codeclimate findings (2/2)

* add comments to all methods

Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: ffeldmann <felix@bnbit.de>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-23 15:05:00 +02:00
Sven Merk
ab9e154d10
Replace io.Copy (#2934)
* Replace io.Copy

* Test coverage

* Improve test

* Fix fmt

* Improve error handling in test

* Fix code

* Improve test error log

* Fix fmt

* Fix unix file handles

* Fix error message

* Resolve code climate issue
2021-06-23 14:41:52 +02:00
ffeldmann
6671afb909
(feat) adds error logging output for downloading reports from whitesource (#2928) 2021-06-21 13:36:08 +02:00
Kevin Stiehl
792d435a7f
fix(commonPipelineEnvironment) file and directory permissions (#2924) 2021-06-18 09:56:31 +02:00
Kevin Stiehl
173e887064
[CPE] Missing pipeline environment in sonar docker container (#2909)
* execute writepipeline env in sonar

* non exisitng dir is no error

* add log message
2021-06-16 11:46:55 +02:00
Oliver Nocon
0b48bfcc73
feat: retrieve metadata by stepName - corrected (#2892)
* refactored getConfig to allow stepName param for metadata fetching

* extended step generator

* go generate

* Update cmd/getConfig.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update cmd/getConfig.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update cmd/getConfig.go

* update generated files

* update golden files to care for generator update

* update and add tests

* update generated files

* Update cmd/getConfig.go

* Update cmd/getConfig.go

* update/fix formatting

* feat: retrieve metadata by stepName - corrected

* update generation

* update condition logic for defaults

* update generation & tests

* support multiple conditions

* update generation

* Add generated

Co-authored-by: Leander Schulz <leander.schulz01@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Sven Merk <s.merk@sap.com>
2021-06-16 08:43:30 +02:00
Christopher Fenner
367ca6211a
refactor(protecode): simplify protecode calls (#2838)
* simplify protecode calls

* add todos

* reomve todo

* restore go.sum

* Update cmd/protecodeExecuteScan.go

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>

* Apply suggestions from code review

* remove productID

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-06-15 22:29:24 +02:00
Sven Merk
a43f46465a
feat(fortifyExecuteScan): HTML report for Fortify (#2879)
* Tune test

* Fix report implementation

* Fix tests

* Fix values

* Fix code and test

* Report writing fix

* Commit generated sources

* Update cmd/fortifyExecuteScan.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Externalize report generation

* Fix fmt

* Fix fmt 2

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-15 14:53:42 +02:00
Kevin Stiehl
d1c8abc6b3
refactor: move common pipeline environment handling to golang (#2823)
* make use of new read,writePipelineEnv Steps in groovy

* remove unused cat

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-15 14:34:56 +02:00
Sven Merk
7fa31ae9cc
feat(http): Resilience via retry on intermittent communication issues (#2877)
* feat(http): Resilience on connectivity issues

* Update whitesourceExecuteScan.go

* Update splunk_test.go

* Fix initialization

* Change http interaction

* Fix fmt and tests

* Final test fix
2021-06-15 11:13:24 +02:00
Marcus Holl
fe5ce61d9e
rfc upload (#2533)
* Add RFC upload command
2021-06-14 12:36:18 +02:00
Oliver Nocon
4250ca8bed
Revert "feat(getConfig): retrieve metadata by stepName (#2736)" (#2891)
This reverts commit ae4a24c594.
2021-06-14 10:57:44 +02:00
lndrschlz
ae4a24c594
feat(getConfig): retrieve metadata by stepName (#2736)
* refactored getConfig to allow stepName param for metadata fetching

* extended step generator

* go generate

* Update cmd/getConfig.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update cmd/getConfig.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update cmd/getConfig.go

* update generated files

* update golden files to care for generator update

* update and add tests

* update generated files

* Update cmd/getConfig.go

* Update cmd/getConfig.go

* update/fix formatting

Co-authored-by: Leander Schulz <leander.schulz01@sap.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: OliverNocon <oliver.nocon@sap.com>
2021-06-14 08:58:41 +02:00
Kevin Stiehl
6c7814e4d5
feat(cpm): Add read and write CPE Go step (#2888)
* add read write cpe go steps

* Update pkg/piperenv/CPEMap.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update pkg/piperenv/CPEMap.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update pkg/piperenv/environment.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* rename file

* add error handling

* add error handling

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-11 16:17:40 +02:00
Marc Bormeth
84c3cd399d
fix: orchestrator detection (#2886)
* Fix Orchestrator detection

* Add unit tests

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-10 23:47:38 +02:00
Marc Bormeth
911d4bc770
feat(sonar): make step orchestrator-agnostic (#2874)
* Make sonarExecuteScan orchestrator-agnostic

* Increase coverage + support empty or false env vars

* Use cleared env for unit tests

* Refactor to standalone package

* Fix review findings

* Fix review findings

* Fix unit test

* Add logging

* Refactor

* Add to codeowners 😎

* Apply suggestions from code review

* Remove unreachable code

* no message

* fix typos

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-06-09 09:38:52 +02:00
Christopher Fenner
824cd7d768
fix(jenkins): fix job invocation (#2868)
* update mock

* update signarture

* add test case

* use latest gojenkins

* add integration test

* update mock

* add todo

* add job wrapper

* add job mock

* add test cases

* refactor

* cleanup

* update integration test case
2021-06-02 16:45:22 +02:00
Anil Keshav
a830a35800
Extending mavenBuild step with an option to perform maven deploy with publish flag (#2833)
* modifying detect.maven.excluded.scopes from TEST to test

* new maven alt deployment flags

* changing flag names

* tlsCertificate addtion

* adding publish flags

* new flags

* publish flag

* enhance maven builds

* enhance maven builds

* creating new settings xml

* updating project settings

* changing interface for artifactPreparation that uses the same maven util niterface

* adding general scope to maven params

* global reference

* removing vault tmp

* debuging deployment user

* more debug

* maven build paras

* using smaller case

* adding incorrect error check

* adding deployment flags

* code refactor

* unit tests

* changing scope of paramter for tls certs

* new scope for tls

* remove trailing space in mavenBuild.yaml

* trailing space fix

* typo fix and jenkins secret

* including jenkins credentials for repo pass in the maven build groovy

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-06-01 09:24:36 +02:00
Christopher Fenner
e24b38da24
fix(jenkins): correct interface (#2862)
* update mock

* update signarture

* add test case
2021-05-31 08:54:04 +02:00
Christopher Fenner
62836a64e7
feat(http): expose standard client (#2860)
* expose standard client

* reset go.summ
2021-05-28 12:13:19 +02:00
Christopher Fenner
40c32598a4
feat(jenkins): update jenkins go dependency (#2848)
* update dependency

* use context

* regenerate mock

* decapitalize error messages

* use getBuildFromQueueID

* add comments about mockery

* update mocks

* update tests

* add context parameter

* pull up context

* update mocks

* update tests
2021-05-28 11:12:42 +02:00
ffeldmann
52c25a0dbb
feat(splunk): Adds head commitID of current build to commonPipelineEnvironment (#2844)
* Adds headCommitId, which stores the head commit has of the current build, includes tests and generated files

* Adds headCommitId, which stores the head commit has of the current build, includes tests and generated files

* Go fmt fix

* Fixes artifactoryPrepareVersion test

* Removes xMake CommitId
2021-05-20 13:11:57 +02:00
ravikumarsinghshankarsingh
cac7f2e904
"ignoreSourceFiles" parameter removed from general section and added … (#2814)
* "ignoreSourceFiles" parameter removed from general section and added to specific build tool section

* Update configHelper_test.go

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-05-19 14:57:49 +02:00
Sven Merk
ce06b82450
fix(protecodeExecuteScan): Handling of empty findings (#2818)
* Don't fail if components list is empty.  Resolves failures when scanning images from Crossplane.

* Update formatting with go fmt

* Update pkg/protecode/protecode.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Update pkg/protecode/protecode.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Fix change, make consistent

Co-authored-by: d.small@sap.com <d.small@sap.com>
Co-authored-by: dee0 <dsmallzero@gmail.com>
Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-05-17 13:38:17 +02:00
ffeldmann
b88ebdad6c
feat(splunk) Sending telemetry and logging information to Splunk (#2796)
* Adds inital splunk hook and logCollector

* Adds documentation of the Splunk hook

* Fixes markdown lint issues and removes comment from telemetry.go file

* Fixes markdown lint issues and adds missing generated file

* Markdown linting

* Changes documentation according to review, adds Splunk token automatically during init

* Adds error handling for marshalling hook config

* Markdown lint und correct Splunk token in httpclient

* Registeres Splunk token as secret and adjusts test cases

* Adds missing error handling and removes unnecessary comments

* Creates new function readPipelineEnvironment, adds tests

* Moves MonitoringData struct, edits defaults for json fields

* Adds gitRepository and gitOwner to telemetry information

* Simplifies readCommonPipelineEnvironment function, adds more descriptive errors, adds automated adding of Splunk prefix token

* Adjusts error handling

* Cleaner error logging
2021-05-17 12:14:04 +02:00
Christopher Fenner
3a14a91ae5
refactor(versioning): simplify versioning model method (#2825)
* rename artifactVersion to version

* simplify versioningModel
2021-05-14 09:35:31 +02:00
Oliver Nocon
4b666003c8
feat(reporting) update markdown reports (#2819) 2021-05-11 08:01:02 +02:00
Christopher Fenner
98fac0a455
chore(deprecation): change format of deprecation notice from config command (#2822)
* Update config.go

* Update config.go

* add library name

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-05-10 19:18:16 +02:00
Oliver Nocon
5899746767
chore: update error categories (#2827) 2021-05-10 17:44:28 +02:00
Siarhei Pazdniakou
0673d3fed6
Writing secrets to vault (#2770)
Co-authored-by: Kevin Stiehl <kevin.stiehl@numericas.de>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-05-06 10:27:23 +02:00
Christopher Fenner
2426486e7b
feat(sonar): add versioningModel and customScanVersion to sonar scan (#2787)
* add versioningModel parameter

* extract versioning model to own package

* move log message

* use versioning method

* add customScanVersion parameter

* use customScanVersion

* adjust docs on other steps

* update test case
2021-05-05 09:02:19 +02:00
pkrasnousov
e9464b2594
feat(whitesourcescan): add param workDir to whitesourcescan (#2791)
* Add dir to whitesource scan

* Add default for "dir" option

* Change param name to workDir

* Change param name WorkDir to ScanPath

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-05-03 10:53:16 +02:00
Mayur Belur Mohan
05973a8fcd
Help document fixes (#2793)
* byte code Fix

* Help Url Fixes

* Yaml Changes

* Error Message changes

Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
2021-04-30 09:43:25 +02:00