github.com/xgoffin/jenkins-library@v1.154.0/cmd/whitesourceExecuteScan_generated.go (about) 1 // Code generated by piper's step-generator. DO NOT EDIT. 2 3 package cmd 4 5 import ( 6 "fmt" 7 "os" 8 "path/filepath" 9 "reflect" 10 "strings" 11 "time" 12 13 "github.com/SAP/jenkins-library/pkg/config" 14 "github.com/SAP/jenkins-library/pkg/gcs" 15 "github.com/SAP/jenkins-library/pkg/log" 16 "github.com/SAP/jenkins-library/pkg/piperenv" 17 "github.com/SAP/jenkins-library/pkg/splunk" 18 "github.com/SAP/jenkins-library/pkg/telemetry" 19 "github.com/SAP/jenkins-library/pkg/validation" 20 "github.com/bmatcuk/doublestar" 21 "github.com/spf13/cobra" 22 ) 23 24 type whitesourceExecuteScanOptions struct { 25 AgentDownloadURL string `json:"agentDownloadUrl,omitempty"` 26 AgentFileName string `json:"agentFileName,omitempty"` 27 AgentParameters []string `json:"agentParameters,omitempty"` 28 AgentURL string `json:"agentUrl,omitempty"` 29 AggregateVersionWideReport bool `json:"aggregateVersionWideReport,omitempty"` 30 BuildDescriptorExcludeList []string `json:"buildDescriptorExcludeList,omitempty"` 31 BuildDescriptorFile string `json:"buildDescriptorFile,omitempty"` 32 BuildTool string `json:"buildTool,omitempty"` 33 ConfigFilePath string `json:"configFilePath,omitempty"` 34 ContainerRegistryPassword string `json:"containerRegistryPassword,omitempty"` 35 ContainerRegistryUser string `json:"containerRegistryUser,omitempty"` 36 CreateProductFromPipeline bool `json:"createProductFromPipeline,omitempty"` 37 CustomScanVersion string `json:"customScanVersion,omitempty"` 38 CvssSeverityLimit string `json:"cvssSeverityLimit,omitempty"` 39 ScanPath string `json:"scanPath,omitempty"` 40 DockerConfigJSON string `json:"dockerConfigJSON,omitempty"` 41 EmailAddressesOfInitialProductAdmins []string `json:"emailAddressesOfInitialProductAdmins,omitempty"` 42 Excludes []string `json:"excludes,omitempty"` 43 Includes []string `json:"includes,omitempty"` 44 InstallCommand string `json:"installCommand,omitempty"` 45 JreDownloadURL string `json:"jreDownloadUrl,omitempty"` 46 LicensingVulnerabilities bool `json:"licensingVulnerabilities,omitempty"` 47 OrgToken string `json:"orgToken,omitempty"` 48 ProductName string `json:"productName,omitempty"` 49 ProductToken string `json:"productToken,omitempty"` 50 Version string `json:"version,omitempty"` 51 ProjectName string `json:"projectName,omitempty"` 52 ProjectToken string `json:"projectToken,omitempty"` 53 Reporting bool `json:"reporting,omitempty"` 54 ScanImage string `json:"scanImage,omitempty"` 55 ScanImageIncludeLayers bool `json:"scanImageIncludeLayers,omitempty"` 56 ScanImageRegistryURL string `json:"scanImageRegistryUrl,omitempty"` 57 SecurityVulnerabilities bool `json:"securityVulnerabilities,omitempty"` 58 ServiceURL string `json:"serviceUrl,omitempty"` 59 Timeout int `json:"timeout,omitempty"` 60 UserToken string `json:"userToken,omitempty"` 61 VersioningModel string `json:"versioningModel,omitempty"` 62 VulnerabilityReportFormat string `json:"vulnerabilityReportFormat,omitempty" validate:"possible-values=xlsx json xml"` 63 VulnerabilityReportTitle string `json:"vulnerabilityReportTitle,omitempty"` 64 ProjectSettingsFile string `json:"projectSettingsFile,omitempty"` 65 GlobalSettingsFile string `json:"globalSettingsFile,omitempty"` 66 M2Path string `json:"m2Path,omitempty"` 67 InstallArtifacts bool `json:"installArtifacts,omitempty"` 68 DefaultNpmRegistry string `json:"defaultNpmRegistry,omitempty"` 69 GithubToken string `json:"githubToken,omitempty"` 70 CreateResultIssue bool `json:"createResultIssue,omitempty"` 71 GithubAPIURL string `json:"githubApiUrl,omitempty"` 72 Owner string `json:"owner,omitempty"` 73 Repository string `json:"repository,omitempty"` 74 Assignees []string `json:"assignees,omitempty"` 75 CustomTLSCertificateLinks []string `json:"customTlsCertificateLinks,omitempty"` 76 } 77 78 type whitesourceExecuteScanCommonPipelineEnvironment struct { 79 custom struct { 80 whitesourceProjectNames []string 81 } 82 } 83 84 func (p *whitesourceExecuteScanCommonPipelineEnvironment) persist(path, resourceName string) { 85 content := []struct { 86 category string 87 name string 88 value interface{} 89 }{ 90 {category: "custom", name: "whitesourceProjectNames", value: p.custom.whitesourceProjectNames}, 91 } 92 93 errCount := 0 94 for _, param := range content { 95 err := piperenv.SetResourceParameter(path, resourceName, filepath.Join(param.category, param.name), param.value) 96 if err != nil { 97 log.Entry().WithError(err).Error("Error persisting piper environment.") 98 errCount++ 99 } 100 } 101 if errCount > 0 { 102 log.Entry().Error("failed to persist Piper environment") 103 } 104 } 105 106 type whitesourceExecuteScanInflux struct { 107 step_data struct { 108 fields struct { 109 whitesource bool 110 } 111 tags struct { 112 } 113 } 114 whitesource_data struct { 115 fields struct { 116 vulnerabilities int 117 major_vulnerabilities int 118 minor_vulnerabilities int 119 policy_violations int 120 } 121 tags struct { 122 } 123 } 124 } 125 126 func (i *whitesourceExecuteScanInflux) persist(path, resourceName string) { 127 measurementContent := []struct { 128 measurement string 129 valType string 130 name string 131 value interface{} 132 }{ 133 {valType: config.InfluxField, measurement: "step_data", name: "whitesource", value: i.step_data.fields.whitesource}, 134 {valType: config.InfluxField, measurement: "whitesource_data", name: "vulnerabilities", value: i.whitesource_data.fields.vulnerabilities}, 135 {valType: config.InfluxField, measurement: "whitesource_data", name: "major_vulnerabilities", value: i.whitesource_data.fields.major_vulnerabilities}, 136 {valType: config.InfluxField, measurement: "whitesource_data", name: "minor_vulnerabilities", value: i.whitesource_data.fields.minor_vulnerabilities}, 137 {valType: config.InfluxField, measurement: "whitesource_data", name: "policy_violations", value: i.whitesource_data.fields.policy_violations}, 138 } 139 140 errCount := 0 141 for _, metric := range measurementContent { 142 err := piperenv.SetResourceParameter(path, resourceName, filepath.Join(metric.measurement, fmt.Sprintf("%vs", metric.valType), metric.name), metric.value) 143 if err != nil { 144 log.Entry().WithError(err).Error("Error persisting influx environment.") 145 errCount++ 146 } 147 } 148 if errCount > 0 { 149 log.Entry().Error("failed to persist Influx environment") 150 } 151 } 152 153 type whitesourceExecuteScanReports struct { 154 } 155 156 func (p *whitesourceExecuteScanReports) persist(stepConfig whitesourceExecuteScanOptions, gcpJsonKeyFilePath string, gcsBucketId string, gcsFolderPath string, gcsSubFolder string) { 157 if gcsBucketId == "" { 158 log.Entry().Info("persisting reports to GCS is disabled, because gcsBucketId is empty") 159 return 160 } 161 log.Entry().Info("Uploading reports to Google Cloud Storage...") 162 content := []gcs.ReportOutputParam{ 163 {FilePattern: "**/whitesource-ip.json", ParamRef: "", StepResultType: "whitesource-ip"}, 164 {FilePattern: "whitesource-riskReport.pdf", ParamRef: "", StepResultType: "whitesource-ip"}, 165 {FilePattern: "**/toolrun_whitesource_*.json", ParamRef: "", StepResultType: "whitesource-ip"}, 166 {FilePattern: "**/piper_whitesource_vulnerability_report.html", ParamRef: "", StepResultType: "whitesource-security"}, 167 {FilePattern: "whitesource-riskReport.pdf", ParamRef: "", StepResultType: "whitesource-security"}, 168 {FilePattern: "**/toolrun_whitesource_*.json", ParamRef: "", StepResultType: "whitesource-security"}, 169 } 170 envVars := []gcs.EnvVar{ 171 {Name: "GOOGLE_APPLICATION_CREDENTIALS", Value: gcpJsonKeyFilePath, Modified: false}, 172 } 173 gcsClient, err := gcs.NewClient(gcs.WithEnvVars(envVars)) 174 if err != nil { 175 log.Entry().Errorf("creation of GCS client failed: %v", err) 176 return 177 } 178 defer gcsClient.Close() 179 structVal := reflect.ValueOf(&stepConfig).Elem() 180 inputParameters := map[string]string{} 181 for i := 0; i < structVal.NumField(); i++ { 182 field := structVal.Type().Field(i) 183 if field.Type.String() == "string" { 184 paramName := strings.Split(field.Tag.Get("json"), ",") 185 paramValue, _ := structVal.Field(i).Interface().(string) 186 inputParameters[paramName[0]] = paramValue 187 } 188 } 189 if err := gcs.PersistReportsToGCS(gcsClient, content, inputParameters, gcsFolderPath, gcsBucketId, gcsSubFolder, doublestar.Glob, os.Stat); err != nil { 190 log.Entry().Errorf("failed to persist reports: %v", err) 191 } 192 } 193 194 // WhitesourceExecuteScanCommand Execute a WhiteSource scan 195 func WhitesourceExecuteScanCommand() *cobra.Command { 196 const STEP_NAME = "whitesourceExecuteScan" 197 198 metadata := whitesourceExecuteScanMetadata() 199 var stepConfig whitesourceExecuteScanOptions 200 var startTime time.Time 201 var commonPipelineEnvironment whitesourceExecuteScanCommonPipelineEnvironment 202 var influx whitesourceExecuteScanInflux 203 var reports whitesourceExecuteScanReports 204 var logCollector *log.CollectorHook 205 var splunkClient *splunk.Splunk 206 telemetryClient := &telemetry.Telemetry{} 207 208 var createWhitesourceExecuteScanCmd = &cobra.Command{ 209 Use: STEP_NAME, 210 Short: "Execute a WhiteSource scan", 211 Long: `With this step [WhiteSource](https://www.whitesourcesoftware.com) security and license compliance scans can be executed and assessed. 212 WhiteSource is a Software as a Service offering based on a so called unified agent that locally determines the dependency 213 tree of a node.js, Java, Python, Ruby, or Scala based solution and sends it to the WhiteSource server for a policy based license compliance 214 check and additional Free and Open Source Software Publicly Known Vulnerabilities detection. 215 216 The step uses the so-called WhiteSource Unified Agent. For details please refer to the [WhiteSource Unified Agent Documentation](https://whitesource.atlassian.net/wiki/spaces/WD/pages/33718339/Unified+Agent). 217 218 !!! note "Docker Images" 219 The underlying Docker images are public and specific to the solution's programming language(s) and therefore may have to be exchanged 220 to fit to and support the relevant scenario. The default Python environment used is i.e. Python 3 based.`, 221 PreRunE: func(cmd *cobra.Command, _ []string) error { 222 startTime = time.Now() 223 log.SetStepName(STEP_NAME) 224 log.SetVerbose(GeneralConfig.Verbose) 225 226 GeneralConfig.GitHubAccessTokens = ResolveAccessTokens(GeneralConfig.GitHubTokens) 227 228 path, _ := os.Getwd() 229 fatalHook := &log.FatalHook{CorrelationID: GeneralConfig.CorrelationID, Path: path} 230 log.RegisterHook(fatalHook) 231 232 err := PrepareConfig(cmd, &metadata, STEP_NAME, &stepConfig, config.OpenPiperFile) 233 if err != nil { 234 log.SetErrorCategory(log.ErrorConfiguration) 235 return err 236 } 237 log.RegisterSecret(stepConfig.ContainerRegistryPassword) 238 log.RegisterSecret(stepConfig.ContainerRegistryUser) 239 log.RegisterSecret(stepConfig.DockerConfigJSON) 240 log.RegisterSecret(stepConfig.OrgToken) 241 log.RegisterSecret(stepConfig.UserToken) 242 log.RegisterSecret(stepConfig.GithubToken) 243 244 if len(GeneralConfig.HookConfig.SentryConfig.Dsn) > 0 { 245 sentryHook := log.NewSentryHook(GeneralConfig.HookConfig.SentryConfig.Dsn, GeneralConfig.CorrelationID) 246 log.RegisterHook(&sentryHook) 247 } 248 249 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 { 250 splunkClient = &splunk.Splunk{} 251 logCollector = &log.CollectorHook{CorrelationID: GeneralConfig.CorrelationID} 252 log.RegisterHook(logCollector) 253 } 254 255 validation, err := validation.New(validation.WithJSONNamesForStructFields(), validation.WithPredefinedErrorMessages()) 256 if err != nil { 257 return err 258 } 259 if err = validation.ValidateStruct(stepConfig); err != nil { 260 log.SetErrorCategory(log.ErrorConfiguration) 261 return err 262 } 263 264 return nil 265 }, 266 Run: func(_ *cobra.Command, _ []string) { 267 stepTelemetryData := telemetry.CustomData{} 268 stepTelemetryData.ErrorCode = "1" 269 handler := func() { 270 commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment") 271 influx.persist(GeneralConfig.EnvRootPath, "influx") 272 reports.persist(stepConfig, GeneralConfig.GCPJsonKeyFilePath, GeneralConfig.GCSBucketId, GeneralConfig.GCSFolderPath, GeneralConfig.GCSSubFolder) 273 config.RemoveVaultSecretFiles() 274 stepTelemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds()) 275 stepTelemetryData.ErrorCategory = log.GetErrorCategory().String() 276 stepTelemetryData.PiperCommitHash = GitCommit 277 telemetryClient.SetData(&stepTelemetryData) 278 telemetryClient.Send() 279 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 { 280 splunkClient.Send(telemetryClient.GetData(), logCollector) 281 } 282 } 283 log.DeferExitHandler(handler) 284 defer handler() 285 telemetryClient.Initialize(GeneralConfig.NoTelemetry, STEP_NAME) 286 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 { 287 splunkClient.Initialize(GeneralConfig.CorrelationID, 288 GeneralConfig.HookConfig.SplunkConfig.Dsn, 289 GeneralConfig.HookConfig.SplunkConfig.Token, 290 GeneralConfig.HookConfig.SplunkConfig.Index, 291 GeneralConfig.HookConfig.SplunkConfig.SendLogs) 292 } 293 whitesourceExecuteScan(stepConfig, &stepTelemetryData, &commonPipelineEnvironment, &influx) 294 stepTelemetryData.ErrorCode = "0" 295 log.Entry().Info("SUCCESS") 296 }, 297 } 298 299 addWhitesourceExecuteScanFlags(createWhitesourceExecuteScanCmd, &stepConfig) 300 return createWhitesourceExecuteScanCmd 301 } 302 303 func addWhitesourceExecuteScanFlags(cmd *cobra.Command, stepConfig *whitesourceExecuteScanOptions) { 304 cmd.Flags().StringVar(&stepConfig.AgentDownloadURL, "agentDownloadUrl", `https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar`, "URL used to download the latest version of the WhiteSource Unified Agent.") 305 cmd.Flags().StringVar(&stepConfig.AgentFileName, "agentFileName", `wss-unified-agent.jar`, "Locally used name for the Unified Agent jar file after download.") 306 cmd.Flags().StringSliceVar(&stepConfig.AgentParameters, "agentParameters", []string{}, "[NOT IMPLEMENTED] List of additional parameters passed to the Unified Agent command line.") 307 cmd.Flags().StringVar(&stepConfig.AgentURL, "agentUrl", `https://saas.whitesourcesoftware.com/agent`, "URL to the WhiteSource agent endpoint.") 308 cmd.Flags().BoolVar(&stepConfig.AggregateVersionWideReport, "aggregateVersionWideReport", false, "This does not run a scan, instead just generated a report for all projects with projectVersion = config.ProductVersion") 309 cmd.Flags().StringSliceVar(&stepConfig.BuildDescriptorExcludeList, "buildDescriptorExcludeList", []string{`unit-tests/pom.xml`, `integration-tests/pom.xml`}, "List of build descriptors and therefore modules to exclude from the scan and assessment activities.") 310 cmd.Flags().StringVar(&stepConfig.BuildDescriptorFile, "buildDescriptorFile", os.Getenv("PIPER_buildDescriptorFile"), "Explicit path to the build descriptor file.") 311 cmd.Flags().StringVar(&stepConfig.BuildTool, "buildTool", os.Getenv("PIPER_buildTool"), "Defines the tool which is used for building the artifact.") 312 cmd.Flags().StringVar(&stepConfig.ConfigFilePath, "configFilePath", `./wss-unified-agent.config`, "Explicit path to the WhiteSource Unified Agent configuration file.") 313 cmd.Flags().StringVar(&stepConfig.ContainerRegistryPassword, "containerRegistryPassword", os.Getenv("PIPER_containerRegistryPassword"), "For `buildTool: docker`: Password for container registry access - typically provided by the CI/CD environment.") 314 cmd.Flags().StringVar(&stepConfig.ContainerRegistryUser, "containerRegistryUser", os.Getenv("PIPER_containerRegistryUser"), "For `buildTool: docker`: Username for container registry access - typically provided by the CI/CD environment.") 315 cmd.Flags().BoolVar(&stepConfig.CreateProductFromPipeline, "createProductFromPipeline", true, "Whether to create the related WhiteSource product on the fly based on the supplied pipeline configuration.") 316 cmd.Flags().StringVar(&stepConfig.CustomScanVersion, "customScanVersion", os.Getenv("PIPER_customScanVersion"), "Custom version of the WhiteSource project used as source.") 317 cmd.Flags().StringVar(&stepConfig.CvssSeverityLimit, "cvssSeverityLimit", `-1`, "Limit of tolerable CVSS v3 score upon assessment and in consequence fails the build.") 318 cmd.Flags().StringVar(&stepConfig.ScanPath, "scanPath", `.`, "Directory where to start WhiteSource scan.") 319 cmd.Flags().StringVar(&stepConfig.DockerConfigJSON, "dockerConfigJSON", os.Getenv("PIPER_dockerConfigJSON"), "Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).") 320 cmd.Flags().StringSliceVar(&stepConfig.EmailAddressesOfInitialProductAdmins, "emailAddressesOfInitialProductAdmins", []string{}, "The list of email addresses to assign as product admins for newly created WhiteSource products.") 321 cmd.Flags().StringSliceVar(&stepConfig.Excludes, "excludes", []string{}, "List of file path patterns to exclude in the scan.") 322 cmd.Flags().StringSliceVar(&stepConfig.Includes, "includes", []string{}, "List of file path patterns to include in the scan.") 323 cmd.Flags().StringVar(&stepConfig.InstallCommand, "installCommand", os.Getenv("PIPER_installCommand"), "[NOT IMPLEMENTED] Install command that can be used to populate the default docker image for some scenarios.") 324 cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.") 325 cmd.Flags().BoolVar(&stepConfig.LicensingVulnerabilities, "licensingVulnerabilities", true, "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment.") 326 cmd.Flags().StringVar(&stepConfig.OrgToken, "orgToken", os.Getenv("PIPER_orgToken"), "WhiteSource token identifying your organization.") 327 cmd.Flags().StringVar(&stepConfig.ProductName, "productName", os.Getenv("PIPER_productName"), "Name of the WhiteSource product used for results aggregation. This parameter is mandatory if the parameter `createProductFromPipeline` is set to `true` and the WhiteSource product does not yet exist. It is also mandatory if the parameter `productToken` is not provided.") 328 cmd.Flags().StringVar(&stepConfig.ProductToken, "productToken", os.Getenv("PIPER_productToken"), "Token of the WhiteSource product to be created and used for results aggregation, usually determined automatically. Can optionally be provided as an alternative to `productName`.") 329 cmd.Flags().StringVar(&stepConfig.Version, "version", os.Getenv("PIPER_version"), "Version of the WhiteSource product to be created and used for results aggregation.") 330 cmd.Flags().StringVar(&stepConfig.ProjectName, "projectName", os.Getenv("PIPER_projectName"), "The project name used for reporting results in WhiteSource. When provided, all source modules will be scanned into one aggregated WhiteSource project. For scan types `maven`, `mta`, `npm`, the default is to generate one WhiteSource project per module, whereas the project name is derived from the module's build descriptor. For NPM modules, project aggregation is not supported, the last scanned NPM module will override all previously aggregated scan results!") 331 cmd.Flags().StringVar(&stepConfig.ProjectToken, "projectToken", os.Getenv("PIPER_projectToken"), "Project token to execute scan on. Ignored for scan types `maven`, `mta` and `npm`. Used for project aggregation when scanning with the Unified Agent and can be provided as an alternative to `projectName`.") 332 cmd.Flags().BoolVar(&stepConfig.Reporting, "reporting", true, "Whether assessment is being done at all, defaults to `true`") 333 cmd.Flags().StringVar(&stepConfig.ScanImage, "scanImage", os.Getenv("PIPER_scanImage"), "For `buildTool: docker`: Defines the docker image which should be scanned.") 334 cmd.Flags().BoolVar(&stepConfig.ScanImageIncludeLayers, "scanImageIncludeLayers", true, "For `buildTool: docker`: Defines if layers should be included.") 335 cmd.Flags().StringVar(&stepConfig.ScanImageRegistryURL, "scanImageRegistryUrl", os.Getenv("PIPER_scanImageRegistryUrl"), "For `buildTool: docker`: Defines the registry where the scanImage is located.") 336 cmd.Flags().BoolVar(&stepConfig.SecurityVulnerabilities, "securityVulnerabilities", true, "Whether security compliance is considered and reported as part of the assessment.") 337 cmd.Flags().StringVar(&stepConfig.ServiceURL, "serviceUrl", `https://saas.whitesourcesoftware.com/api`, "URL to the WhiteSource API endpoint.") 338 cmd.Flags().IntVar(&stepConfig.Timeout, "timeout", 900, "Timeout in seconds until an HTTP call is forcefully terminated.") 339 cmd.Flags().StringVar(&stepConfig.UserToken, "userToken", os.Getenv("PIPER_userToken"), "User token to access WhiteSource. In Jenkins use case this is automatically filled through the credentials.") 340 cmd.Flags().StringVar(&stepConfig.VersioningModel, "versioningModel", `major`, "The default project versioning model used in case `projectVersion` parameter is empty for creating the version based on the build descriptor version to report results in Whitesource, can be one of `'major'`, `'major-minor'`, `'semantic'`, `'full'`") 341 cmd.Flags().StringVar(&stepConfig.VulnerabilityReportFormat, "vulnerabilityReportFormat", `xlsx`, "Format of the file the vulnerability report is written to.") 342 cmd.Flags().StringVar(&stepConfig.VulnerabilityReportTitle, "vulnerabilityReportTitle", `WhiteSource Security Vulnerability Report`, "Title of vulnerability report written during the assessment phase.") 343 cmd.Flags().StringVar(&stepConfig.ProjectSettingsFile, "projectSettingsFile", os.Getenv("PIPER_projectSettingsFile"), "Path to the mvn settings file that should be used as project settings file.") 344 cmd.Flags().StringVar(&stepConfig.GlobalSettingsFile, "globalSettingsFile", os.Getenv("PIPER_globalSettingsFile"), "Path to the mvn settings file that should be used as global settings file.") 345 cmd.Flags().StringVar(&stepConfig.M2Path, "m2Path", os.Getenv("PIPER_m2Path"), "Path to the location of the local repository that should be used.") 346 cmd.Flags().BoolVar(&stepConfig.InstallArtifacts, "installArtifacts", false, "If enabled, it will install all artifacts to the local maven repository to make them available before running whitesource. This is required if any maven module has dependencies to other modules in the repository and they were not installed before.") 347 cmd.Flags().StringVar(&stepConfig.DefaultNpmRegistry, "defaultNpmRegistry", os.Getenv("PIPER_defaultNpmRegistry"), "URL of the npm registry to use. Defaults to https://registry.npmjs.org/") 348 cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line") 349 cmd.Flags().BoolVar(&stepConfig.CreateResultIssue, "createResultIssue", false, "Activate creation of a result issue in GitHub.") 350 cmd.Flags().StringVar(&stepConfig.GithubAPIURL, "githubApiUrl", `https://api.github.com`, "Set the GitHub API URL.") 351 cmd.Flags().StringVar(&stepConfig.Owner, "owner", os.Getenv("PIPER_owner"), "Set the GitHub organization.") 352 cmd.Flags().StringVar(&stepConfig.Repository, "repository", os.Getenv("PIPER_repository"), "Set the GitHub repository.") 353 cmd.Flags().StringSliceVar(&stepConfig.Assignees, "assignees", []string{``}, "Defines the assignees for the Github Issue created/updated with the results of the scan as a list of login names.") 354 cmd.Flags().StringSliceVar(&stepConfig.CustomTLSCertificateLinks, "customTlsCertificateLinks", []string{}, "List of download links to custom TLS certificates. This is required to ensure trusted connections to instances with repositories (like nexus) when publish flag is set to true.") 355 356 cmd.MarkFlagRequired("buildTool") 357 cmd.MarkFlagRequired("orgToken") 358 cmd.MarkFlagRequired("userToken") 359 } 360 361 // retrieve step metadata 362 func whitesourceExecuteScanMetadata() config.StepData { 363 var theMetaData = config.StepData{ 364 Metadata: config.StepMetadata{ 365 Name: "whitesourceExecuteScan", 366 Aliases: []config.Alias{}, 367 Description: "Execute a WhiteSource scan", 368 }, 369 Spec: config.StepSpec{ 370 Inputs: config.StepInputs{ 371 Secrets: []config.StepSecrets{ 372 {Name: "userTokenCredentialsId", Description: "Jenkins 'Secret text' credentials ID containing Whitesource user token.", Type: "jenkins", Aliases: []config.Alias{{Name: "whitesourceUserTokenCredentialsId", Deprecated: false}, {Name: "whitesource/userTokenCredentialsId", Deprecated: true}}}, 373 {Name: "orgAdminUserTokenCredentialsId", Description: "Jenkins 'Secret text' credentials ID containing Whitesource org admin token.", Type: "jenkins", Aliases: []config.Alias{{Name: "whitesourceOrgAdminUserTokenCredentialsId", Deprecated: false}, {Name: "whitesource/orgAdminUserTokenCredentialsId", Deprecated: true}}}, 374 {Name: "dockerConfigJsonCredentialsId", Description: "Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).", Type: "jenkins", Aliases: []config.Alias{{Name: "dockerCredentialsId", Deprecated: true}}}, 375 {Name: "githubTokenCredentialsId", Description: "Jenkins 'Secret text' credentials ID containing token to authenticate to GitHub.", Type: "jenkins"}, 376 }, 377 Resources: []config.StepResources{ 378 {Name: "buildDescriptor", Type: "stash"}, 379 {Name: "opensourceConfiguration", Type: "stash"}, 380 {Name: "checkmarx", Type: "stash"}, 381 }, 382 Parameters: []config.StepParameters{ 383 { 384 Name: "agentDownloadUrl", 385 ResourceRef: []config.ResourceReference{}, 386 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 387 Type: "string", 388 Mandatory: false, 389 Aliases: []config.Alias{}, 390 Default: `https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar`, 391 }, 392 { 393 Name: "agentFileName", 394 ResourceRef: []config.ResourceReference{}, 395 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 396 Type: "string", 397 Mandatory: false, 398 Aliases: []config.Alias{}, 399 Default: `wss-unified-agent.jar`, 400 }, 401 { 402 Name: "agentParameters", 403 ResourceRef: []config.ResourceReference{}, 404 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 405 Type: "[]string", 406 Mandatory: false, 407 Aliases: []config.Alias{}, 408 Default: []string{}, 409 }, 410 { 411 Name: "agentUrl", 412 ResourceRef: []config.ResourceReference{}, 413 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 414 Type: "string", 415 Mandatory: false, 416 Aliases: []config.Alias{{Name: "whitesourceAgentUrl"}}, 417 Default: `https://saas.whitesourcesoftware.com/agent`, 418 }, 419 { 420 Name: "aggregateVersionWideReport", 421 ResourceRef: []config.ResourceReference{}, 422 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 423 Type: "bool", 424 Mandatory: false, 425 Aliases: []config.Alias{}, 426 Default: false, 427 }, 428 { 429 Name: "buildDescriptorExcludeList", 430 ResourceRef: []config.ResourceReference{}, 431 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 432 Type: "[]string", 433 Mandatory: false, 434 Aliases: []config.Alias{}, 435 Default: []string{`unit-tests/pom.xml`, `integration-tests/pom.xml`}, 436 }, 437 { 438 Name: "buildDescriptorFile", 439 ResourceRef: []config.ResourceReference{}, 440 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 441 Type: "string", 442 Mandatory: false, 443 Aliases: []config.Alias{}, 444 Default: os.Getenv("PIPER_buildDescriptorFile"), 445 }, 446 { 447 Name: "buildTool", 448 ResourceRef: []config.ResourceReference{ 449 { 450 Name: "commonPipelineEnvironment", 451 Param: "buildTool", 452 }, 453 }, 454 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 455 Type: "string", 456 Mandatory: true, 457 Aliases: []config.Alias{}, 458 Default: os.Getenv("PIPER_buildTool"), 459 }, 460 { 461 Name: "configFilePath", 462 ResourceRef: []config.ResourceReference{}, 463 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 464 Type: "string", 465 Mandatory: false, 466 Aliases: []config.Alias{}, 467 Default: `./wss-unified-agent.config`, 468 }, 469 { 470 Name: "containerRegistryPassword", 471 ResourceRef: []config.ResourceReference{ 472 { 473 Name: "commonPipelineEnvironment", 474 Param: "container/repositoryPassword", 475 }, 476 477 { 478 Name: "commonPipelineEnvironment", 479 Param: "custom/repositoryPassword", 480 }, 481 }, 482 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 483 Type: "string", 484 Mandatory: false, 485 Aliases: []config.Alias{}, 486 Default: os.Getenv("PIPER_containerRegistryPassword"), 487 }, 488 { 489 Name: "containerRegistryUser", 490 ResourceRef: []config.ResourceReference{ 491 { 492 Name: "commonPipelineEnvironment", 493 Param: "container/repositoryUsername", 494 }, 495 496 { 497 Name: "commonPipelineEnvironment", 498 Param: "custom/repositoryUsername", 499 }, 500 }, 501 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 502 Type: "string", 503 Mandatory: false, 504 Aliases: []config.Alias{}, 505 Default: os.Getenv("PIPER_containerRegistryUser"), 506 }, 507 { 508 Name: "createProductFromPipeline", 509 ResourceRef: []config.ResourceReference{}, 510 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 511 Type: "bool", 512 Mandatory: false, 513 Aliases: []config.Alias{}, 514 Default: true, 515 }, 516 { 517 Name: "customScanVersion", 518 ResourceRef: []config.ResourceReference{}, 519 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 520 Type: "string", 521 Mandatory: false, 522 Aliases: []config.Alias{}, 523 Default: os.Getenv("PIPER_customScanVersion"), 524 }, 525 { 526 Name: "cvssSeverityLimit", 527 ResourceRef: []config.ResourceReference{}, 528 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 529 Type: "string", 530 Mandatory: false, 531 Aliases: []config.Alias{}, 532 Default: `-1`, 533 }, 534 { 535 Name: "scanPath", 536 ResourceRef: []config.ResourceReference{}, 537 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 538 Type: "string", 539 Mandatory: false, 540 Aliases: []config.Alias{}, 541 Default: `.`, 542 }, 543 { 544 Name: "dockerConfigJSON", 545 ResourceRef: []config.ResourceReference{ 546 { 547 Name: "commonPipelineEnvironment", 548 Param: "custom/dockerConfigJSON", 549 }, 550 551 { 552 Name: "dockerConfigJsonCredentialsId", 553 Type: "secret", 554 }, 555 556 { 557 Name: "dockerConfigFileVaultSecretName", 558 Type: "vaultSecretFile", 559 Default: "docker-config", 560 }, 561 }, 562 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 563 Type: "string", 564 Mandatory: false, 565 Aliases: []config.Alias{}, 566 Default: os.Getenv("PIPER_dockerConfigJSON"), 567 }, 568 { 569 Name: "emailAddressesOfInitialProductAdmins", 570 ResourceRef: []config.ResourceReference{}, 571 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 572 Type: "[]string", 573 Mandatory: false, 574 Aliases: []config.Alias{}, 575 Default: []string{}, 576 }, 577 { 578 Name: "excludes", 579 ResourceRef: []config.ResourceReference{}, 580 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 581 Type: "[]string", 582 Mandatory: false, 583 Aliases: []config.Alias{}, 584 Default: []string{}, 585 }, 586 { 587 Name: "includes", 588 ResourceRef: []config.ResourceReference{}, 589 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 590 Type: "[]string", 591 Mandatory: false, 592 Aliases: []config.Alias{}, 593 Default: []string{}, 594 }, 595 { 596 Name: "installCommand", 597 ResourceRef: []config.ResourceReference{}, 598 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 599 Type: "string", 600 Mandatory: false, 601 Aliases: []config.Alias{}, 602 Default: os.Getenv("PIPER_installCommand"), 603 }, 604 { 605 Name: "jreDownloadUrl", 606 ResourceRef: []config.ResourceReference{}, 607 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 608 Type: "string", 609 Mandatory: false, 610 Aliases: []config.Alias{{Name: "whitesource/jreDownloadUrl", Deprecated: true}}, 611 Default: `https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz`, 612 }, 613 { 614 Name: "licensingVulnerabilities", 615 ResourceRef: []config.ResourceReference{}, 616 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 617 Type: "bool", 618 Mandatory: false, 619 Aliases: []config.Alias{}, 620 Default: true, 621 }, 622 { 623 Name: "orgToken", 624 ResourceRef: []config.ResourceReference{ 625 { 626 Name: "orgAdminUserTokenCredentialsId", 627 Type: "secret", 628 }, 629 630 { 631 Name: "whitesourceVaultSecret", 632 Type: "vaultSecret", 633 Default: "whitesource", 634 }, 635 }, 636 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 637 Type: "string", 638 Mandatory: true, 639 Aliases: []config.Alias{{Name: "whitesourceOrgToken"}, {Name: "whitesource/orgToken", Deprecated: true}}, 640 Default: os.Getenv("PIPER_orgToken"), 641 }, 642 { 643 Name: "productName", 644 ResourceRef: []config.ResourceReference{}, 645 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 646 Type: "string", 647 Mandatory: false, 648 Aliases: []config.Alias{{Name: "whitesourceProductName"}, {Name: "whitesource/productName", Deprecated: true}}, 649 Default: os.Getenv("PIPER_productName"), 650 }, 651 { 652 Name: "productToken", 653 ResourceRef: []config.ResourceReference{}, 654 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 655 Type: "string", 656 Mandatory: false, 657 Aliases: []config.Alias{{Name: "whitesourceProductToken"}, {Name: "whitesource/productToken", Deprecated: true}}, 658 Default: os.Getenv("PIPER_productToken"), 659 }, 660 { 661 Name: "version", 662 ResourceRef: []config.ResourceReference{ 663 { 664 Name: "commonPipelineEnvironment", 665 Param: "artifactVersion", 666 }, 667 }, 668 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 669 Type: "string", 670 Mandatory: false, 671 Aliases: []config.Alias{{Name: "productVersion"}, {Name: "whitesourceProductVersion"}, {Name: "whitesource/productVersion", Deprecated: true}}, 672 Default: os.Getenv("PIPER_version"), 673 }, 674 { 675 Name: "projectName", 676 ResourceRef: []config.ResourceReference{}, 677 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 678 Type: "string", 679 Mandatory: false, 680 Aliases: []config.Alias{{Name: "whitesourceProjectName"}}, 681 Default: os.Getenv("PIPER_projectName"), 682 }, 683 { 684 Name: "projectToken", 685 ResourceRef: []config.ResourceReference{}, 686 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 687 Type: "string", 688 Mandatory: false, 689 Aliases: []config.Alias{}, 690 Default: os.Getenv("PIPER_projectToken"), 691 }, 692 { 693 Name: "reporting", 694 ResourceRef: []config.ResourceReference{}, 695 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 696 Type: "bool", 697 Mandatory: false, 698 Aliases: []config.Alias{}, 699 Default: true, 700 }, 701 { 702 Name: "scanImage", 703 ResourceRef: []config.ResourceReference{ 704 { 705 Name: "commonPipelineEnvironment", 706 Param: "container/imageNameTag", 707 }, 708 }, 709 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 710 Type: "string", 711 Mandatory: false, 712 Aliases: []config.Alias{}, 713 Default: os.Getenv("PIPER_scanImage"), 714 }, 715 { 716 Name: "scanImageIncludeLayers", 717 ResourceRef: []config.ResourceReference{}, 718 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 719 Type: "bool", 720 Mandatory: false, 721 Aliases: []config.Alias{}, 722 Default: true, 723 }, 724 { 725 Name: "scanImageRegistryUrl", 726 ResourceRef: []config.ResourceReference{ 727 { 728 Name: "commonPipelineEnvironment", 729 Param: "container/registryUrl", 730 }, 731 }, 732 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 733 Type: "string", 734 Mandatory: false, 735 Aliases: []config.Alias{}, 736 Default: os.Getenv("PIPER_scanImageRegistryUrl"), 737 }, 738 { 739 Name: "securityVulnerabilities", 740 ResourceRef: []config.ResourceReference{}, 741 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 742 Type: "bool", 743 Mandatory: false, 744 Aliases: []config.Alias{}, 745 Default: true, 746 }, 747 { 748 Name: "serviceUrl", 749 ResourceRef: []config.ResourceReference{}, 750 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 751 Type: "string", 752 Mandatory: false, 753 Aliases: []config.Alias{{Name: "whitesourceServiceUrl"}, {Name: "whitesource/serviceUrl", Deprecated: true}}, 754 Default: `https://saas.whitesourcesoftware.com/api`, 755 }, 756 { 757 Name: "timeout", 758 ResourceRef: []config.ResourceReference{}, 759 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 760 Type: "int", 761 Mandatory: false, 762 Aliases: []config.Alias{}, 763 Default: 900, 764 }, 765 { 766 Name: "userToken", 767 ResourceRef: []config.ResourceReference{ 768 { 769 Name: "userTokenCredentialsId", 770 Type: "secret", 771 }, 772 773 { 774 Name: "whitesourceVaultSecret", 775 Type: "vaultSecret", 776 Default: "whitesource", 777 }, 778 }, 779 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 780 Type: "string", 781 Mandatory: true, 782 Aliases: []config.Alias{}, 783 Default: os.Getenv("PIPER_userToken"), 784 }, 785 { 786 Name: "versioningModel", 787 ResourceRef: []config.ResourceReference{}, 788 Scope: []string{"PARAMETERS", "STAGES", "STEPS", "GENERAL"}, 789 Type: "string", 790 Mandatory: false, 791 Aliases: []config.Alias{{Name: "defaultVersioningModel"}}, 792 Default: `major`, 793 }, 794 { 795 Name: "vulnerabilityReportFormat", 796 ResourceRef: []config.ResourceReference{}, 797 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 798 Type: "string", 799 Mandatory: false, 800 Aliases: []config.Alias{}, 801 Default: `xlsx`, 802 }, 803 { 804 Name: "vulnerabilityReportTitle", 805 ResourceRef: []config.ResourceReference{}, 806 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 807 Type: "string", 808 Mandatory: false, 809 Aliases: []config.Alias{}, 810 Default: `WhiteSource Security Vulnerability Report`, 811 }, 812 { 813 Name: "projectSettingsFile", 814 ResourceRef: []config.ResourceReference{}, 815 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 816 Type: "string", 817 Mandatory: false, 818 Aliases: []config.Alias{{Name: "maven/projectSettingsFile"}}, 819 Default: os.Getenv("PIPER_projectSettingsFile"), 820 }, 821 { 822 Name: "globalSettingsFile", 823 ResourceRef: []config.ResourceReference{}, 824 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 825 Type: "string", 826 Mandatory: false, 827 Aliases: []config.Alias{{Name: "maven/globalSettingsFile"}}, 828 Default: os.Getenv("PIPER_globalSettingsFile"), 829 }, 830 { 831 Name: "m2Path", 832 ResourceRef: []config.ResourceReference{}, 833 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 834 Type: "string", 835 Mandatory: false, 836 Aliases: []config.Alias{{Name: "maven/m2Path"}}, 837 Default: os.Getenv("PIPER_m2Path"), 838 }, 839 { 840 Name: "installArtifacts", 841 ResourceRef: []config.ResourceReference{}, 842 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 843 Type: "bool", 844 Mandatory: false, 845 Aliases: []config.Alias{}, 846 Default: false, 847 }, 848 { 849 Name: "defaultNpmRegistry", 850 ResourceRef: []config.ResourceReference{}, 851 Scope: []string{"PARAMETERS", "GENERAL", "STAGES", "STEPS"}, 852 Type: "string", 853 Mandatory: false, 854 Aliases: []config.Alias{{Name: "npm/defaultNpmRegistry"}}, 855 Default: os.Getenv("PIPER_defaultNpmRegistry"), 856 }, 857 { 858 Name: "githubToken", 859 ResourceRef: []config.ResourceReference{ 860 { 861 Name: "githubTokenCredentialsId", 862 Type: "secret", 863 }, 864 865 { 866 Name: "githubVaultSecretName", 867 Type: "vaultSecret", 868 Default: "github", 869 }, 870 }, 871 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 872 Type: "string", 873 Mandatory: false, 874 Aliases: []config.Alias{{Name: "access_token"}}, 875 Default: os.Getenv("PIPER_githubToken"), 876 }, 877 { 878 Name: "createResultIssue", 879 ResourceRef: []config.ResourceReference{ 880 { 881 Name: "commonPipelineEnvironment", 882 Param: "custom/optimizedAndScheduled", 883 }, 884 }, 885 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 886 Type: "bool", 887 Mandatory: false, 888 Aliases: []config.Alias{}, 889 Default: false, 890 }, 891 { 892 Name: "githubApiUrl", 893 ResourceRef: []config.ResourceReference{}, 894 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 895 Type: "string", 896 Mandatory: false, 897 Aliases: []config.Alias{}, 898 Default: `https://api.github.com`, 899 }, 900 { 901 Name: "owner", 902 ResourceRef: []config.ResourceReference{ 903 { 904 Name: "commonPipelineEnvironment", 905 Param: "github/owner", 906 }, 907 }, 908 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 909 Type: "string", 910 Mandatory: false, 911 Aliases: []config.Alias{{Name: "githubOrg"}}, 912 Default: os.Getenv("PIPER_owner"), 913 }, 914 { 915 Name: "repository", 916 ResourceRef: []config.ResourceReference{ 917 { 918 Name: "commonPipelineEnvironment", 919 Param: "github/repository", 920 }, 921 }, 922 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 923 Type: "string", 924 Mandatory: false, 925 Aliases: []config.Alias{{Name: "githubRepo"}}, 926 Default: os.Getenv("PIPER_repository"), 927 }, 928 { 929 Name: "assignees", 930 ResourceRef: []config.ResourceReference{}, 931 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 932 Type: "[]string", 933 Mandatory: false, 934 Aliases: []config.Alias{}, 935 Default: []string{``}, 936 }, 937 { 938 Name: "customTlsCertificateLinks", 939 ResourceRef: []config.ResourceReference{}, 940 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 941 Type: "[]string", 942 Mandatory: false, 943 Aliases: []config.Alias{}, 944 Default: []string{}, 945 }, 946 }, 947 }, 948 Containers: []config.Container{ 949 {Image: "buildpack-deps:stretch-curl", WorkingDir: "/tmp", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "dub"}, {Name: "buildTool", Value: "docker"}}}}}, 950 {Image: "devxci/mbtci-java11-node14", WorkingDir: "/home/mta", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "mta"}}}}}, 951 {Image: "golang:1", WorkingDir: "/go", Options: []config.Option{{Name: "-u", Value: "0"}}, Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "golang"}}}}}, 952 {Image: "gradle", WorkingDir: "/home/gradle", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "gradle"}}}}}, 953 {Image: "hseeberger/scala-sbt:8u181_2.12.8_1.2.8", WorkingDir: "/tmp", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "sbt"}}}}}, 954 {Image: "maven:3.5-jdk-8", WorkingDir: "/tmp", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "maven"}}}}}, 955 {Image: "node:lts-stretch", WorkingDir: "/home/node", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "npm"}}}}}, 956 {Image: "python:3.6-stretch", WorkingDir: "/tmp", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "pip"}}}}}, 957 {Image: "node:lts-stretch", WorkingDir: "/home/node", Conditions: []config.Condition{{ConditionRef: "strings-equal", Params: []config.Param{{Name: "buildTool", Value: "yarn"}}}}}, 958 }, 959 Outputs: config.StepOutputs{ 960 Resources: []config.StepResources{ 961 { 962 Name: "commonPipelineEnvironment", 963 Type: "piperEnvironment", 964 Parameters: []map[string]interface{}{ 965 {"name": "custom/whitesourceProjectNames", "type": "[]string"}, 966 }, 967 }, 968 { 969 Name: "influx", 970 Type: "influx", 971 Parameters: []map[string]interface{}{ 972 {"name": "step_data", "fields": []map[string]string{{"name": "whitesource"}}}, 973 {"name": "whitesource_data", "fields": []map[string]string{{"name": "vulnerabilities"}, {"name": "major_vulnerabilities"}, {"name": "minor_vulnerabilities"}, {"name": "policy_violations"}}}, 974 }, 975 }, 976 { 977 Name: "reports", 978 Type: "reports", 979 Parameters: []map[string]interface{}{ 980 {"filePattern": "**/whitesource-ip.json", "type": "whitesource-ip"}, 981 {"filePattern": "whitesource-riskReport.pdf", "type": "whitesource-ip"}, 982 {"filePattern": "**/toolrun_whitesource_*.json", "type": "whitesource-ip"}, 983 {"filePattern": "**/piper_whitesource_vulnerability_report.html", "type": "whitesource-security"}, 984 {"filePattern": "whitesource-riskReport.pdf", "type": "whitesource-security"}, 985 {"filePattern": "**/toolrun_whitesource_*.json", "type": "whitesource-security"}, 986 }, 987 }, 988 }, 989 }, 990 }, 991 } 992 return theMetaData 993 }