github.com/SAP/jenkins-library@v1.362.0/cmd/detectExecuteScan_generated.go (about) 1 // Code generated by piper's step-generator. DO NOT EDIT. 2 3 package cmd 4 5 import ( 6 "fmt" 7 "os" 8 "path/filepath" 9 "reflect" 10 "strings" 11 "time" 12 13 "github.com/SAP/jenkins-library/pkg/config" 14 "github.com/SAP/jenkins-library/pkg/gcs" 15 "github.com/SAP/jenkins-library/pkg/log" 16 "github.com/SAP/jenkins-library/pkg/piperenv" 17 "github.com/SAP/jenkins-library/pkg/splunk" 18 "github.com/SAP/jenkins-library/pkg/telemetry" 19 "github.com/SAP/jenkins-library/pkg/validation" 20 "github.com/bmatcuk/doublestar" 21 "github.com/spf13/cobra" 22 ) 23 24 type detectExecuteScanOptions struct { 25 Token string `json:"token,omitempty"` 26 CodeLocation string `json:"codeLocation,omitempty"` 27 ProjectName string `json:"projectName,omitempty"` 28 Scanners []string `json:"scanners,omitempty" validate:"possible-values=signature source"` 29 ScanPaths []string `json:"scanPaths,omitempty"` 30 DependencyPath string `json:"dependencyPath,omitempty"` 31 Unmap bool `json:"unmap,omitempty"` 32 ScanProperties []string `json:"scanProperties,omitempty"` 33 ServerURL string `json:"serverUrl,omitempty"` 34 Groups []string `json:"groups,omitempty"` 35 FailOn []string `json:"failOn,omitempty" validate:"possible-values=ALL BLOCKER CRITICAL MAJOR MINOR NONE"` 36 VersioningModel string `json:"versioningModel,omitempty" validate:"possible-values=major major-minor semantic full"` 37 Version string `json:"version,omitempty"` 38 CustomScanVersion string `json:"customScanVersion,omitempty"` 39 ProjectSettingsFile string `json:"projectSettingsFile,omitempty"` 40 GlobalSettingsFile string `json:"globalSettingsFile,omitempty"` 41 M2Path string `json:"m2Path,omitempty"` 42 InstallArtifacts bool `json:"installArtifacts,omitempty"` 43 BuildMaven bool `json:"buildMaven,omitempty"` 44 GenerateReportsForEmptyProjects bool `json:"generateReportsForEmptyProjects,omitempty"` 45 PomPath string `json:"pomPath,omitempty"` 46 IncludedPackageManagers []string `json:"includedPackageManagers,omitempty"` 47 ExcludedPackageManagers []string `json:"excludedPackageManagers,omitempty"` 48 MavenExcludedScopes []string `json:"mavenExcludedScopes,omitempty"` 49 DetectTools []string `json:"detectTools,omitempty"` 50 ScanOnChanges bool `json:"scanOnChanges,omitempty"` 51 SuccessOnSkip bool `json:"successOnSkip,omitempty"` 52 CustomEnvironmentVariables []string `json:"customEnvironmentVariables,omitempty"` 53 MinScanInterval int `json:"minScanInterval,omitempty"` 54 GithubToken string `json:"githubToken,omitempty"` 55 CreateResultIssue bool `json:"createResultIssue,omitempty"` 56 GithubAPIURL string `json:"githubApiUrl,omitempty"` 57 Owner string `json:"owner,omitempty"` 58 Repository string `json:"repository,omitempty"` 59 Assignees []string `json:"assignees,omitempty"` 60 CustomTLSCertificateLinks []string `json:"customTlsCertificateLinks,omitempty"` 61 FailOnSevereVulnerabilities bool `json:"failOnSevereVulnerabilities,omitempty"` 62 BuildTool string `json:"buildTool,omitempty"` 63 ExcludedDirectories []string `json:"excludedDirectories,omitempty"` 64 NpmDependencyTypesExcluded []string `json:"npmDependencyTypesExcluded,omitempty" validate:"possible-values=NONE DEV PEER"` 65 NpmArguments []string `json:"npmArguments,omitempty"` 66 PrivateModules string `json:"privateModules,omitempty"` 67 PrivateModulesGitToken string `json:"privateModulesGitToken,omitempty"` 68 ScanContainerDistro string `json:"scanContainerDistro,omitempty" validate:"possible-values=ubuntu centos alpine"` 69 ImageNameTags []string `json:"imageNameTags,omitempty" validate:"required_if=ScanContainerDistro ubuntu ScanContainerDistro centos ScanContainerDistro alpine"` 70 RegistryURL string `json:"registryUrl,omitempty" validate:"required_if=ScanContainerDistro ubuntu ScanContainerDistro centos ScanContainerDistro alpine"` 71 RepositoryUsername string `json:"repositoryUsername,omitempty" validate:"required_if=ScanContainerDistro ubuntu ScanContainerDistro centos ScanContainerDistro alpine"` 72 RepositoryPassword string `json:"repositoryPassword,omitempty" validate:"required_if=ScanContainerDistro ubuntu ScanContainerDistro centos ScanContainerDistro alpine"` 73 UseDetect9 bool `json:"useDetect9,omitempty"` 74 } 75 76 type detectExecuteScanInflux struct { 77 step_data struct { 78 fields struct { 79 detect bool 80 } 81 tags struct { 82 } 83 } 84 detect_data struct { 85 fields struct { 86 vulnerabilities int 87 major_vulnerabilities int 88 minor_vulnerabilities int 89 components int 90 policy_violations int 91 } 92 tags struct { 93 } 94 } 95 } 96 97 func (i *detectExecuteScanInflux) persist(path, resourceName string) { 98 measurementContent := []struct { 99 measurement string 100 valType string 101 name string 102 value interface{} 103 }{ 104 {valType: config.InfluxField, measurement: "step_data", name: "detect", value: i.step_data.fields.detect}, 105 {valType: config.InfluxField, measurement: "detect_data", name: "vulnerabilities", value: i.detect_data.fields.vulnerabilities}, 106 {valType: config.InfluxField, measurement: "detect_data", name: "major_vulnerabilities", value: i.detect_data.fields.major_vulnerabilities}, 107 {valType: config.InfluxField, measurement: "detect_data", name: "minor_vulnerabilities", value: i.detect_data.fields.minor_vulnerabilities}, 108 {valType: config.InfluxField, measurement: "detect_data", name: "components", value: i.detect_data.fields.components}, 109 {valType: config.InfluxField, measurement: "detect_data", name: "policy_violations", value: i.detect_data.fields.policy_violations}, 110 } 111 112 errCount := 0 113 for _, metric := range measurementContent { 114 err := piperenv.SetResourceParameter(path, resourceName, filepath.Join(metric.measurement, fmt.Sprintf("%vs", metric.valType), metric.name), metric.value) 115 if err != nil { 116 log.Entry().WithError(err).Error("Error persisting influx environment.") 117 errCount++ 118 } 119 } 120 if errCount > 0 { 121 log.Entry().Error("failed to persist Influx environment") 122 } 123 } 124 125 type detectExecuteScanReports struct { 126 } 127 128 func (p *detectExecuteScanReports) persist(stepConfig detectExecuteScanOptions, gcpJsonKeyFilePath string, gcsBucketId string, gcsFolderPath string, gcsSubFolder string) { 129 if gcsBucketId == "" { 130 log.Entry().Info("persisting reports to GCS is disabled, because gcsBucketId is empty") 131 return 132 } 133 log.Entry().Info("Uploading reports to Google Cloud Storage...") 134 content := []gcs.ReportOutputParam{ 135 {FilePattern: "**/*BlackDuck_RiskReport.pdf", ParamRef: "", StepResultType: "blackduck-ip"}, 136 {FilePattern: "**/blackduck-ip.json", ParamRef: "", StepResultType: "blackduck-ip"}, 137 {FilePattern: "**/toolrun_detectExecute_*.json", ParamRef: "", StepResultType: "blackduck-ip"}, 138 {FilePattern: "**/piper_detect_policy_violation_report.html", ParamRef: "", StepResultType: "blackduck-ip"}, 139 {FilePattern: "**/*BlackDuck_RiskReport.pdf", ParamRef: "", StepResultType: "blackduck-security"}, 140 {FilePattern: "**/detectExecuteScan_policy_*.json", ParamRef: "", StepResultType: "blackduck-security"}, 141 {FilePattern: "**/piper_detect_vulnerability_report.html", ParamRef: "", StepResultType: "blackduck-security"}, 142 {FilePattern: "**/toolrun_detectExecute_*.json", ParamRef: "", StepResultType: "blackduck-security"}, 143 {FilePattern: "**/piper_detect_vulnerability.sarif", ParamRef: "", StepResultType: "blackduck-security"}, 144 {FilePattern: "**/piper_hub_detect_sbom.xml", ParamRef: "", StepResultType: "blackduck-security"}, 145 } 146 envVars := []gcs.EnvVar{ 147 {Name: "GOOGLE_APPLICATION_CREDENTIALS", Value: gcpJsonKeyFilePath, Modified: false}, 148 } 149 gcsClient, err := gcs.NewClient(gcs.WithEnvVars(envVars)) 150 if err != nil { 151 log.Entry().Errorf("creation of GCS client failed: %v", err) 152 return 153 } 154 defer gcsClient.Close() 155 structVal := reflect.ValueOf(&stepConfig).Elem() 156 inputParameters := map[string]string{} 157 for i := 0; i < structVal.NumField(); i++ { 158 field := structVal.Type().Field(i) 159 if field.Type.String() == "string" { 160 paramName := strings.Split(field.Tag.Get("json"), ",") 161 paramValue, _ := structVal.Field(i).Interface().(string) 162 inputParameters[paramName[0]] = paramValue 163 } 164 } 165 if err := gcs.PersistReportsToGCS(gcsClient, content, inputParameters, gcsFolderPath, gcsBucketId, gcsSubFolder, doublestar.Glob, os.Stat); err != nil { 166 log.Entry().Errorf("failed to persist reports: %v", err) 167 } 168 } 169 170 // DetectExecuteScanCommand Executes Synopsys Detect scan 171 func DetectExecuteScanCommand() *cobra.Command { 172 const STEP_NAME = "detectExecuteScan" 173 174 metadata := detectExecuteScanMetadata() 175 var stepConfig detectExecuteScanOptions 176 var startTime time.Time 177 var influx detectExecuteScanInflux 178 var reports detectExecuteScanReports 179 var logCollector *log.CollectorHook 180 var splunkClient *splunk.Splunk 181 telemetryClient := &telemetry.Telemetry{} 182 183 var createDetectExecuteScanCmd = &cobra.Command{ 184 Use: STEP_NAME, 185 Short: "Executes Synopsys Detect scan", 186 Long: `This step executes [Synopsys Detect](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=introduction.html&_LANG=enus) scans. 187 Synopsys Detect command line utlity can be used to run various scans including BlackDuck and Polaris scans. This step allows users to run BlackDuck scans by default. 188 Please configure your BlackDuck server Url using the serverUrl parameter and the API token of your user using the apiToken parameter for this step.`, 189 PreRunE: func(cmd *cobra.Command, _ []string) error { 190 startTime = time.Now() 191 log.SetStepName(STEP_NAME) 192 log.SetVerbose(GeneralConfig.Verbose) 193 194 GeneralConfig.GitHubAccessTokens = ResolveAccessTokens(GeneralConfig.GitHubTokens) 195 196 path, _ := os.Getwd() 197 fatalHook := &log.FatalHook{CorrelationID: GeneralConfig.CorrelationID, Path: path} 198 log.RegisterHook(fatalHook) 199 200 err := PrepareConfig(cmd, &metadata, STEP_NAME, &stepConfig, config.OpenPiperFile) 201 if err != nil { 202 log.SetErrorCategory(log.ErrorConfiguration) 203 return err 204 } 205 log.RegisterSecret(stepConfig.Token) 206 log.RegisterSecret(stepConfig.GithubToken) 207 log.RegisterSecret(stepConfig.PrivateModulesGitToken) 208 209 if len(GeneralConfig.HookConfig.SentryConfig.Dsn) > 0 { 210 sentryHook := log.NewSentryHook(GeneralConfig.HookConfig.SentryConfig.Dsn, GeneralConfig.CorrelationID) 211 log.RegisterHook(&sentryHook) 212 } 213 214 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 || len(GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint) > 0 { 215 splunkClient = &splunk.Splunk{} 216 logCollector = &log.CollectorHook{CorrelationID: GeneralConfig.CorrelationID} 217 log.RegisterHook(logCollector) 218 } 219 220 if err = log.RegisterANSHookIfConfigured(GeneralConfig.CorrelationID); err != nil { 221 log.Entry().WithError(err).Warn("failed to set up SAP Alert Notification Service log hook") 222 } 223 224 validation, err := validation.New(validation.WithJSONNamesForStructFields(), validation.WithPredefinedErrorMessages()) 225 if err != nil { 226 return err 227 } 228 if err = validation.ValidateStruct(stepConfig); err != nil { 229 log.SetErrorCategory(log.ErrorConfiguration) 230 return err 231 } 232 233 return nil 234 }, 235 Run: func(_ *cobra.Command, _ []string) { 236 stepTelemetryData := telemetry.CustomData{} 237 stepTelemetryData.ErrorCode = "1" 238 handler := func() { 239 influx.persist(GeneralConfig.EnvRootPath, "influx") 240 reports.persist(stepConfig, GeneralConfig.GCPJsonKeyFilePath, GeneralConfig.GCSBucketId, GeneralConfig.GCSFolderPath, GeneralConfig.GCSSubFolder) 241 config.RemoveVaultSecretFiles() 242 stepTelemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds()) 243 stepTelemetryData.ErrorCategory = log.GetErrorCategory().String() 244 stepTelemetryData.PiperCommitHash = GitCommit 245 telemetryClient.SetData(&stepTelemetryData) 246 telemetryClient.Send() 247 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 { 248 splunkClient.Initialize(GeneralConfig.CorrelationID, 249 GeneralConfig.HookConfig.SplunkConfig.Dsn, 250 GeneralConfig.HookConfig.SplunkConfig.Token, 251 GeneralConfig.HookConfig.SplunkConfig.Index, 252 GeneralConfig.HookConfig.SplunkConfig.SendLogs) 253 splunkClient.Send(telemetryClient.GetData(), logCollector) 254 } 255 if len(GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint) > 0 { 256 splunkClient.Initialize(GeneralConfig.CorrelationID, 257 GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint, 258 GeneralConfig.HookConfig.SplunkConfig.ProdCriblToken, 259 GeneralConfig.HookConfig.SplunkConfig.ProdCriblIndex, 260 GeneralConfig.HookConfig.SplunkConfig.SendLogs) 261 splunkClient.Send(telemetryClient.GetData(), logCollector) 262 } 263 } 264 log.DeferExitHandler(handler) 265 defer handler() 266 telemetryClient.Initialize(GeneralConfig.NoTelemetry, STEP_NAME, GeneralConfig.HookConfig.PendoConfig.Token) 267 detectExecuteScan(stepConfig, &stepTelemetryData, &influx) 268 stepTelemetryData.ErrorCode = "0" 269 log.Entry().Info("SUCCESS") 270 }, 271 } 272 273 addDetectExecuteScanFlags(createDetectExecuteScanCmd, &stepConfig) 274 return createDetectExecuteScanCmd 275 } 276 277 func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScanOptions) { 278 cmd.Flags().StringVar(&stepConfig.Token, "token", os.Getenv("PIPER_token"), "Api token to be used for connectivity with Synopsis Detect server.") 279 cmd.Flags().StringVar(&stepConfig.CodeLocation, "codeLocation", os.Getenv("PIPER_codeLocation"), "An override for the name Detect will use for the scan file it creates.") 280 cmd.Flags().StringVar(&stepConfig.ProjectName, "projectName", os.Getenv("PIPER_projectName"), "Name of the Synopsis Detect (formerly BlackDuck) project.") 281 cmd.Flags().StringSliceVar(&stepConfig.Scanners, "scanners", []string{`signature`}, "List of scanners to be used for Synopsis Detect (formerly BlackDuck) scan.") 282 cmd.Flags().StringSliceVar(&stepConfig.ScanPaths, "scanPaths", []string{`.`}, "List of paths which should be scanned by the Synopsis Detect (formerly BlackDuck) scan.") 283 cmd.Flags().StringVar(&stepConfig.DependencyPath, "dependencyPath", `.`, "Absolute Path of the dependency management file of the project. This path represents the folder which contains the pom file, package.json etc. If the project contains multiple pom files, provide the path to the parent pom file or the base folder of the project") 284 cmd.Flags().BoolVar(&stepConfig.Unmap, "unmap", false, "Unmap flag will unmap all previous code locations and keep only the current scan results in the specified project version. Set this parameter to true, when the project version needs to store only the latest scan results.") 285 cmd.Flags().StringSliceVar(&stepConfig.ScanProperties, "scanProperties", []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`}, "Properties passed to the Synopsis Detect (formerly BlackDuck) scan. You can find details in the [Synopsis Detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fall-properties.html&_LANG=enus)") 286 cmd.Flags().StringVar(&stepConfig.ServerURL, "serverUrl", os.Getenv("PIPER_serverUrl"), "Server URL to the Synopsis Detect (formerly BlackDuck) Server.") 287 cmd.Flags().StringSliceVar(&stepConfig.Groups, "groups", []string{}, "Users groups to be assigned for the Project") 288 cmd.Flags().StringSliceVar(&stepConfig.FailOn, "failOn", []string{`BLOCKER`}, "Mark the current build as fail based on the policy categories applied.") 289 cmd.Flags().StringVar(&stepConfig.VersioningModel, "versioningModel", `major`, "The versioning model used for result reporting (based on the artifact version). Example 1.2.3 using `major` will result in version 1") 290 cmd.Flags().StringVar(&stepConfig.Version, "version", os.Getenv("PIPER_version"), "Defines the version number of the artifact being build in the pipeline. It is used as source for the Detect version.") 291 cmd.Flags().StringVar(&stepConfig.CustomScanVersion, "customScanVersion", os.Getenv("PIPER_customScanVersion"), "A custom version used along with the uploaded scan results.") 292 cmd.Flags().StringVar(&stepConfig.ProjectSettingsFile, "projectSettingsFile", os.Getenv("PIPER_projectSettingsFile"), "Path or url to the mvn settings file that should be used as project settings file.") 293 cmd.Flags().StringVar(&stepConfig.GlobalSettingsFile, "globalSettingsFile", os.Getenv("PIPER_globalSettingsFile"), "Path or url to the mvn settings file that should be used as global settings file") 294 cmd.Flags().StringVar(&stepConfig.M2Path, "m2Path", os.Getenv("PIPER_m2Path"), "Path to the location of the local repository that should be used.") 295 cmd.Flags().BoolVar(&stepConfig.InstallArtifacts, "installArtifacts", false, "If enabled, it will install all artifacts to the local maven repository to make them available before running detect. This is required if any maven module has dependencies to other modules in the repository and they were not installed before.") 296 cmd.Flags().BoolVar(&stepConfig.BuildMaven, "buildMaven", false, "Experiment parameter for maven multi-modules projects building") 297 cmd.Flags().BoolVar(&stepConfig.GenerateReportsForEmptyProjects, "generateReportsForEmptyProjects", false, "If enabled, it will generate reports for empty projects. This could be useful to see the compliance reports in Sirius") 298 cmd.Flags().StringVar(&stepConfig.PomPath, "pomPath", `pom.xml`, "Path to the pom file which should be installed including all children.") 299 cmd.Flags().StringSliceVar(&stepConfig.IncludedPackageManagers, "includedPackageManagers", []string{}, "The package managers that need to be included for this scan. Providing the package manager names with this parameter will ensure that the build descriptor file of that package manager will be searched in the scan folder For the complete list of possible values for this parameter, please refer [Synopsys detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fconfiguration%2Fdetector.html&_LANG=enus&anchor=detector-types-included-advanced)") 300 cmd.Flags().StringSliceVar(&stepConfig.ExcludedPackageManagers, "excludedPackageManagers", []string{}, "The package managers that need to be excluded for this scan. Providing the package manager names with this parameter will ensure that the build descriptor file of that package manager will be ignored in the scan folder For the complete list of possible values for this parameter, please refer [Synopsys detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fconfiguration%2Fdetector.html&_LANG=enus&anchor=detector-types-excluded-advanced)") 301 cmd.Flags().StringSliceVar(&stepConfig.MavenExcludedScopes, "mavenExcludedScopes", []string{}, "The maven scopes that need to be excluded from the scan. For example, setting the value 'test' will exclude all components which are defined with a test scope in maven") 302 cmd.Flags().StringSliceVar(&stepConfig.DetectTools, "detectTools", []string{}, "The type of BlackDuck scanners to include while running the BlackDuck scan. By default All scanners are included. For the complete list of possible values, Please refer [Synopsys detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fconfiguration%2Fpaths.html&_LANG=enus&anchor=detect-tools-included)") 303 cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", false, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)") 304 cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", true, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped") 305 cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by Synopsys. The full list can be found [here](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=configuring%2Fenvvars.html&_LANG=enus) This list affects the detect script downloaded while running the scan. Right now only detect7.sh is available for downloading") 306 cmd.Flags().IntVar(&stepConfig.MinScanInterval, "minScanInterval", 0, "[DEPRECATED] This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan.") 307 cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line") 308 cmd.Flags().BoolVar(&stepConfig.CreateResultIssue, "createResultIssue", false, "Activate creation of a result issue in GitHub.") 309 cmd.Flags().StringVar(&stepConfig.GithubAPIURL, "githubApiUrl", `https://api.github.com`, "Set the GitHub API URL.") 310 cmd.Flags().StringVar(&stepConfig.Owner, "owner", os.Getenv("PIPER_owner"), "Set the GitHub organization.") 311 cmd.Flags().StringVar(&stepConfig.Repository, "repository", os.Getenv("PIPER_repository"), "Set the GitHub repository.") 312 cmd.Flags().StringSliceVar(&stepConfig.Assignees, "assignees", []string{``}, "Defines the assignees for the Github Issue created/updated with the results of the scan as a list of login names.") 313 cmd.Flags().StringSliceVar(&stepConfig.CustomTLSCertificateLinks, "customTlsCertificateLinks", []string{}, "List of download links to custom TLS certificates. This is required to ensure trusted connections to instances with repositories (like nexus) when publish flag is set to true.") 314 cmd.Flags().BoolVar(&stepConfig.FailOnSevereVulnerabilities, "failOnSevereVulnerabilities", true, "Whether to fail the step on severe vulnerabilties or not") 315 cmd.Flags().StringVar(&stepConfig.BuildTool, "buildTool", os.Getenv("PIPER_buildTool"), "Defines the tool which is used for building the artifact.") 316 cmd.Flags().StringSliceVar(&stepConfig.ExcludedDirectories, "excludedDirectories", []string{}, "List of directories which should be excluded from the scan.") 317 cmd.Flags().StringSliceVar(&stepConfig.NpmDependencyTypesExcluded, "npmDependencyTypesExcluded", []string{}, "List of npm dependency types which Detect should exclude from the BOM.") 318 cmd.Flags().StringSliceVar(&stepConfig.NpmArguments, "npmArguments", []string{}, "List of additional arguments that Detect will add at then end of the npm ls command line when Detect executes the NPM CLI Detector on an NPM project.") 319 cmd.Flags().StringVar(&stepConfig.PrivateModules, "privateModules", os.Getenv("PIPER_privateModules"), "Tells go which modules shall be considered to be private (by setting [GOPRIVATE](https://pkg.go.dev/cmd/go#hdr-Configuration_for_downloading_non_public_code)).") 320 cmd.Flags().StringVar(&stepConfig.PrivateModulesGitToken, "privateModulesGitToken", os.Getenv("PIPER_privateModulesGitToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line.") 321 cmd.Flags().StringVar(&stepConfig.ScanContainerDistro, "scanContainerDistro", os.Getenv("PIPER_scanContainerDistro"), "To also scan your images in the CPE, choose the distro") 322 cmd.Flags().StringSliceVar(&stepConfig.ImageNameTags, "imageNameTags", []string{}, "Images to be scanned (typically filled by CPE)") 323 cmd.Flags().StringVar(&stepConfig.RegistryURL, "registryUrl", os.Getenv("PIPER_registryUrl"), "Used accessing for the images to be scanned (typically filled by CPE)") 324 cmd.Flags().StringVar(&stepConfig.RepositoryUsername, "repositoryUsername", os.Getenv("PIPER_repositoryUsername"), "Used accessing for the images to be scanned (typically filled by CPE)") 325 cmd.Flags().StringVar(&stepConfig.RepositoryPassword, "repositoryPassword", os.Getenv("PIPER_repositoryPassword"), "Used accessing for the images to be scanned (typically filled by CPE)") 326 cmd.Flags().BoolVar(&stepConfig.UseDetect9, "useDetect9", false, "This flag enables the use of the supported version 9 of the Detect Script instead of v8") 327 328 cmd.MarkFlagRequired("token") 329 cmd.MarkFlagRequired("projectName") 330 cmd.MarkFlagRequired("serverUrl") 331 } 332 333 // retrieve step metadata 334 func detectExecuteScanMetadata() config.StepData { 335 var theMetaData = config.StepData{ 336 Metadata: config.StepMetadata{ 337 Name: "detectExecuteScan", 338 Aliases: []config.Alias{}, 339 Description: "Executes Synopsys Detect scan", 340 }, 341 Spec: config.StepSpec{ 342 Inputs: config.StepInputs{ 343 Secrets: []config.StepSecrets{ 344 {Name: "detectTokenCredentialsId", Description: "Jenkins 'Secret text' credentials ID containing the API token used to authenticate with the Synopsis Detect (formerly BlackDuck) Server.", Type: "jenkins", Aliases: []config.Alias{{Name: "apiTokenCredentialsId", Deprecated: false}}}, 345 {Name: "githubTokenCredentialsId", Description: "Jenkins 'Secret text' credentials ID containing token to authenticate to GitHub.", Type: "jenkins"}, 346 {Name: "golangPrivateModulesGitTokenCredentialsId", Description: "Jenkins 'Username with password' credentials ID containing username/password for http access to your git repos where your go private modules are stored.", Type: "jenkins"}, 347 }, 348 Resources: []config.StepResources{ 349 {Name: "buildDescriptor", Type: "stash"}, 350 {Name: "checkmarx", Type: "stash"}, 351 }, 352 Parameters: []config.StepParameters{ 353 { 354 Name: "token", 355 ResourceRef: []config.ResourceReference{ 356 { 357 Name: "detectTokenCredentialsId", 358 Type: "secret", 359 }, 360 361 { 362 Name: "detectVaultSecretName", 363 Type: "vaultSecret", 364 Default: "detect", 365 }, 366 }, 367 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 368 Type: "string", 369 Mandatory: true, 370 Aliases: []config.Alias{{Name: "blackduckToken"}, {Name: "detectToken"}, {Name: "apiToken", Deprecated: true}, {Name: "detect/apiToken", Deprecated: true}}, 371 Default: os.Getenv("PIPER_token"), 372 }, 373 { 374 Name: "codeLocation", 375 ResourceRef: []config.ResourceReference{}, 376 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 377 Type: "string", 378 Mandatory: false, 379 Aliases: []config.Alias{}, 380 Default: os.Getenv("PIPER_codeLocation"), 381 }, 382 { 383 Name: "projectName", 384 ResourceRef: []config.ResourceReference{}, 385 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 386 Type: "string", 387 Mandatory: true, 388 Aliases: []config.Alias{{Name: "detect/projectName"}}, 389 Default: os.Getenv("PIPER_projectName"), 390 }, 391 { 392 Name: "scanners", 393 ResourceRef: []config.ResourceReference{}, 394 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 395 Type: "[]string", 396 Mandatory: false, 397 Aliases: []config.Alias{{Name: "detect/scanners"}}, 398 Default: []string{`signature`}, 399 }, 400 { 401 Name: "scanPaths", 402 ResourceRef: []config.ResourceReference{}, 403 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 404 Type: "[]string", 405 Mandatory: false, 406 Aliases: []config.Alias{{Name: "detect/scanPaths"}}, 407 Default: []string{`.`}, 408 }, 409 { 410 Name: "dependencyPath", 411 ResourceRef: []config.ResourceReference{}, 412 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 413 Type: "string", 414 Mandatory: false, 415 Aliases: []config.Alias{{Name: "detect/dependencyPath"}}, 416 Default: `.`, 417 }, 418 { 419 Name: "unmap", 420 ResourceRef: []config.ResourceReference{}, 421 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 422 Type: "bool", 423 Mandatory: false, 424 Aliases: []config.Alias{{Name: "detect/unmap"}}, 425 Default: false, 426 }, 427 { 428 Name: "scanProperties", 429 ResourceRef: []config.ResourceReference{}, 430 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 431 Type: "[]string", 432 Mandatory: false, 433 Aliases: []config.Alias{{Name: "detect/scanProperties"}}, 434 Default: []string{`--blackduck.signature.scanner.memory=4096`, `--detect.timeout=6000`, `--blackduck.trust.cert=true`, `--logging.level.com.synopsys.integration=DEBUG`, `--detect.maven.excluded.scopes=test`}, 435 }, 436 { 437 Name: "serverUrl", 438 ResourceRef: []config.ResourceReference{}, 439 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 440 Type: "string", 441 Mandatory: true, 442 Aliases: []config.Alias{{Name: "detect/serverUrl"}, {Name: "detectServerUrl"}}, 443 Default: os.Getenv("PIPER_serverUrl"), 444 }, 445 { 446 Name: "groups", 447 ResourceRef: []config.ResourceReference{}, 448 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 449 Type: "[]string", 450 Mandatory: false, 451 Aliases: []config.Alias{{Name: "detect/groups"}}, 452 Default: []string{}, 453 }, 454 { 455 Name: "failOn", 456 ResourceRef: []config.ResourceReference{}, 457 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 458 Type: "[]string", 459 Mandatory: false, 460 Aliases: []config.Alias{{Name: "detect/failOn"}}, 461 Default: []string{`BLOCKER`}, 462 }, 463 { 464 Name: "versioningModel", 465 ResourceRef: []config.ResourceReference{}, 466 Scope: []string{"PARAMETERS", "GENERAL", "STAGES", "STEPS"}, 467 Type: "string", 468 Mandatory: false, 469 Aliases: []config.Alias{}, 470 Default: `major`, 471 }, 472 { 473 Name: "version", 474 ResourceRef: []config.ResourceReference{ 475 { 476 Name: "commonPipelineEnvironment", 477 Param: "artifactVersion", 478 }, 479 }, 480 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 481 Type: "string", 482 Mandatory: false, 483 Aliases: []config.Alias{{Name: "projectVersion"}, {Name: "detect/projectVersion"}}, 484 Default: os.Getenv("PIPER_version"), 485 }, 486 { 487 Name: "customScanVersion", 488 ResourceRef: []config.ResourceReference{}, 489 Scope: []string{"GENERAL", "STAGES", "STEPS", "PARAMETERS"}, 490 Type: "string", 491 Mandatory: false, 492 Aliases: []config.Alias{}, 493 Default: os.Getenv("PIPER_customScanVersion"), 494 }, 495 { 496 Name: "projectSettingsFile", 497 ResourceRef: []config.ResourceReference{}, 498 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 499 Type: "string", 500 Mandatory: false, 501 Aliases: []config.Alias{{Name: "maven/projectSettingsFile"}}, 502 Default: os.Getenv("PIPER_projectSettingsFile"), 503 }, 504 { 505 Name: "globalSettingsFile", 506 ResourceRef: []config.ResourceReference{}, 507 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 508 Type: "string", 509 Mandatory: false, 510 Aliases: []config.Alias{{Name: "maven/globalSettingsFile"}}, 511 Default: os.Getenv("PIPER_globalSettingsFile"), 512 }, 513 { 514 Name: "m2Path", 515 ResourceRef: []config.ResourceReference{}, 516 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 517 Type: "string", 518 Mandatory: false, 519 Aliases: []config.Alias{{Name: "maven/m2Path"}}, 520 Default: os.Getenv("PIPER_m2Path"), 521 }, 522 { 523 Name: "installArtifacts", 524 ResourceRef: []config.ResourceReference{}, 525 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 526 Type: "bool", 527 Mandatory: false, 528 Aliases: []config.Alias{}, 529 Default: false, 530 }, 531 { 532 Name: "buildMaven", 533 ResourceRef: []config.ResourceReference{}, 534 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 535 Type: "bool", 536 Mandatory: false, 537 Aliases: []config.Alias{}, 538 Default: false, 539 }, 540 { 541 Name: "generateReportsForEmptyProjects", 542 ResourceRef: []config.ResourceReference{}, 543 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 544 Type: "bool", 545 Mandatory: false, 546 Aliases: []config.Alias{}, 547 Default: false, 548 }, 549 { 550 Name: "pomPath", 551 ResourceRef: []config.ResourceReference{}, 552 Scope: []string{"STEPS"}, 553 Type: "string", 554 Mandatory: false, 555 Aliases: []config.Alias{}, 556 Default: `pom.xml`, 557 }, 558 { 559 Name: "includedPackageManagers", 560 ResourceRef: []config.ResourceReference{}, 561 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 562 Type: "[]string", 563 Mandatory: false, 564 Aliases: []config.Alias{{Name: "detect/includedPackageManagers"}}, 565 Default: []string{}, 566 }, 567 { 568 Name: "excludedPackageManagers", 569 ResourceRef: []config.ResourceReference{}, 570 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 571 Type: "[]string", 572 Mandatory: false, 573 Aliases: []config.Alias{{Name: "detect/excludedPackageManagers"}}, 574 Default: []string{}, 575 }, 576 { 577 Name: "mavenExcludedScopes", 578 ResourceRef: []config.ResourceReference{}, 579 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 580 Type: "[]string", 581 Mandatory: false, 582 Aliases: []config.Alias{{Name: "detect/mavenExcludedScopes"}}, 583 Default: []string{}, 584 }, 585 { 586 Name: "detectTools", 587 ResourceRef: []config.ResourceReference{}, 588 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 589 Type: "[]string", 590 Mandatory: false, 591 Aliases: []config.Alias{{Name: "detect/detectTools"}}, 592 Default: []string{}, 593 }, 594 { 595 Name: "scanOnChanges", 596 ResourceRef: []config.ResourceReference{}, 597 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 598 Type: "bool", 599 Mandatory: false, 600 Aliases: []config.Alias{}, 601 Default: false, 602 }, 603 { 604 Name: "successOnSkip", 605 ResourceRef: []config.ResourceReference{}, 606 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 607 Type: "bool", 608 Mandatory: false, 609 Aliases: []config.Alias{{Name: "detect/successOnSkip", Deprecated: true}}, 610 Default: true, 611 }, 612 { 613 Name: "customEnvironmentVariables", 614 ResourceRef: []config.ResourceReference{}, 615 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 616 Type: "[]string", 617 Mandatory: false, 618 Aliases: []config.Alias{}, 619 Default: []string{}, 620 }, 621 { 622 Name: "minScanInterval", 623 ResourceRef: []config.ResourceReference{}, 624 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 625 Type: "int", 626 Mandatory: false, 627 Aliases: []config.Alias{}, 628 Default: 0, 629 }, 630 { 631 Name: "githubToken", 632 ResourceRef: []config.ResourceReference{ 633 { 634 Name: "githubTokenCredentialsId", 635 Type: "secret", 636 }, 637 638 { 639 Name: "githubVaultSecretName", 640 Type: "vaultSecret", 641 Default: "github", 642 }, 643 }, 644 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 645 Type: "string", 646 Mandatory: false, 647 Aliases: []config.Alias{{Name: "access_token"}}, 648 Default: os.Getenv("PIPER_githubToken"), 649 }, 650 { 651 Name: "createResultIssue", 652 ResourceRef: []config.ResourceReference{ 653 { 654 Name: "commonPipelineEnvironment", 655 Param: "custom/isOptimizedAndScheduled", 656 }, 657 }, 658 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 659 Type: "bool", 660 Mandatory: false, 661 Aliases: []config.Alias{}, 662 Default: false, 663 }, 664 { 665 Name: "githubApiUrl", 666 ResourceRef: []config.ResourceReference{}, 667 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 668 Type: "string", 669 Mandatory: false, 670 Aliases: []config.Alias{}, 671 Default: `https://api.github.com`, 672 }, 673 { 674 Name: "owner", 675 ResourceRef: []config.ResourceReference{ 676 { 677 Name: "commonPipelineEnvironment", 678 Param: "github/owner", 679 }, 680 }, 681 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 682 Type: "string", 683 Mandatory: false, 684 Aliases: []config.Alias{{Name: "githubOrg"}}, 685 Default: os.Getenv("PIPER_owner"), 686 }, 687 { 688 Name: "repository", 689 ResourceRef: []config.ResourceReference{ 690 { 691 Name: "commonPipelineEnvironment", 692 Param: "github/repository", 693 }, 694 }, 695 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 696 Type: "string", 697 Mandatory: false, 698 Aliases: []config.Alias{{Name: "githubRepo"}}, 699 Default: os.Getenv("PIPER_repository"), 700 }, 701 { 702 Name: "assignees", 703 ResourceRef: []config.ResourceReference{}, 704 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 705 Type: "[]string", 706 Mandatory: false, 707 Aliases: []config.Alias{}, 708 Default: []string{``}, 709 }, 710 { 711 Name: "customTlsCertificateLinks", 712 ResourceRef: []config.ResourceReference{}, 713 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 714 Type: "[]string", 715 Mandatory: false, 716 Aliases: []config.Alias{}, 717 Default: []string{}, 718 }, 719 { 720 Name: "failOnSevereVulnerabilities", 721 ResourceRef: []config.ResourceReference{}, 722 Scope: []string{"PARAMETERS"}, 723 Type: "bool", 724 Mandatory: false, 725 Aliases: []config.Alias{}, 726 Default: true, 727 }, 728 { 729 Name: "buildTool", 730 ResourceRef: []config.ResourceReference{ 731 { 732 Name: "commonPipelineEnvironment", 733 Param: "buildTool", 734 }, 735 }, 736 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 737 Type: "string", 738 Mandatory: false, 739 Aliases: []config.Alias{}, 740 Default: os.Getenv("PIPER_buildTool"), 741 }, 742 { 743 Name: "excludedDirectories", 744 ResourceRef: []config.ResourceReference{}, 745 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 746 Type: "[]string", 747 Mandatory: false, 748 Aliases: []config.Alias{{Name: "detect/excludedDirectories"}}, 749 Default: []string{}, 750 }, 751 { 752 Name: "npmDependencyTypesExcluded", 753 ResourceRef: []config.ResourceReference{}, 754 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 755 Type: "[]string", 756 Mandatory: false, 757 Aliases: []config.Alias{{Name: "detect/npmDependencyTypesExcluded"}}, 758 Default: []string{}, 759 }, 760 { 761 Name: "npmArguments", 762 ResourceRef: []config.ResourceReference{}, 763 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 764 Type: "[]string", 765 Mandatory: false, 766 Aliases: []config.Alias{{Name: "detect/npmArguments"}}, 767 Default: []string{}, 768 }, 769 { 770 Name: "privateModules", 771 ResourceRef: []config.ResourceReference{}, 772 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 773 Type: "string", 774 Mandatory: false, 775 Aliases: []config.Alias{}, 776 Default: os.Getenv("PIPER_privateModules"), 777 }, 778 { 779 Name: "privateModulesGitToken", 780 ResourceRef: []config.ResourceReference{ 781 { 782 Name: "golangPrivateModulesGitTokenCredentialsId", 783 Param: "password", 784 Type: "secret", 785 }, 786 787 { 788 Name: "golangPrivateModulesGitTokenVaultSecret", 789 Type: "vaultSecret", 790 Default: "golang", 791 }, 792 }, 793 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 794 Type: "string", 795 Mandatory: false, 796 Aliases: []config.Alias{}, 797 Default: os.Getenv("PIPER_privateModulesGitToken"), 798 }, 799 { 800 Name: "scanContainerDistro", 801 ResourceRef: []config.ResourceReference{}, 802 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 803 Type: "string", 804 Mandatory: false, 805 Aliases: []config.Alias{}, 806 Default: os.Getenv("PIPER_scanContainerDistro"), 807 }, 808 { 809 Name: "imageNameTags", 810 ResourceRef: []config.ResourceReference{ 811 { 812 Name: "commonPipelineEnvironment", 813 Param: "container/imageNameTags", 814 }, 815 }, 816 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 817 Type: "[]string", 818 Mandatory: false, 819 Aliases: []config.Alias{}, 820 Default: []string{}, 821 }, 822 { 823 Name: "registryUrl", 824 ResourceRef: []config.ResourceReference{ 825 { 826 Name: "commonPipelineEnvironment", 827 Param: "container/registryUrl", 828 }, 829 }, 830 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 831 Type: "string", 832 Mandatory: false, 833 Aliases: []config.Alias{}, 834 Default: os.Getenv("PIPER_registryUrl"), 835 }, 836 { 837 Name: "repositoryUsername", 838 ResourceRef: []config.ResourceReference{ 839 { 840 Name: "commonPipelineEnvironment", 841 Param: "container/repositoryUsername", 842 }, 843 }, 844 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 845 Type: "string", 846 Mandatory: false, 847 Aliases: []config.Alias{}, 848 Default: os.Getenv("PIPER_repositoryUsername"), 849 }, 850 { 851 Name: "repositoryPassword", 852 ResourceRef: []config.ResourceReference{ 853 { 854 Name: "commonPipelineEnvironment", 855 Param: "container/repositoryPassword", 856 }, 857 }, 858 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 859 Type: "string", 860 Mandatory: false, 861 Aliases: []config.Alias{}, 862 Default: os.Getenv("PIPER_repositoryPassword"), 863 }, 864 { 865 Name: "useDetect9", 866 ResourceRef: []config.ResourceReference{}, 867 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 868 Type: "bool", 869 Mandatory: false, 870 Aliases: []config.Alias{{Name: "detect/useDetect9"}}, 871 Default: false, 872 }, 873 }, 874 }, 875 Containers: []config.Container{ 876 {Name: "openjdk", Image: "openjdk:11", WorkingDir: "/root", Options: []config.Option{{Name: "-u", Value: "0"}}}, 877 }, 878 Sidecars: []config.Container{ 879 {Name: "inspector-ubuntu", Image: "blackducksoftware/blackduck-imageinspector-ubuntu:5.1.0", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "scanContainerDistro", Value: "ubuntu"}}}}}, 880 {Name: "inspector-alpine", Image: "blackducksoftware/blackduck-imageinspector-alpine:5.1.0", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "scanContainerDistro", Value: "alpine"}}}}}, 881 {Name: "inspector-centos", Image: "blackducksoftware/blackduck-imageinspector-centos:5.1.0", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "scanContainerDistro", Value: "centos"}}}}}, 882 }, 883 Outputs: config.StepOutputs{ 884 Resources: []config.StepResources{ 885 { 886 Name: "influx", 887 Type: "influx", 888 Parameters: []map[string]interface{}{ 889 {"name": "step_data", "fields": []map[string]string{{"name": "detect"}}}, 890 {"name": "detect_data", "fields": []map[string]string{{"name": "vulnerabilities"}, {"name": "major_vulnerabilities"}, {"name": "minor_vulnerabilities"}, {"name": "components"}, {"name": "policy_violations"}}}, 891 }, 892 }, 893 { 894 Name: "reports", 895 Type: "reports", 896 Parameters: []map[string]interface{}{ 897 {"filePattern": "**/*BlackDuck_RiskReport.pdf", "type": "blackduck-ip"}, 898 {"filePattern": "**/blackduck-ip.json", "type": "blackduck-ip"}, 899 {"filePattern": "**/toolrun_detectExecute_*.json", "type": "blackduck-ip"}, 900 {"filePattern": "**/piper_detect_policy_violation_report.html", "type": "blackduck-ip"}, 901 {"filePattern": "**/*BlackDuck_RiskReport.pdf", "type": "blackduck-security"}, 902 {"filePattern": "**/detectExecuteScan_policy_*.json", "type": "blackduck-security"}, 903 {"filePattern": "**/piper_detect_vulnerability_report.html", "type": "blackduck-security"}, 904 {"filePattern": "**/toolrun_detectExecute_*.json", "type": "blackduck-security"}, 905 {"filePattern": "**/piper_detect_vulnerability.sarif", "type": "blackduck-security"}, 906 {"filePattern": "**/piper_hub_detect_sbom.xml", "type": "blackduck-security"}, 907 }, 908 }, 909 }, 910 }, 911 }, 912 } 913 return theMetaData 914 }