jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Code Issues Releases Activity
4,480 Commits 353 Branches 458 Tags 1.5 GiB
eeea501bc6
Commit Graph

18 Commits

Author SHA1 Message Date
Vyacheslav Starostin
c467f002b1
Update whitesource risk-report pattern (#4166) 
* Update whitesource pattern

* Update filePattern

* go generate
 2023-01-05 18:37:03 +06:00
Sven Merk
a055b905f9
Fix cumulus uploads for WhiteSource and BlackDuck (#4128) 
* Refurbish upload to compliance store

* Fix BD IP json path
 2022-11-17 11:05:27 +01:00
Raghunath Deshpande
ad36fe5a30
Whitesource to Mend name change (only for step description docu and not step name) (#4114) 
* Whitesource to Mend name change

* name change from whitesource to mend
 2022-11-09 12:04:10 +01:00
Anil Keshav
f270aa4a17
including sarif files when running implicit report upload from the step itself (#4068) 
Co-authored-by: anilkeshav27 <you@example.com>
 2022-10-18 09:48:07 +02:00
Christopher Fenner
07eeb2f33e
feat: update node image for various steps to new LTS (#3913) 
* update node image for steps

* update defaults

* update generated sources

* update tests

Co-authored-by: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
 2022-09-26 18:40:55 +06:00
Sven Merk
b3f37650a2
SBOM creation for Mend (#3934) 
* Fix docs and format

* Assessment format added

* Added sample file

* Added parsing

* Added packageurl implementation

* Slight refinement

* Refactored assessment options

* Adapted sample file

* First attempt of ws sbom gen

* Reworked SBOM generation

* Fix test code

* Add assessment handling

* Update dependencies

* Added golden test

* Small fix

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2022-08-09 13:56:01 +02:00
Oliver Nocon
b7c0831b7f
feat: allow OSVM scans to succeed with vulnerabilities (#3889) 
For running open source vulnerability scans in de-coupled processes
it is helpful to allow that steps only create
compliance reports to inform users/teams
but not fail the pipeline.

This can now be achieved constitently with the flag:
`failOnSevereVulnerabilities`

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
 2022-07-12 11:43:24 +02:00
Oliver Nocon
20c5f0a63b
fix(optimization) use proper cpe reference (#3683) 2022-03-31 10:52:54 +02:00
Oliver Nocon
276844e6a2
fix(optimization): expose parameters to general section (#3680) 2022-03-30 12:20:51 +02:00
Christian Volk
22f6aa156f
feat(docker): use crane for pulling docker images (#3652) 2022-03-23 10:02:00 +01:00
Oliver Nocon
fed08c2399
fix(whitesourceExecuteScan): proper container options for golang (#3660) 2022-03-22 10:40:33 +01:00
Oliver Nocon
504f076613
feat: support cpe credentials for multiple repos (#3641) 2022-03-17 08:01:00 +01:00
Oliver Nocon
2c837927d4
chore(whitesourceExecuteScan): Gradle config changes (#3621) 
* chore(whitesourceExecuteScan): Gradle config changes

supersedes #3293
closes #3293

* update config

Co-authored-by: ffeldmann <f.feldmann@sap.com>
 2022-03-11 08:18:21 +01:00
Oliver Nocon
f9ad6dc048
fix(whitesourceExecuteScan): orgToken from Vault (#3614) 
supersedes #3168
 2022-03-08 08:59:12 +01:00
Sven Merk
a1988f6808
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535) 
* Add GH issue creation + SARIF

* Code cleanup

* Fix fmt, add debug

* Code enhancements

* Fix

* Added debug info

* Rework UA log scan

* Fix code

* read UA version

* Fix nil reference

* Extraction

* Credentials

* Issue creation

* Error handling

* Fix issue creation

* query escape

* Query escape 2

* Revert

* Test avoid update

* HTTP client

* Add support for custom TLS certs

* Fix code

* Fix code 2

* Fix code 3

* Disable cert check

* Fix auth

* Remove implicit trust

* Skip verification

* Fix

* Fix client

* Fix HTTP auth

* Fix trusted certs

* Trim version

* Code

* Add token

* Added token handling to client

* Fix token

* Cleanup

* Fix token

* Token rework

* Fix code

* Kick out oauth client

* Kick out oauth client

* Transport wrapping

* Token

* Simplification

* Refactor

* Variation

* Check

* Fix

* Debug

* Switch client

* Variation

* Debug

* Switch to cert check

* Add debug

* Parse self

* Cleanup

* Update resources/metadata/whitesourceExecuteScan.yaml

* Add debug

* Expose subjects

* Patch

* Debug

* Debug2

* Debug3

* Fix logging response body

* Cleanup

* Cleanup

* Fix request body logging

* Cleanup import

* Fix import cycle

* Cleanup

* Fix fmt

* Fix NopCloser reference

* Regenerate

* Reintroduce

* Fix test

* Fix tests

* Correction

* Fix error

* Code fix

* Fix tests

* Add tests

* Fix code climate issues

* Code climate

* Code climate again

* Code climate again

* Fix fmt

* Fix fmt 2

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2022-02-23 09:30:19 +01:00
Siarhei Pazdniakou
a059a41c68
feat(whitesourceExecuteScan): add gcs upload to the step (#3427) 
* Add gcs upload to whitesourceExecuteScan step

* go generate

* patterns were updated

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2022-02-21 09:51:52 +01:00
Sven Merk
ae9cb1e6f2
Fix alias definition for agentUrl (#3328) 
* Fix alias definition for agentUrl

* Update generated file
 2021-12-03 12:16:31 +01:00
Philipp Stehle
f9f0cbfd33
enforce that step metadata yaml file is called <step>.yaml (#3226) 
Co-authored-by: Philipp Stehle <philipp.stehle@sap.com>
 2021-11-15 14:20:20 +01:00