1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-01-18 05:18:24 +02:00
sap-jenkins-library/pkg/whitesource/scanMaven.go
Sven Merk a1988f6808
feat(whitesourceExecuteScan): GitHub issue creation + SARIF (#3535)
* Add GH issue creation + SARIF

* Code cleanup

* Fix fmt, add debug

* Code enhancements

* Fix

* Added debug info

* Rework UA log scan

* Fix code

* read UA version

* Fix nil reference

* Extraction

* Credentials

* Issue creation

* Error handling

* Fix issue creation

* query escape

* Query escape 2

* Revert

* Test avoid update

* HTTP client

* Add support for custom TLS certs

* Fix code

* Fix code 2

* Fix code 3

* Disable cert check

* Fix auth

* Remove implicit trust

* Skip verification

* Fix

* Fix client

* Fix HTTP auth

* Fix trusted certs

* Trim version

* Code

* Add token

* Added token handling to client

* Fix token

* Cleanup

* Fix token

* Token rework

* Fix code

* Kick out oauth client

* Kick out oauth client

* Transport wrapping

* Token

* Simplification

* Refactor

* Variation

* Check

* Fix

* Debug

* Switch client

* Variation

* Debug

* Switch to cert check

* Add debug

* Parse self

* Cleanup

* Update resources/metadata/whitesourceExecuteScan.yaml

* Add debug

* Expose subjects

* Patch

* Debug

* Debug2

* Debug3

* Fix logging response body

* Cleanup

* Cleanup

* Fix request body logging

* Cleanup import

* Fix import cycle

* Cleanup

* Fix fmt

* Fix NopCloser reference

* Regenerate

* Reintroduce

* Fix test

* Fix tests

* Correction

* Fix error

* Code fix

* Fix tests

* Add tests

* Fix code climate issues

* Code climate

* Code climate again

* Code climate again

* Fix fmt

* Fix fmt 2

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2022-02-23 09:30:19 +01:00

128 lines
4.0 KiB
Go

package whitesource
import (
"fmt"
"path/filepath"
"strings"
"github.com/SAP/jenkins-library/pkg/log"
"github.com/SAP/jenkins-library/pkg/maven"
)
// ExecuteMavenScan constructs maven parameters from the given configuration, and executes the maven goal
// "org.whitesource:whitesource-maven-plugin:19.5.1:update".
func (s *Scan) ExecuteMavenScan(config *ScanOptions, utils Utils) error {
s.AgentName = "WhiteSource Maven Plugin"
s.AgentVersion = "unknown"
log.Entry().Infof("Using Whitesource scan for Maven project")
pomPath := config.PomPath
if pomPath == "" {
pomPath = "pom.xml"
}
return s.ExecuteMavenScanForPomFile(config, utils, pomPath)
}
// ExecuteMavenScanForPomFile constructs maven parameters from the given configuration, and executes the maven goal
// "org.whitesource:whitesource-maven-plugin:19.5.1:update" for the given pom file.
func (s *Scan) ExecuteMavenScanForPomFile(config *ScanOptions, utils Utils, pomPath string) error {
pomExists, _ := utils.FileExists(pomPath)
if !pomExists {
return fmt.Errorf("for scanning with type '%s', the file '%s' must exist in the project root",
config.ScanType, pomPath)
}
if config.InstallArtifacts {
err := maven.InstallMavenArtifacts(&maven.EvaluateOptions{
M2Path: config.M2Path,
ProjectSettingsFile: config.ProjectSettingsFile,
GlobalSettingsFile: config.GlobalSettingsFile,
PomPath: pomPath,
}, utils)
if err != nil {
return err
}
}
defines := s.generateMavenWhitesourceDefines(config)
flags, excludes := generateMavenWhitesourceFlags(config, utils)
err := s.appendModulesThatWillBeScanned(utils, excludes)
if err != nil {
return fmt.Errorf("failed to determine maven modules which will be scanned: %w", err)
}
_, err = maven.Execute(&maven.ExecuteOptions{
PomPath: pomPath,
M2Path: config.M2Path,
GlobalSettingsFile: config.GlobalSettingsFile,
ProjectSettingsFile: config.ProjectSettingsFile,
Defines: defines,
Flags: flags,
Goals: []string{"org.whitesource:whitesource-maven-plugin:19.5.1:update"},
}, utils)
return err
}
func (s *Scan) generateMavenWhitesourceDefines(config *ScanOptions) []string {
defines := []string{
"-Dorg.whitesource.orgToken=" + config.OrgToken,
"-Dorg.whitesource.product=" + config.ProductName,
"-Dorg.whitesource.checkPolicies=true",
"-Dorg.whitesource.failOnError=true",
"-Dorg.whitesource.forceUpdate=true",
}
// Aggregate all modules into one WhiteSource project, if user specified the 'projectName' parameter.
if config.ProjectName != "" {
defines = append(defines, "-Dorg.whitesource.aggregateProjectName="+config.ProjectName)
defines = append(defines, "-Dorg.whitesource.aggregateModules=true")
}
if config.UserToken != "" {
defines = append(defines, "-Dorg.whitesource.userKey="+config.UserToken)
}
if s.ProductVersion != "" {
defines = append(defines, "-Dorg.whitesource.productVersion="+s.ProductVersion)
}
return defines
}
func generateMavenWhitesourceFlags(config *ScanOptions, utils Utils) (flags []string, excludes []string) {
excludes = config.BuildDescriptorExcludeList
// From the documentation, these are file paths to a module's pom.xml.
// For MTA projects, we want to support mixing paths to package.json files and pom.xml files.
for _, exclude := range excludes {
if !strings.HasSuffix(exclude, "pom.xml") {
continue
}
exists, _ := utils.FileExists(exclude)
if !exists {
continue
}
moduleName := filepath.Dir(exclude)
if moduleName != "" {
flags = append(flags, "-pl", "!"+moduleName)
}
}
return flags, excludes
}
func (s *Scan) appendModulesThatWillBeScanned(utils Utils, excludes []string) error {
return maven.VisitAllMavenModules(".", utils, excludes, func(info maven.ModuleInfo) error {
project := info.Project
if project.Packaging != "pom" {
if project.ArtifactID == "" {
return fmt.Errorf("artifactId missing from '%s'", info.PomXMLPath)
}
err := s.AppendScannedProject(project.ArtifactID)
if err != nil {
return err
}
}
return nil
})
}