1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-01-18 05:18:24 +02:00
Jordan Levin 34967c502c
Whitesource scan (MVP) (#1658)
* Whitesource MVP for Gradle, Golang, and NPM/Yarn

* Refactoring

* Refactor and cleanup, better error checking

* publish stepResults, use pkg/versioning, bubble up errors, add gomod versioning support

* Run gofmt and cleanup comments

* Resolve PR comments

* Update resources/metadata/whitesource.yaml

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>

* Only determine project coordinates if they are missing

Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>

* Gradle versioning artifact

* fix gradle artifact version regexp and refactor

* Fix token extraction from output buffer

* Fix some issues with pip and jsonfile versioning logic

* Remove useless spacing

* Remove unnecessary test file and fix naming style for JSONDescriptor

* Automatically download wss-unified-agent if file does not exist

* adds downloadVulnerabilityReport, checkSecurityViolations, minor refactoring

* adds config.ReportDirectoryName, improves readability

* Version-wide reporting for vulnerabilities and list of libraries.

* Refactor and improve build accuracy

* fix sed command

* Add includes file pattern config option

* Adds --exclude command line flag

* run go mod tidy and regenerate step framework

* Fix unit tests

* revert changes

* poll project status before downloading reports

* merge with master

* go mod tidy, go fmt, and fix whitesource unit test

* sync go.mod

* sync go.mod again

Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com>
Co-authored-by: Stephan Aßmus <stephan.assmus@sap.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
2020-07-01 07:54:13 +02:00

102 lines
2.2 KiB
Go

package versioning
import (
"encoding/json"
"fmt"
"io/ioutil"
"os"
"github.com/pkg/errors"
)
// JSONDescriptor holds the unique identifier combination for json artifacts
type JSONDescriptor struct {
GroupID string
ArtifactID string
Version string
Packaging string
}
// JSONfile defines an artifact using a json file for versioning
type JSONfile struct {
path string
content map[string]interface{}
versionField string
readFile func(string) ([]byte, error)
writeFile func(string, []byte, os.FileMode) error
}
func (j *JSONfile) init() {
if len(j.versionField) == 0 {
j.versionField = "version"
}
if j.readFile == nil {
j.readFile = ioutil.ReadFile
}
if j.writeFile == nil {
j.writeFile = ioutil.WriteFile
}
}
// VersioningScheme returns the relevant versioning scheme
func (j *JSONfile) VersioningScheme() string {
return "semver2"
}
// GetVersion returns the current version of the artifact with a JSON-based build descriptor
func (j *JSONfile) GetVersion() (string, error) {
j.init()
content, err := j.readFile(j.path)
if err != nil {
return "", errors.Wrapf(err, "failed to read file '%v'", j.path)
}
err = json.Unmarshal(content, &j.content)
if err != nil {
return "", errors.Wrapf(err, "failed to read json content of file '%v'", j.content)
}
return fmt.Sprint(j.content[j.versionField]), nil
}
// SetVersion updates the version of the artifact with a JSON-based build descriptor
func (j *JSONfile) SetVersion(version string) error {
j.init()
if j.content == nil {
_, err := j.GetVersion()
if err != nil {
return err
}
}
j.content[j.versionField] = version
content, err := json.MarshalIndent(j.content, "", " ")
if err != nil {
return errors.Wrapf(err, "failed to create json content for '%v'", j.path)
}
err = j.writeFile(j.path, content, 0700)
if err != nil {
return errors.Wrapf(err, "failed to write file '%v'", j.path)
}
return nil
}
// GetCoordinates returns the coordinates
func (j *JSONfile) GetCoordinates() (Coordinates, error) {
projectVersion, err := j.GetVersion()
if err != nil {
return nil, err
}
projectName := j.content["name"].(string)
artifact := &JSONDescriptor{
ArtifactID: projectName,
Version: projectVersion,
}
return artifact, nil
}