mirror of
https://github.com/SAP/jenkins-library.git
synced 2024-12-14 11:03:09 +02:00
d41d7bfbac
In case of policy violations, the scan is failed and default behavior is to not update the project in the WS system. See docs at https://whitesource.atlassian.net/wiki/spaces/WD/pages/33914890/Maven+Plugin. Since this is inconvenient and we also changed the behavior already for NPM, we force the update.
125 lines
4.0 KiB
Go
125 lines
4.0 KiB
Go
package whitesource
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/SAP/jenkins-library/pkg/log"
|
|
"github.com/SAP/jenkins-library/pkg/maven"
|
|
"path/filepath"
|
|
"strings"
|
|
)
|
|
|
|
// ExecuteMavenScan constructs maven parameters from the given configuration, and executes the maven goal
|
|
// "org.whitesource:whitesource-maven-plugin:19.5.1:update".
|
|
func (s *Scan) ExecuteMavenScan(config *ScanOptions, utils Utils) error {
|
|
log.Entry().Infof("Using Whitesource scan for Maven project")
|
|
pomPath := config.PomPath
|
|
if pomPath == "" {
|
|
pomPath = "pom.xml"
|
|
}
|
|
return s.ExecuteMavenScanForPomFile(config, utils, pomPath)
|
|
}
|
|
|
|
// ExecuteMavenScanForPomFile constructs maven parameters from the given configuration, and executes the maven goal
|
|
// "org.whitesource:whitesource-maven-plugin:19.5.1:update" for the given pom file.
|
|
func (s *Scan) ExecuteMavenScanForPomFile(config *ScanOptions, utils Utils, pomPath string) error {
|
|
pomExists, _ := utils.FileExists(pomPath)
|
|
if !pomExists {
|
|
return fmt.Errorf("for scanning with type '%s', the file '%s' must exist in the project root",
|
|
config.ScanType, pomPath)
|
|
}
|
|
|
|
if config.InstallArtifacts {
|
|
err := maven.InstallMavenArtifacts(&maven.EvaluateOptions{
|
|
M2Path: config.M2Path,
|
|
ProjectSettingsFile: config.ProjectSettingsFile,
|
|
GlobalSettingsFile: config.GlobalSettingsFile,
|
|
PomPath: pomPath,
|
|
}, utils)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
defines := s.generateMavenWhitesourceDefines(config)
|
|
flags, excludes := generateMavenWhitesourceFlags(config, utils)
|
|
err := s.appendModulesThatWillBeScanned(utils, excludes)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to determine maven modules which will be scanned: %w", err)
|
|
}
|
|
|
|
_, err = maven.Execute(&maven.ExecuteOptions{
|
|
PomPath: pomPath,
|
|
M2Path: config.M2Path,
|
|
GlobalSettingsFile: config.GlobalSettingsFile,
|
|
ProjectSettingsFile: config.ProjectSettingsFile,
|
|
Defines: defines,
|
|
Flags: flags,
|
|
Goals: []string{"org.whitesource:whitesource-maven-plugin:19.5.1:update"},
|
|
}, utils)
|
|
|
|
return err
|
|
}
|
|
|
|
func (s *Scan) generateMavenWhitesourceDefines(config *ScanOptions) []string {
|
|
defines := []string{
|
|
"-Dorg.whitesource.orgToken=" + config.OrgToken,
|
|
"-Dorg.whitesource.product=" + config.ProductName,
|
|
"-Dorg.whitesource.checkPolicies=true",
|
|
"-Dorg.whitesource.failOnError=true",
|
|
"-Dorg.whitesource.forceUpdate=true",
|
|
}
|
|
|
|
// Aggregate all modules into one WhiteSource project, if user specified the 'projectName' parameter.
|
|
if config.ProjectName != "" {
|
|
defines = append(defines, "-Dorg.whitesource.aggregateProjectName="+config.ProjectName)
|
|
defines = append(defines, "-Dorg.whitesource.aggregateModules=true")
|
|
}
|
|
|
|
if config.UserToken != "" {
|
|
defines = append(defines, "-Dorg.whitesource.userKey="+config.UserToken)
|
|
}
|
|
|
|
if s.ProductVersion != "" {
|
|
defines = append(defines, "-Dorg.whitesource.productVersion="+s.ProductVersion)
|
|
}
|
|
|
|
return defines
|
|
}
|
|
|
|
func generateMavenWhitesourceFlags(config *ScanOptions, utils Utils) (flags []string, excludes []string) {
|
|
excludes = config.BuildDescriptorExcludeList
|
|
// From the documentation, these are file paths to a module's pom.xml.
|
|
// For MTA projects, we want to support mixing paths to package.json files and pom.xml files.
|
|
for _, exclude := range excludes {
|
|
if !strings.HasSuffix(exclude, "pom.xml") {
|
|
continue
|
|
}
|
|
exists, _ := utils.FileExists(exclude)
|
|
if !exists {
|
|
continue
|
|
}
|
|
moduleName := filepath.Dir(exclude)
|
|
if moduleName != "" {
|
|
flags = append(flags, "-pl", "!"+moduleName)
|
|
}
|
|
}
|
|
return flags, excludes
|
|
}
|
|
|
|
func (s *Scan) appendModulesThatWillBeScanned(utils Utils, excludes []string) error {
|
|
return maven.VisitAllMavenModules(".", utils, excludes, func(info maven.ModuleInfo) error {
|
|
project := info.Project
|
|
if project.Packaging != "pom" {
|
|
if project.ArtifactID == "" {
|
|
return fmt.Errorf("artifactId missing from '%s'", info.PomXMLPath)
|
|
}
|
|
|
|
err := s.AppendScannedProject(project.ArtifactID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
})
|
|
}
|