github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/pkg/whitesource/scanMaven.go (about) 1 package whitesource 2 3 import ( 4 "fmt" 5 "path/filepath" 6 "strings" 7 8 "github.com/SAP/jenkins-library/pkg/log" 9 "github.com/SAP/jenkins-library/pkg/maven" 10 ) 11 12 // ExecuteMavenScan constructs maven parameters from the given configuration, and executes the maven goal 13 // "org.whitesource:whitesource-maven-plugin:19.5.1:update". 14 func (s *Scan) ExecuteMavenScan(config *ScanOptions, utils Utils) error { 15 s.AgentName = "WhiteSource Maven Plugin" 16 s.AgentVersion = "unknown" 17 log.Entry().Infof("Using Whitesource scan for Maven project") 18 pomPath := config.PomPath 19 if pomPath == "" { 20 pomPath = "pom.xml" 21 } 22 return s.ExecuteMavenScanForPomFile(config, utils, pomPath) 23 } 24 25 // ExecuteMavenScanForPomFile constructs maven parameters from the given configuration, and executes the maven goal 26 // "org.whitesource:whitesource-maven-plugin:19.5.1:update" for the given pom file. 27 func (s *Scan) ExecuteMavenScanForPomFile(config *ScanOptions, utils Utils, pomPath string) error { 28 pomExists, _ := utils.FileExists(pomPath) 29 if !pomExists { 30 return fmt.Errorf("for scanning with type '%s', the file '%s' must exist in the project root", 31 config.ScanType, pomPath) 32 } 33 34 if config.InstallArtifacts { 35 err := maven.InstallMavenArtifacts(&maven.EvaluateOptions{ 36 M2Path: config.M2Path, 37 ProjectSettingsFile: config.ProjectSettingsFile, 38 GlobalSettingsFile: config.GlobalSettingsFile, 39 PomPath: pomPath, 40 }, utils) 41 if err != nil { 42 return err 43 } 44 } 45 46 defines := s.generateMavenWhitesourceDefines(config) 47 flags, excludes := generateMavenWhitesourceFlags(config, utils) 48 err := s.appendModulesThatWillBeScanned(utils, excludes) 49 if err != nil { 50 return fmt.Errorf("failed to determine maven modules which will be scanned: %w", err) 51 } 52 53 _, err = maven.Execute(&maven.ExecuteOptions{ 54 PomPath: pomPath, 55 M2Path: config.M2Path, 56 GlobalSettingsFile: config.GlobalSettingsFile, 57 ProjectSettingsFile: config.ProjectSettingsFile, 58 Defines: defines, 59 Flags: flags, 60 Goals: []string{"org.whitesource:whitesource-maven-plugin:19.5.1:update"}, 61 }, utils) 62 63 return err 64 } 65 66 func (s *Scan) generateMavenWhitesourceDefines(config *ScanOptions) []string { 67 defines := []string{ 68 "-Dorg.whitesource.orgToken=" + config.OrgToken, 69 "-Dorg.whitesource.product=" + config.ProductName, 70 "-Dorg.whitesource.checkPolicies=true", 71 "-Dorg.whitesource.failOnError=true", 72 "-Dorg.whitesource.forceUpdate=true", 73 } 74 75 // Aggregate all modules into one WhiteSource project, if user specified the 'projectName' parameter. 76 if config.ProjectName != "" { 77 defines = append(defines, "-Dorg.whitesource.aggregateProjectName="+config.ProjectName) 78 defines = append(defines, "-Dorg.whitesource.aggregateModules=true") 79 } 80 81 if config.UserToken != "" { 82 defines = append(defines, "-Dorg.whitesource.userKey="+config.UserToken) 83 } 84 85 if s.ProductVersion != "" { 86 defines = append(defines, "-Dorg.whitesource.productVersion="+s.ProductVersion) 87 } 88 89 return defines 90 } 91 92 func generateMavenWhitesourceFlags(config *ScanOptions, utils Utils) (flags []string, excludes []string) { 93 excludes = config.BuildDescriptorExcludeList 94 // From the documentation, these are file paths to a module's pom.xml. 95 // For MTA projects, we want to support mixing paths to package.json files and pom.xml files. 96 for _, exclude := range excludes { 97 if !strings.HasSuffix(exclude, "pom.xml") { 98 continue 99 } 100 exists, _ := utils.FileExists(exclude) 101 if !exists { 102 continue 103 } 104 moduleName := filepath.Dir(exclude) 105 if moduleName != "" { 106 flags = append(flags, "-pl", "!"+moduleName) 107 } 108 } 109 return flags, excludes 110 } 111 112 func (s *Scan) appendModulesThatWillBeScanned(utils Utils, excludes []string) error { 113 return maven.VisitAllMavenModules(".", utils, excludes, func(info maven.ModuleInfo) error { 114 project := info.Project 115 if project.Packaging != "pom" { 116 if project.ArtifactID == "" { 117 return fmt.Errorf("artifactId missing from '%s'", info.PomXMLPath) 118 } 119 120 err := s.AppendScannedProject(project.ArtifactID) 121 if err != nil { 122 return err 123 } 124 } 125 return nil 126 }) 127 }