github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/pkg/whitesource/scanMaven.go

github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/pkg/whitesource/scanMaven.go (about)

     1  package whitesource
     2  
     3  import (
     4  	"fmt"
     5  	"path/filepath"
     6  	"strings"
     7  
     8  	"github.com/SAP/jenkins-library/pkg/log"
     9  	"github.com/SAP/jenkins-library/pkg/maven"
    10  )
    11  
    12  // ExecuteMavenScan constructs maven parameters from the given configuration, and executes the maven goal
    13  // "org.whitesource:whitesource-maven-plugin:19.5.1:update".
    14  func (s *Scan) ExecuteMavenScan(config *ScanOptions, utils Utils) error {
    15  	s.AgentName = "WhiteSource Maven Plugin"
    16  	s.AgentVersion = "unknown"
    17  	log.Entry().Infof("Using Whitesource scan for Maven project")
    18  	pomPath := config.PomPath
    19  	if pomPath == "" {
    20  		pomPath = "pom.xml"
    21  	}
    22  	return s.ExecuteMavenScanForPomFile(config, utils, pomPath)
    23  }
    24  
    25  // ExecuteMavenScanForPomFile constructs maven parameters from the given configuration, and executes the maven goal
    26  // "org.whitesource:whitesource-maven-plugin:19.5.1:update" for the given pom file.
    27  func (s *Scan) ExecuteMavenScanForPomFile(config *ScanOptions, utils Utils, pomPath string) error {
    28  	pomExists, _ := utils.FileExists(pomPath)
    29  	if !pomExists {
    30  		return fmt.Errorf("for scanning with type '%s', the file '%s' must exist in the project root",
    31  			config.ScanType, pomPath)
    32  	}
    33  
    34  	if config.InstallArtifacts {
    35  		err := maven.InstallMavenArtifacts(&maven.EvaluateOptions{
    36  			M2Path:              config.M2Path,
    37  			ProjectSettingsFile: config.ProjectSettingsFile,
    38  			GlobalSettingsFile:  config.GlobalSettingsFile,
    39  			PomPath:             pomPath,
    40  		}, utils)
    41  		if err != nil {
    42  			return err
    43  		}
    44  	}
    45  
    46  	defines := s.generateMavenWhitesourceDefines(config)
    47  	flags, excludes := generateMavenWhitesourceFlags(config, utils)
    48  	err := s.appendModulesThatWillBeScanned(utils, excludes)
    49  	if err != nil {
    50  		return fmt.Errorf("failed to determine maven modules which will be scanned: %w", err)
    51  	}
    52  
    53  	_, err = maven.Execute(&maven.ExecuteOptions{
    54  		PomPath:             pomPath,
    55  		M2Path:              config.M2Path,
    56  		GlobalSettingsFile:  config.GlobalSettingsFile,
    57  		ProjectSettingsFile: config.ProjectSettingsFile,
    58  		Defines:             defines,
    59  		Flags:               flags,
    60  		Goals:               []string{"org.whitesource:whitesource-maven-plugin:19.5.1:update"},
    61  	}, utils)
    62  
    63  	return err
    64  }
    65  
    66  func (s *Scan) generateMavenWhitesourceDefines(config *ScanOptions) []string {
    67  	defines := []string{
    68  		"-Dorg.whitesource.orgToken=" + config.OrgToken,
    69  		"-Dorg.whitesource.product=" + config.ProductName,
    70  		"-Dorg.whitesource.checkPolicies=true",
    71  		"-Dorg.whitesource.failOnError=true",
    72  		"-Dorg.whitesource.forceUpdate=true",
    73  	}
    74  
    75  	// Aggregate all modules into one WhiteSource project, if user specified the 'projectName' parameter.
    76  	if config.ProjectName != "" {
    77  		defines = append(defines, "-Dorg.whitesource.aggregateProjectName="+config.ProjectName)
    78  		defines = append(defines, "-Dorg.whitesource.aggregateModules=true")
    79  	}
    80  
    81  	if config.UserToken != "" {
    82  		defines = append(defines, "-Dorg.whitesource.userKey="+config.UserToken)
    83  	}
    84  
    85  	if s.ProductVersion != "" {
    86  		defines = append(defines, "-Dorg.whitesource.productVersion="+s.ProductVersion)
    87  	}
    88  
    89  	return defines
    90  }
    91  
    92  func generateMavenWhitesourceFlags(config *ScanOptions, utils Utils) (flags []string, excludes []string) {
    93  	excludes = config.BuildDescriptorExcludeList
    94  	// From the documentation, these are file paths to a module's pom.xml.
    95  	// For MTA projects, we want to support mixing paths to package.json files and pom.xml files.
    96  	for _, exclude := range excludes {
    97  		if !strings.HasSuffix(exclude, "pom.xml") {
    98  			continue
    99  		}
   100  		exists, _ := utils.FileExists(exclude)
   101  		if !exists {
   102  			continue
   103  		}
   104  		moduleName := filepath.Dir(exclude)
   105  		if moduleName != "" {
   106  			flags = append(flags, "-pl", "!"+moduleName)
   107  		}
   108  	}
   109  	return flags, excludes
   110  }
   111  
   112  func (s *Scan) appendModulesThatWillBeScanned(utils Utils, excludes []string) error {
   113  	return maven.VisitAllMavenModules(".", utils, excludes, func(info maven.ModuleInfo) error {
   114  		project := info.Project
   115  		if project.Packaging != "pom" {
   116  			if project.ArtifactID == "" {
   117  				return fmt.Errorf("artifactId missing from '%s'", info.PomXMLPath)
   118  			}
   119  
   120  			err := s.AppendScannedProject(project.ArtifactID)
   121  			if err != nil {
   122  				return err
   123  			}
   124  		}
   125  		return nil
   126  	})
   127  }