feat(codeqlExecuteScan): added a feature to execute custom command (#…

…4912) * added running custom command * go mod tidy * added log with parsed command info * fixed log format --------- Co-authored-by: sumeet patil <[email protected]>
SAP · May 27, 2024 · 8924b97 · 8924b97
1 parent f7543be
commit 8924b97
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 1 deletion.
diff --git a/cmd/codeqlExecuteScan.go b/cmd/codeqlExecuteScan.go
@@ -15,6 +15,7 @@ import (
 	"github.com/SAP/jenkins-library/pkg/maven"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
 	"github.com/SAP/jenkins-library/pkg/telemetry"
+	"github.com/google/shlex"
 	"github.com/pkg/errors"
 )
 
@@ -139,6 +140,13 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
 	}
 	reports = append(reports, scanReports...)
 
+	if len(config.CustomCommand) > 0 {
+		err = runCustomCommand(utils, config.CustomCommand)
+		if err != nil {
+			return reports, err
+		}
+	}
+
 	repoInfo, err := codeql.GetRepoInfo(config.Repository, config.AnalyzedRef, config.CommitID,
 		config.TargetGithubRepoURL, config.TargetGithubBranchName)
 	if err != nil {
@@ -394,6 +402,24 @@ func uploadProjectToGitHub(config *codeqlExecuteScanOptions, repoInfo *codeql.Re
 	return nil
 }
 
+func runCustomCommand(utils codeqlExecuteScanUtils, command string) error {
+	log.Entry().Infof("custom command will be run: %s", command)
+	cmd, err := shlex.Split(command)
+	if err != nil {
+		log.Entry().WithError(err).Errorf("failed to parse custom command %s", command)
+		return err
+	}
+	log.Entry().Infof("Parsed command '%s' with %d arguments: ['%s']", cmd[0], len(cmd[1:]), strings.Join(cmd[1:], "', '"))
+
+	err = utils.RunExecutable(cmd[0], cmd[1:]...)
+	if err != nil {
+		log.Entry().WithError(err).Errorf("failed to run command %s", command)
+		return err
+	}
+	log.Entry().Info("Success.")
+	return nil
+}
+
 func checkForCompliance(scanResults []codeql.CodeqlFindings, config *codeqlExecuteScanOptions, repoInfo *codeql.RepoInfo) error {
 	for _, scanResult := range scanResults {
 		if scanResult.ClassificationName == codeql.AuditAll {

diff --git a/cmd/codeqlExecuteScan_generated.go b/cmd/codeqlExecuteScan_generated.go
diff --git a/go.mod b/go.mod
@@ -177,7 +177,7 @@ require (
 	github.com/google/btree v1.0.1 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
 	github.com/googleapis/gax-go/v2 v2.12.2 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect

diff --git a/resources/metadata/codeqlExecuteScan.yaml b/resources/metadata/codeqlExecuteScan.yaml
@@ -233,6 +233,13 @@ spec:
           - STEPS
           - STAGES
           - PARAMETERS
+      - name: customCommand
+        type: string
+        description: "A custom user-defined command to run between codeql analysis and results upload."
+        scope:
+          - STEPS
+          - STAGES
+          - PARAMETERS
   containers:
     - image: ""
   outputs: