* feat(cnbBuild): support Vault general purpose secrets as a binding content source
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
* fix npm project integration test
Co-authored-by: Pavel Busko <pavel.busko@sap.com>
---------
Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
Co-authored-by: Sumit Kulhadia <sumit.kulhadia@sap.com>
* it test
* transfer credentials
* Change parameter type of nodeExtDescriptorMapping
* Extend test
* Fix unit test
* Remove usage of the depricated ioutil package
* Fix cmd failure if neither git/commitId nor customDescription are
provided
* Extend test
* Add TMS test to the job matrix
* Map env. variable
* Remove usage of the env. TMS_UPLOAD_IT_KEY
* remove os
* update test
* use os.Gerenv
* test fix
* Update integration-tests.yml
* env mapping in it pr workflow
* print tmsServiceKey
* read env with upper case
* Update integration-tests.yml
* Update integration-tests.yml
* Update integration-tests-pr.yml
* Delete cover.out
* Remove TMS service key from environment in integration test workflow job
* Extend integration tests
* Revert change parameter type of nodeExtDescriptorMapping
* Extend tests
* Extend tests
* Remove unused method
* Change default TR description
* Add check for custom description
* Remove personal data from MTARs
* Register client secret to log as secret
* Move RegisterSecret to earlier point in runtime
* RegisterSecret for encodedUsernameColonPassword
* Update integration/integration_tms_upload_test.go
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Use one test data directory
* Add a negative test
* fix config file name
---------
Co-authored-by: Oliver Feldmann <oliver.feldmann@sap.com>
* Increase docker image version
* Add --wait
* Test
* Adapt to new cf cli
* Parse both for cf cli v8 and v7
* Remove input
* Adapt to feedback
* Check for nil error
* fix(Fortify):simplify plain text .sarif and gzip the complete result
* fix(Fortify):no longer add snippet text to .sarif to reduce file size (still keep end/start lines)
* fix: formatting
* fixes change in protecode for cvss from float to string
* Fixes protecode json files with new string format for cvss
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
* Fix logic for engineConfigurationID
Use the project-level value if no value is defined in the piper config.
Remove the default value of 1 for engineConfigurationID.
* correct type cast for tomarkdown and title
* commenting kaniko create multi bom test case
* removing mocked file
Co-authored-by: anilkeshav27 <you@example.com>
* lower tls related log messages from info to debug level
* remove protcodeExecuteScan related warnings
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
* escape value in json
* delete old code
* replace complete parsing by json.Marshal
* delete old code and add header
Co-authored-by: rosemarieB <45030247+rosemarieB@users.noreply.github.com>
* changes to detectExec before master merge
* changes for detectExecuteScan
* self generated code added
* fix syntax errors and update docu
* added unit tests for fail and Group
* fix failOn bug
* add Groups as string array
* add Groups as string array
* tests and validation for groups, failOn
* Updated docs and added more tests
* documentation md files should not be changed
* Handle merge conflicts from PR 1845
* fix merge errors
* remove duplicate groups, merge error
* adding buildCode and buildTool as params
* switching build options
* building maven modules
* parameter correction
* parameter correction
* gnerate with new build parameter
* adding comments
* removing piper lib master and modifying goUtils to download 1.5.7 release
* first cleaning then installing
* multi module maven built
* multi module maven built removing unwanted code
* multi module maven built moving inside switch
* testing
* modifying the default use case to also call maven build
* modifying the default use case to also call maven build wih --
* corrected maven build command
* corrected maven build command with %v
* skipping test runs
* testing for MTA project with single pom
* adding absolute path to m2 path
* clean up
* adding switch for mta and maven and removing env from containers
* commiting changes for new detect step
* correting log message
* code clean up
* unit tests changes to detectExecute
* basic tests for new change
* restoring piperGoUtils to download correct piper binary
* code clean up
* code clean up
* protecodeExecuteScan -> Added authentication with user API key
* protecodeExecuteScan -> updating .yml file
* protecodeExecuteScan -> go generate fixed
* protecodeExecuteScan -> naming convention applied for UserAPIKey parameter
* protecodeExecuteScan -> extending groovy code for mapping jenkins credentials
Co-authored-by: D072410 <giridhar.shenoy@sap.com>
Co-authored-by: Keshav <anil.keshav@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Replace '+' to '_' in appVersion
* Add test
* Fix test
* Update test name
Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
* Initially generated tmsUpload<...> files
* First provisioning of parameters supported by tmsUpload step
* Refer to Go step from tmsUpload.groovy
* Initial client implementation
* Reverting line delimiters in tmsUpoad.groovy back to Unix ones
* Temporarily remove when-condition for Release stage
* Define useGoStep parameter in tmsUpload.groovy
* Unstash buildResult if useGoStep is true
* No unstashing and empty credentials, when using go step
* Register TmsUploadCommand in piper.go
* Cleanup groovy-related changes - they will be temporarily implemented in a different repo
* Make getting OAuth token success
* Look through the code and cleanup it a bit
* Read service key from Jenkins credentials store
* Provide initial set of unit tests for methods in /pkg/tms/tms.go file
* Minor improvements on logging response on http call error
* Check, if positive HTTP status code is as expected
* Cleanup tms.yaml file, provide additional unit test for tms.go
* Provide unit test for the case, when request body contains spaces
* Specify nodeExtDescriptorMapping parameter as of type map in tms.yaml
* Implement client method for getting nodes
* Write tests for GetNodes method
* Add GetMtaExtDescriptor client method and cover it with unit tests
* Provide first implementation for Update- and UploadMtaExtDescriptor
client methods
* Provide first implementation for Update- and UploadMtaExtDescriptor
client methods
* Provide UploadFile and UploadFileToNode client methods
* Provide tests for Update- and UploadMtaExtDescriptor client methods
* Write tests for FileUpload and FileUploadToNode client methods
* Minor corrections
* Remove some TODO comments
* Rename some of response structures
* Revert change for line delimiters in cmd/piper.go
* Add uploadType string parameter to UploadFile and UploadRequest methods
of uploader mock to reflect the changed Uploader implementation
* Start to implement execution logic in tmsUpload.go
* Changes in tms.yaml file
- remove resources from inputs in tms.yaml and implement mtaPath
parameter settings in the yaml file the same way, as it is done in
cloudFoundryDeploy.yaml
- rename tms.yaml to tmsUpload.yaml, since some generation policy
changed meanwhile
* Rename tms.yaml to tmsUpload.yaml and do go generate
* Use provided proxy on communication with UAA and TMS
* Set proxy even before getting OAuth token
* Further implementation of tmsUpload.go
* Continuation on implementing the tmsUpload.go executor
* Get mtarFilePath and git commitId from commonPipelineEnvironment, if
they are missing in configuration file + minor changes
* Implement a happy path test for tmsUpload logic
* Cover with unit tests main happy and error paths of tmsUpload.go logic
* Extend set of unit tests for tmsUpload.go
* Eliminate some TODOs, extend unit tests for tmsUpload.go
* Delete some TODOs
* Remove a couple of more TODOs from tms_test.go file
* Provide additional unit test for error due unexpected positive http
status code on upload
* Revert back line delimiters in cmd/piper.go
* Comment out file uploading calls in tmsUpload.go
* Run go generate to update generated files
* Convert line delimiters in tmsUpload.yaml to Unix ones, as well as
provide new line character in the end of the file, plus minor fix for
logging in tmsUpload.go file (pipeline complained)
* Correct description of a parameter in tmsUpload.yaml, extend unit tests
to check for trimming a slash in the end of TMS url for client methods
that do upload
* [minor] Add a comment in the test code
* Add stashContent parameter to do unstashing in tmsUpload.groovy, remove
some of the clarified TODOs
* Uncomment uploading file calls in tmsUpload.go, declare buildResult
stash in tmsUpload.yaml
* Remove clarified TODOs from the tmsUpload.go file
* Run go fmt for jenkins-library/pkg/tms
* Do not get explicitly values from common pipeline environment - all
configurations are provided in yaml file
* Remove unused struct from tmsUpload_test.go
* Run go fmt jenkins-library\pkg\tms
* Revise descriptions of parameters provided in tmsUpload.yaml file
* Specify STAGES scope for tmsUpload parameters
* Provide STAGES scope for the tmsUpload parameters, provide default value
for stashContent parameter
* Remove trailing space from tmsUpload.yaml
* Provide unit tests for proxy-related changes in http.go file
* Improve proxy implementation in tmsUpload.go file
* Make tmsServiceKey again a mandatory parameter
* Run go generate command to make the generated files correspond the yaml
state
* Change line delimiters back to Unix ones (were switched while resolving
the conflicts)
* Remove trailing spaces from tmsUpload.yaml
* Minor change in a comment to trigger pipelines with commit
* Improve checks for zero-structs and for empty maps, as well as use
different package to read files in the tests
* Revert line endings in http.go
* Revert comments formatting changes in files that do not belong to the tmsUpload step
with #3875 temp directory was created in current workspace.
This had negative side-effects: For example npm build packaged and published temporary files
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
* WIP: Adapt bom names
* + WIP: Adapt bom filenames
* Upgrade cyclonedx gradle plugin and use cyclonedxBom config parameters
* Fix unit tests - use correct name in bom creation
* Fix pythonBuild bom name
* introduce and use npmBomFilename const
* Introduce and use mvnBomFilename const
* Introduce and use gradleBomFilename const
* Use build-tool names for bom suffix
* + Adapt tests (build tool suffix)
* Use BOM schema version 1.2 in gradleExecuteBuild
* Pin version of cyclonedx-maven-plugin to 2.7.1
* Adapt generated files
* Fix integration tests
* Fix integration tests
* Fix gradle build integration tests
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* Cleanup of SBOM generation parameters
Adding `false` does not what is intended. If the parameters are added to the call, license texts and dev dependencies are included
* Fixed unit test
* fix(fortify): suppressed issues got "Unknown" category and state
* fix (fortify-sarif): classify findings into audit group
* fix(fortify-checkmarx-sarif): common properties bag for Fortify and Checkmarx (accepting the risk of empty value)
* fix (checkmarx-sarif): classify findings into audit group
* fix (sarif): formatting
* feat(cpe): provide go templating functions
* change type
* fix: type in test
* chore: add comment for exported function
* fix: ensure that custom returns string properly
* fix types and add tests
Co-authored-by: Anil Keshav <anil.keshav@sap.com>
* Update scanPolling.go
Changing maxWaitTime from 15 to 30 to overcome WhiteSource results reflection in the backend issue.
* Update configHelper.go
* Reset configHelper changes to fix PR 3284
Committer: raghunathd8
* ignoreSourceFiles to fileSystemScan
* Added ignoreSourceFiles param also
* minor adjustment
* minor adjustment again
* updated unit test
* tests fixed
* fmt-ed
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: raghunathd8 <root@docker-evaluation.openstack.eu-nl-1.cloud.sap>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: ffeldmann <f.feldmann@sap.com>
This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The
directory created by `t.TempDir` is automatically removed when the test
and all its subtests complete.
Prior to this commit, temporary directory created using `ioutil.TempDir`
needs to be removed manually by calling `os.RemoveAll`, which is omitted
in some tests. The error handling boilerplate e.g.
defer func() {
if err := os.RemoveAll(dir); err != nil {
t.Fatal(err)
}
}
is also tedious, but `t.TempDir` handles this for us nicely.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
* enable build without values
* add sap-client as option
* use function from /net/url to add parameters
Co-authored-by: tiloKo <70266685+tiloKo@users.noreply.github.com>
