sap-jenkins-library

mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00

Author	SHA1	Message	Date
Kevin Stiehl	9ad0dec224	add access_token alias to all gh secrets (#2543 )	2021-01-27 12:58:47 +01:00
Oliver Nocon	59f32cf042	feature(vault) retrieve github token from Vault (#2484 )	2020-12-22 17:57:11 +01:00
lndrschlz	b9bab27833	feat: expose complete step metadata through generated function (#2329 ) * exposing step metadata through generator * add metadata_generated.go * fix step go test generation * metadata fields added to generated files * added generated files * removed image placeholder from fortify step * refactored step meta generation * go generate * fixed metadata generator and tests * added output resource fields/tags to metadata generator * fix string in metadata_generated * go generate * fixed generator * go generate Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2020-11-20 08:13:59 +01:00
shellmann	61c190bb2b	Install artifacts before Fortify scan (#2351 ) Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>	2020-11-16 10:29:21 +01:00
Stephan Aßmus	b070d2f4ed	fortifyExecuteScan: fix quoting of default values for "src" (#2297 ) Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2020-11-02 17:21:14 +01:00
Oliver Nocon	a8c154d275	Update Fortify Documentation (#2250 )	2020-10-27 16:55:31 +01:00
Kevin Stiehl	24aafb0b69	add vaultSecretFileReferences (#2203 ) * add vaultSecretFileReferences * fix test * fix test * go generate * remove code duplication Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>	2020-10-26 14:20:04 +01:00
Christopher Fenner	86af3efcfe	fix(influx): adjust influx field types for fortify (#2219 ) * adjust influx field types * fix test case * simplify type conversion	2020-10-22 11:40:42 +02:00
Kevin Stiehl	3eae0c5f68	feat(vault): fetch secrets from vault (#2032 ) * cloud-foundry & sonar from vault * add vault development hint * don't abort on vault errors * cloudfoundry make credentialsId only mandatory when vault is not configured * add vault ref to step ymls * rename vaultAddress to vaultServerUrl * rename PIPER_vaultRole* to PIPER_vaultAppRole* * add resourceRef for detect step * fix error when no namespace is set * added debug logs * added debug logs * fix vault resolving * add vaultCustomBasePath * rename vault_test.go to client_test.go * refactored vault logging * refactored config param lookup for vault * added tüddelchen * rename vaultCustomBasePath to vaultPath * fix tests * change lookup path for group secrets * fix interpolation tests * added vault resource ref to versioning * execute go generate * rename Approle to AppRole * change verbose back to false Co-authored-by: Leander Schulz <leander.schulz01@sap.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>	2020-10-13 14:14:47 +02:00
Christopher Fenner	be90876b7c	feat(output): handle non-string output values (#2113 ) * handle non-string values as JSON * change value type to interface in resources * regenerate code * add test cases * handle reading of json files * write json data to json files * fix assignment * use GetResourceParameter * add test case Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>	2020-10-05 15:33:28 +02:00
Oliver Nocon	19c1732826	Telemetry: report error category (#2085 )	2020-09-29 13:49:40 +02:00
Sven Merk	c72020b7a5	fortifyExecuteScan: Clean and improve parameters (#2050 ) * Fix PR feature * Fix Fortify parameters * Update resources/metadata/fortify.yaml * Update resources/metadata/fortify.yaml * Update resources/metadata/fortify.yaml * Update resources/metadata/fortify.yaml * Update resources/metadata/fortify.yaml * Update resources/metadata/fortify.yaml * Update descriptions Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> Co-authored-by: OliverNocon <oliver.nocon@sap.com>	2020-09-22 17:39:40 +02:00
Sven Merk	612d3a645b	Support verify only mode for SAST tools (#2018 ) * Support verify only mode for SAST * Include feedback * Add tests * Fix imports	2020-09-18 08:19:34 +02:00
Kevin Stiehl	d589038206	Vault AppRole login (#1971 ) * added interpolation package in config * vault allow paths to hold config references * allow referencing properties in vaultPaths * fix small typo * add approleAuth * register resolved secrets to logger * generate steps * clean up * add integration test * add vault to context filter * reduce Cognitive Complexity & added tests * Update pkg/config/stepmeta_test.go Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com> * go generate * go generate after merge * rename VaultAppRole* to VaultRole* Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>	2020-09-16 14:50:09 +02:00
Christopher Fenner	8007e4af51	docs: link credentialIDs to parameter (#1961 )	2020-08-28 15:38:15 +02:00
Stephan Aßmus	9009c831fb	Declare non-optional server URLs mandatory (#1866 ) * Declare non-optional server URLs mandatory	2020-07-30 09:13:46 +02:00
Oliver Nocon	d8553ab53d	detectExecuteScan: update versioning (#1845 ) * detectExecuteScan: update versioning align with Fortify to also use the same versioning model by default. * fix CodeClimate findings	2020-07-27 12:01:59 +02:00
Oliver Nocon	eafe383d54	Add error category parsing to cmd execution (#1703 ) * Add error category parsing to cmd execution It is now possible to define `ErrorCategoryMapping` as a `map[string][]string` on a `Command`. The format contains the category as key which has a list of error patterns assigned. Example: ``` cmd := Command{ ErrorCategoryMapping: map[string][]string "build": {"build failed"}, "compliance": {"vulnerabilities found", "outdated components found"}, "test": {"some tests failed"}, }, } ``` Setting this map triggers console log parsing when executing a command. If a match is found the error category is stored and it will automatically be added to the `errorDetails.json`. * clean up go.mod * fix test * fix test * Update DEVELOPMENT.md * fix tests * address long console content without line breaks * scan condition update * fix test * add missing comment for exported function * Update pkg/command/command.go Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>	2020-06-24 10:04:05 +02:00
Christopher Fenner	c42553593e	fix: remove unused variables from generated step coding (#1698 ) * remove unused parameters from generated code * update steps * update steps * correct golden files Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>	2020-06-23 18:05:21 +02:00
Daniel Kurzynski	743fca43e1	Remove projectVersion from fortify documentation (#1628 ) Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>	2020-06-17 17:47:59 +02:00
Daniel Kurzynski	cf9a41850e	Needed CLI separator for Fortify tools depends on platform (#1616 ) * Update fortify.yaml * src, exclude and pythonAdditionalPaths are now lists of strings * Re-implement pythonIncludes and pythonExcludes as aliases of src and exclude * Fix using the correct separator (; on windows, : on everything else) * Tokenize also python "includes" * mvnCustomArgs was removed Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>	2020-06-02 13:47:07 +02:00
Stephan Aßmus	a24a7aad23	Fortify: Using mvn to auto-resolve classpath needs additional params (#1607 ) * also reduce code duplication in token fetching * concatenate classpaths from multi-maven projects Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>	2020-05-29 15:42:35 +02:00
Florian Wilhelm	0857c9a3c6	Allow custom options for src, exclude in fortify translate (#1592 ) Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com> Co-authored-by: Kevin Hudemann <kevin.hudemann@sap.com> Co-authored-by: Daniel Kurzynski <daniel.kurzynski@sap.com>	2020-05-27 11:45:01 +02:00
Sven Merk	af2a01c064	Fortify implementation in golang (#1428 )	2020-05-25 19:48:59 +02:00

24 Commits