1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
Commit Graph

28 Commits

Author SHA1 Message Date
Christopher Fenner
804e66d4cd
feat(detect): add customScanVersion to detect scan (#2790)
* add versioningModel parameter

* extract versioning model to own package

* move log message

* use versioning method

* add customScanVersion parameter

* use customScanVersion

* adjust docs on other steps

* add customScanVersion parameter

* use customScanVersion

* adjust docs on other steps

* change log message

* update test case

* fix typo

* correct variable name
2021-05-05 10:24:05 +02:00
Christopher Fenner
2426486e7b
feat(sonar): add versioningModel and customScanVersion to sonar scan (#2787)
* add versioningModel parameter

* extract versioning model to own package

* move log message

* use versioning method

* add customScanVersion parameter

* use customScanVersion

* adjust docs on other steps

* update test case
2021-05-05 09:02:19 +02:00
pkrasnousov
e9464b2594
feat(whitesourcescan): add param workDir to whitesourcescan (#2791)
* Add dir to whitesource scan

* Add default for "dir" option

* Change param name to workDir

* Change param name WorkDir to ScanPath

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-05-03 10:53:16 +02:00
Christopher Fenner
e11de9dbeb
chore(ci): add yamllint action (#2774)
* chore(ci): add yamllint action

* Create .yamllint.yml

* Update verify-yaml.yml

* Update verify-yaml.yml

* Update verify-yaml.yml

* Update verify-yaml.yml

* Update verify-yaml.yml

* correct yaml format

* correct yamllint findings

* disable truthy rule

* add pattern for workflows yamls

* fix c&p issue
2021-04-22 12:55:35 +02:00
Andre
e5dcc21bad
feat(mta): update MBT build tool to latest release 1.1.1 (#2777) 2021-04-21 14:01:03 +02:00
Andre
559bcd1ef2
fix(whitesource) use mta image without npm.sap.com (#2760)
* fix npm.sap.com issue

* use latest

* go generate

* use fixed version 1.0.16.1

* mbt version for tests also changed
2021-04-16 13:40:10 +02:00
Christopher Fenner
b531c2a017
docs(whitesource): correct description (#2762)
* Correct description

* update generated code
2021-04-15 19:15:59 +02:00
Sven Merk
dfe9cb6149
Add capability for yarn scanning (#2716)
* Add capability for yarn scanning

* Update whitesource.yaml

* Update configHelper.go

* Add newly generated impl
2021-03-24 16:33:32 +01:00
Oliver Nocon
2048c00d2c
whitesource: use only Unified Agent for scanning (#2707)
don't use native build-tool specific plugins any longer.
They have been deprecated by WhiteSource mid 2019 already.

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2021-03-19 09:58:24 +01:00
Sven Merk
d52a1a3619
Influx step execution reporting (#2700)
* Influx step execution reporting

* influx for newmanExecute added

Co-authored-by: lndrschlz <leander.schulz01@sap.com>
2021-03-18 10:32:03 +01:00
Christopher Fenner
f999925788
fix(influx): correct data type of influx measurements (#2171)
* update data type of influx measurements

* Update checkmarx.yaml

* pick changes from #1885 for testing

* update generated code

* update to new datatype

* adjust to type changes

* change back to string type

* Update fortifyExecuteScan.go

* add typo to be backward compatible

* change type to int for files_scanned and lines_of_code_scanned

* add typo

* add measurements to whitesource

* update generated sources

* adjust test cases

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2021-03-10 16:00:53 +01:00
Oliver Nocon
c077cdd733
fix(whitesourceExecuteScan) get full list of projects (#2672)
* fix(whitesourceExecuteScan) get full list of projects

* update doc
2021-03-08 17:01:18 +01:00
Oliver Nocon
d47a17c8fc
feat(whitesource): consolidated reporting and versioning alignment (#2571)
* update reporting and add todo comments

* enhance reporting, allow directory creation for reports

* properly pass reports

* update templating and increase verbosity of errors

* add todo

* add detail table

* update sorting

* add test and improve error message

* fix error message in test

* extend tests

* enhance tests

* enhance versioning behavior accoring to #1846

* create markdown overview report

* small fix

* fix small issue

* make sure that report directory exists

* align reporting directory with default directory from UA

* add missing comments

* add policy check incl. tests

* enhance logging and tests

* update versioning to allow custom version usage properly

* fix report paths and golang image

* update styling of md

* update test
2021-02-10 16:18:00 +01:00
Oliver Nocon
a104b2a06d
feat(whitesourceExecuteScan): UA for all build tools, e.g. maven & npm (#2501)
* feat(whitesource): add config helper

this helps to ease & enforce config settings

* fix accidential change of class

* add todos wrt java download

* use existing scanOptions, add option to download jre

* update generation

* fix generation

* allow running UA via go library

* correct image, improve logging

* add removal of downloaded JVM

* update java creation and deletion

* refactor and add log output

* remove obsolete ToDo

* increase test coverage

* increase test coverage

* adding aliases and tests

* make go modules as default

* maven: update behavior of projectNaming

* add Docker capabilities

* correct parameter name

* retrieve Docker coordinates

* docker coordinates only to provide artifact

* add ToDos

* add mta capability

* add aliases, mvn arguments for settings

* clean up groovy part

* update defaults

* add container for pip

* add defaults, add maven specifics, ...

* properly download settings

* maven: check existence of excluded files

* fix reporting

* Update CommonStepsTest.groovy

* update comment

* fix CodeClimate finding

* add tests for pip & fix minor issues

* fix order of pip build descriptors

* update pip container options

* fix pip virtualEnv parameter

* update report permissions

* fix test

* update container options

* add use fileUtils to load properties file

* update parameter description

* adding Docker scanning defaults

* clean up configHelper

* consider also npm tool cache

* add todos
2021-02-03 14:52:48 +01:00
Stephan Aßmus
cb069148d2
WS: Provide missing aliases (#2485) 2020-12-21 13:16:38 +01:00
Daniel Kurzynski
c09c5e1ef0
Fix workingDir for mta whitesource scan (#2431)
* Update whitesource.yaml

* Generate and format
2020-11-27 11:39:21 +01:00
Daniel Kurzynski
d952cb89d6
Add docker image for whitesource and mta (#2374) 2020-11-26 10:45:47 +01:00
Stephan Aßmus
eff38f6c9d
whitesourcExecuteScan-go: Additional fixes (#2315)
* Make sure the UA scan is known to the scan object. Fixes downloading reports later on.
* Move polling into pkg/whitesource, add test for e2e scan
* Remove conditions from stash config resource
* Don't use version stored in CPE. This will prevent the versioningModel from being applied.
2020-11-10 09:09:51 +01:00
Oliver Nocon
26cfbf7357
fix(whitesourceExecuteScan) properly handle output resources (#2266)
* fix(whitesourceExecuteScan) properly handle output resources

* fix merge issues

* add required aliases

* update generation

* fix reading custom and container environment parameters from cpe

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
2020-11-02 08:51:58 +01:00
Daniel Kurzynski
a2656a5f71
Install artifacts before whitesource scan (#2280) 2020-10-30 15:05:14 +01:00
Stephan Aßmus
86f335811c
whitesourceExecuteScan-go: Implement parameters "timeout", "createProductFromPipeline" (#2246) 2020-10-29 09:21:01 +01:00
Kevin Hudemann
6c2f8365c1
WhiteSource: Remove performance-tests from default maven excludes (#2176)
This change fixes an issue with the default maven excludes where the step would fail when performance tests are present in the project, but are not a module in the root pom. In addition, it provides a small fix of a method where a wrong path was passed to an error.
2020-10-15 08:08:00 +02:00
Oliver Nocon
4d9d2e78d8
Add / update Jenkins credential descriptions (#2058) 2020-09-23 13:22:51 +02:00
Stephan Aßmus
33e6e13787
Refactor whitesourceExecuteScan, fix polling, error handling (#2036) 2020-09-18 11:54:45 +02:00
Christopher Fenner
36b7eaf197
refactor: correct yaml format (#1965) 2020-08-31 16:10:28 +02:00
Christopher Fenner
8007e4af51
docs: link credentialIDs to parameter (#1961) 2020-08-28 15:38:15 +02:00
Oliver Nocon
43f51ba90a
Revamp documentation generation for golang steps (#1781)
* Revamp documentation generation for golang steps

* Add and update tests

* Add tests, add step outputs

* Add tests, add step outputs

* Update rendering

* fix merge conflict

* update generated files

* Update pkg/config/stepmeta.go

* Update pkg/config/stepmeta.go

* Update pkg/generator/helper/docuHelper.go

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Include PR feedback

* update tests

* Fix Jenkins dependecy indication

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
2020-07-16 09:10:15 +02:00
Jordan Levin
34967c502c
Whitesource scan (MVP) (#1658)
* Whitesource MVP for Gradle, Golang, and NPM/Yarn

* Refactoring

* Refactor and cleanup, better error checking

* publish stepResults, use pkg/versioning, bubble up errors, add gomod versioning support

* Run gofmt and cleanup comments

* Resolve PR comments

* Update resources/metadata/whitesource.yaml

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Only determine project coordinates if they are missing

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>

* Gradle versioning artifact

* fix gradle artifact version regexp and refactor

* Fix token extraction from output buffer

* Fix some issues with pip and jsonfile versioning logic

* Remove useless spacing

* Remove unnecessary test file and fix naming style for JSONDescriptor

* Automatically download wss-unified-agent if file does not exist

* adds downloadVulnerabilityReport, checkSecurityViolations, minor refactoring

* adds config.ReportDirectoryName, improves readability

* Version-wide reporting for vulnerabilities and list of libraries.

* Refactor and improve build accuracy

* fix sed command

* Add includes file pattern config option

* Adds --exclude command line flag

* run go mod tidy and regenerate step framework

* Fix unit tests

* revert changes

* poll project status before downloading reports

* merge with master

* go mod tidy, go fmt, and fix whitesource unit test

* sync go.mod

* sync go.mod again

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2020-07-01 07:54:13 +02:00