jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Code Issues Releases Activity
4,079 Commits 353 Branches 458 Tags 1.5 GiB
eef6c028aa
Commit Graph

20 Commits

Author SHA1 Message Date
Sven Merk
c30e93bc6a
feat(detectExecuteScan): SARIF export and GH issue creation (#3637) 
* Added SARIF and GH issue creation
 2022-03-17 15:32:48 +01:00
Christian Volk
421168a169
fix(whitesourceExecuteScan): docker image download if dockerConfigJSON is set in vault (#3591) 
Co-authored-by: ffeldmann <f.feldmann@sap.com>
 2022-02-28 13:57:23 +01:00
Sven Merk
a1988f6808
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535) 
* Add GH issue creation + SARIF

* Code cleanup

* Fix fmt, add debug

* Code enhancements

* Fix

* Added debug info

* Rework UA log scan

* Fix code

* read UA version

* Fix nil reference

* Extraction

* Credentials

* Issue creation

* Error handling

* Fix issue creation

* query escape

* Query escape 2

* Revert

* Test avoid update

* HTTP client

* Add support for custom TLS certs

* Fix code

* Fix code 2

* Fix code 3

* Disable cert check

* Fix auth

* Remove implicit trust

* Skip verification

* Fix

* Fix client

* Fix HTTP auth

* Fix trusted certs

* Trim version

* Code

* Add token

* Added token handling to client

* Fix token

* Cleanup

* Fix token

* Token rework

* Fix code

* Kick out oauth client

* Kick out oauth client

* Transport wrapping

* Token

* Simplification

* Refactor

* Variation

* Check

* Fix

* Debug

* Switch client

* Variation

* Debug

* Switch to cert check

* Add debug

* Parse self

* Cleanup

* Update resources/metadata/whitesourceExecuteScan.yaml

* Add debug

* Expose subjects

* Patch

* Debug

* Debug2

* Debug3

* Fix logging response body

* Cleanup

* Cleanup

* Fix request body logging

* Cleanup import

* Fix import cycle

* Cleanup

* Fix fmt

* Fix NopCloser reference

* Regenerate

* Reintroduce

* Fix test

* Fix tests

* Correction

* Fix error

* Code fix

* Fix tests

* Add tests

* Fix code climate issues

* Code climate

* Code climate again

* Code climate again

* Fix fmt

* Fix fmt 2

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2022-02-23 09:30:19 +01:00
Oliver Nocon
f431054b6f
feat(WhiteSource): consume credentials from cpe (#3206) 
* feat: func for Docker config.json

Provide re-use function to create/update Docker conifg.json

* add comment

* update WhiteSource step

* fixes and additional tests
 2021-11-15 07:48:40 +01:00
Christian Volk
eee3c2302b
feat(whitesourceExecuteScan): evaluate dockerConfigJSON from pipeline… (#3185) 
* feat(whitesourceExecuteScan): evaluate dockerConfigJSON from pipeline environment

* Update cmd/whitesourceExecuteScan_test.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2021-10-25 09:07:46 +02:00
ffeldmann
3f6eb603c7
Error logging (#2947) 
* (feat) adds error logging output for downloading reports from whitesource

* Extended error logging with errors.Wrapf()

* Adjusted whitesource tests
 2021-06-30 11:11:41 +02:00
Johannes Schneider
c22e0a1f0e
[WhitesourceExecuteScan] Fix Inconsistencies in Aggregated Report (#2872) 
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
 2021-06-09 15:56:56 +02:00
Oliver Nocon
d04a7c2eb3
feat(pipelineCreateScanSummary) Create groovy wrapper (#2743) 
* feat(pipelineCreateScanSummary) Create groovy wrapper

* add command to binary

* stash step reports

* update stash

* fix typo

* unstash reports first

* update reporting

* update json reporting

* update tests & enhance logging

* update md report

* update md reporting

* fix rendering

* update tests
 2021-04-15 07:45:06 +02:00
Oliver Nocon
9b6a8cb3b6
feat(whitesource): create json report (#2699) 
* feat(withesource): create json report

* proper constant value

* update generation
 2021-03-19 11:10:08 +01:00
Oliver Nocon
2048c00d2c
whitesource: use only Unified Agent for scanning (#2707) 
don't use native build-tool specific plugins any longer.
They have been deprecated by WhiteSource mid 2019 already.

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
 2021-03-19 09:58:24 +01:00
Christopher Fenner
f999925788
fix(influx): correct data type of influx measurements (#2171) 
* update data type of influx measurements

* Update checkmarx.yaml

* pick changes from #1885 for testing

* update generated code

* update to new datatype

* adjust to type changes

* change back to string type

* Update fortifyExecuteScan.go

* add typo to be backward compatible

* change type to int for files_scanned and lines_of_code_scanned

* add typo

* add measurements to whitesource

* update generated sources

* adjust test cases

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
 2021-03-10 16:00:53 +01:00
Oliver Nocon
d47a17c8fc
feat(whitesource): consolidated reporting and versioning alignment (#2571) 
* update reporting and add todo comments

* enhance reporting, allow directory creation for reports

* properly pass reports

* update templating and increase verbosity of errors

* add todo

* add detail table

* update sorting

* add test and improve error message

* fix error message in test

* extend tests

* enhance tests

* enhance versioning behavior accoring to #1846

* create markdown overview report

* small fix

* fix small issue

* make sure that report directory exists

* align reporting directory with default directory from UA

* add missing comments

* add policy check incl. tests

* enhance logging and tests

* update versioning to allow custom version usage properly

* fix report paths and golang image

* update styling of md

* update test
 2021-02-10 16:18:00 +01:00
Stephan Aßmus
eff38f6c9d
whitesourcExecuteScan-go: Additional fixes (#2315) 
* Make sure the UA scan is known to the scan object. Fixes downloading reports later on.
* Move polling into pkg/whitesource, add test for e2e scan
* Remove conditions from stash config resource
* Don't use version stored in CPE. This will prevent the versioningModel from being applied.
 2020-11-10 09:09:51 +01:00
Oliver Nocon
26cfbf7357
fix(whitesourceExecuteScan) properly handle output resources (#2266) 
* fix(whitesourceExecuteScan) properly handle output resources

* fix merge issues

* add required aliases

* update generation

* fix reading custom and container environment parameters from cpe

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
 2020-11-02 08:51:58 +01:00
Stephan Aßmus
86f335811c
whitesourceExecuteScan-go: Implement parameters "timeout", "createProductFromPipeline" (#2246) 2020-10-29 09:21:01 +01:00
Stephan Aßmus
260ca2c5a5
whitesourceExecuteScan: Re-organize code between step and whitesource package (#2207) 2020-10-20 09:49:26 +02:00
Kevin Hudemann
6c2f8365c1
WhiteSource: Remove performance-tests from default maven excludes (#2176) 
This change fixes an issue with the default maven excludes where the step would fail when performance tests are present in the project, but are not a module in the root pom. In addition, it provides a small fix of a method where a wrong path was passed to an error.
 2020-10-15 08:08:00 +02:00
Stephan Aßmus
ed97142f6d
Pass correct module path to npm.InstallAllDependencies() (#2144) 
We are already in the module's directory.
 2020-10-09 08:33:36 +02:00
Stephan Aßmus
54ea3ed51a
whitesourceExecuteScan: bypass UA for mta, maven, npm and yarn (#1879) 
Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
 2020-09-29 12:44:31 +02:00
Stephan Aßmus
33e6e13787
Refactor whitesourceExecuteScan, fix polling, error handling (#2036) 2020-09-18 11:54:45 +02:00