mirror of
https://github.com/SAP/jenkins-library.git
synced 2024-12-12 10:55:20 +02:00
d8553ab53d
* detectExecuteScan: update versioning align with Fortify to also use the same versioning model by default. * fix CodeClimate findings
73 lines
2.3 KiB
Go
73 lines
2.3 KiB
Go
package cmd
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
sliceUtils "github.com/SAP/jenkins-library/pkg/piperutils"
|
|
|
|
"github.com/SAP/jenkins-library/pkg/command"
|
|
"github.com/SAP/jenkins-library/pkg/log"
|
|
"github.com/SAP/jenkins-library/pkg/telemetry"
|
|
"github.com/SAP/jenkins-library/pkg/versioning"
|
|
)
|
|
|
|
func detectExecuteScan(config detectExecuteScanOptions, telemetryData *telemetry.CustomData) {
|
|
c := command.Command{}
|
|
// reroute command output to logging framework
|
|
c.Stdout(log.Writer())
|
|
c.Stderr(log.Writer())
|
|
runDetect(config, &c)
|
|
}
|
|
|
|
func runDetect(config detectExecuteScanOptions, command command.ShellRunner) {
|
|
// detect execution details, see https://synopsys.atlassian.net/wiki/spaces/INTDOCS/pages/88440888/Sample+Synopsys+Detect+Scan+Configuration+Scenarios+for+Black+Duck
|
|
|
|
args := []string{"bash <(curl -s https://detect.synopsys.com/detect.sh)"}
|
|
args = addDetectArgs(args, config)
|
|
script := strings.Join(args, " ")
|
|
|
|
command.SetDir(".")
|
|
command.SetEnv([]string{"BLACKDUCK_SKIP_PHONE_HOME=true"})
|
|
|
|
err := command.RunShell("/bin/bash", script)
|
|
if err != nil {
|
|
log.Entry().
|
|
WithError(err).
|
|
Fatal("failed to execute detect scan")
|
|
}
|
|
}
|
|
|
|
func addDetectArgs(args []string, config detectExecuteScanOptions) []string {
|
|
|
|
coordinates := struct {
|
|
Version string
|
|
}{
|
|
Version: config.Version,
|
|
}
|
|
|
|
_, detectVersionName := versioning.DetermineProjectCoordinates("", config.VersioningModel, coordinates)
|
|
|
|
args = append(args, config.ScanProperties...)
|
|
|
|
args = append(args, fmt.Sprintf("--blackduck.url=%v", config.ServerURL))
|
|
args = append(args, fmt.Sprintf("--blackduck.api.token=%v", config.APIToken))
|
|
|
|
args = append(args, fmt.Sprintf("--detect.project.name=%v", config.ProjectName))
|
|
args = append(args, fmt.Sprintf("--detect.project.version.name=%v", detectVersionName))
|
|
codeLocation := config.CodeLocation
|
|
if len(codeLocation) == 0 && len(config.ProjectName) > 0 {
|
|
codeLocation = fmt.Sprintf("%v/%v", config.ProjectName, detectVersionName)
|
|
}
|
|
args = append(args, fmt.Sprintf("--detect.code.location.name=%v", codeLocation))
|
|
|
|
if sliceUtils.ContainsString(config.Scanners, "signature") {
|
|
args = append(args, fmt.Sprintf("--detect.blackduck.signature.scanner.paths=%v", strings.Join(config.ScanPaths, ",")))
|
|
}
|
|
|
|
if sliceUtils.ContainsString(config.Scanners, "source") {
|
|
args = append(args, fmt.Sprintf("--detect.source.path=%v", config.ScanPaths[0]))
|
|
}
|
|
return args
|
|
}
|