From 971d5d146156e5242da6bde9f22f11b1d95f7ee4 Mon Sep 17 00:00:00 2001 From: Dmitrii Pavlukhin Date: Mon, 18 Sep 2023 16:33:09 +0300 Subject: [PATCH] Making detect8 default script (#4568) * made detect8 default * amended tests to reflect detect 8 * amended * amend * amend * amend tests * 1 * 1 * tests-with-temp-changes-for-transition * removed auto unmapping for detect7 * added-old-parameters-as-deprecated --- cmd/detectExecuteScan.go | 43 ++- cmd/detectExecuteScan_generated.go | 23 +- cmd/detectExecuteScan_test.go | 445 ++++++++++++---------- resources/metadata/detectExecuteScan.yaml | 19 +- 4 files changed, 304 insertions(+), 226 deletions(-) diff --git a/cmd/detectExecuteScan.go b/cmd/detectExecuteScan.go index 135740f406..e72dc4689d 100644 --- a/cmd/detectExecuteScan.go +++ b/cmd/detectExecuteScan.go @@ -294,11 +294,11 @@ func getDetectScript(config detectExecuteScanOptions, utils detectUtils) error { log.Entry().Infof("Downloading Detect Script") - if config.UseDetect8 { - return utils.DownloadFile("https://detect.synopsys.com/detect8.sh", "detect.sh", nil, nil) + if config.UseDetect7 { + return utils.DownloadFile("https://detect.synopsys.com/detect7.sh", "detect.sh", nil, nil) } - return utils.DownloadFile("https://detect.synopsys.com/detect7.sh", "detect.sh", nil, nil) + return utils.DownloadFile("https://detect.synopsys.com/detect8.sh", "detect.sh", nil, nil) } func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectUtils, sys *blackduckSystem) ([]string, error) { @@ -337,6 +337,12 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU } else { // When unmap is set to false, any occurances of unmap=true from scanProperties must be removed config.ScanProperties, _ = piperutils.RemoveAll(config.ScanProperties, "--detect.project.codelocation.unmap=true") + + // TEMPORARY OPTION DURING THE MIGRATION TO DETECT8 + if !config.UseDetect7 { + args = append(args, "--detect.project.codelocation.unmap=true") + } + // REMOVE AFTER 25.09.2023 } args = append(args, config.ScanProperties...) @@ -346,7 +352,7 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU // ProjectNames, VersionName, GroupName etc can contain spaces and need to be escaped using double quotes in CLI // Hence the string need to be surrounded by \" - // Maven Parameters + // Moved parameters mavenArgs, err := maven.DownloadAndGetMavenParameters(config.GlobalSettingsFile, config.ProjectSettingsFile, utils) if err != nil { return nil, err @@ -366,14 +372,13 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU } // Since detect8 adds quotes by default, to avoid double quotation they should be removed for several arguments - if config.UseDetect8 { - - args = append(args, fmt.Sprintf("\"--detect.project.name=%v\"", config.ProjectName)) - args = append(args, fmt.Sprintf("\"--detect.project.version.name=%v\"", detectVersionName)) + if config.UseDetect7 { + args = append(args, fmt.Sprintf("\"--detect.project.name='%v'\"", config.ProjectName)) + args = append(args, fmt.Sprintf("\"--detect.project.version.name='%v'\"", detectVersionName)) // Groups parameter is added only when there is atleast one non-empty groupname provided if len(config.Groups) > 0 && len(config.Groups[0]) > 0 { - args = append(args, fmt.Sprintf("\"--detect.project.user.groups=%v\"", strings.Join(config.Groups, ","))) + args = append(args, fmt.Sprintf("\"--detect.project.user.groups='%v'\"", strings.Join(config.Groups, ","))) } // Atleast 1, non-empty category to fail on must be provided @@ -381,20 +386,18 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU args = append(args, fmt.Sprintf("--detect.policy.check.fail.on.severities=%v", strings.Join(config.FailOn, ","))) } - args = append(args, fmt.Sprintf("\"--detect.code.location.name=%v\"", codelocation)) + args = append(args, fmt.Sprintf("\"--detect.code.location.name='%v'\"", codelocation)) if len(mavenArgs) > 0 && !checkIfArgumentIsInScanProperties(config, "detect.maven.build.command") { - args = append(args, fmt.Sprintf("\"--detect.maven.build.command=%v\"", strings.Join(mavenArgs, " "))) + args = append(args, fmt.Sprintf("\"--detect.maven.build.command='%v'\"", strings.Join(mavenArgs, " "))) } - } else { - - args = append(args, fmt.Sprintf("\"--detect.project.name='%v'\"", config.ProjectName)) - args = append(args, fmt.Sprintf("\"--detect.project.version.name='%v'\"", detectVersionName)) + args = append(args, fmt.Sprintf("\"--detect.project.name=%v\"", config.ProjectName)) + args = append(args, fmt.Sprintf("\"--detect.project.version.name=%v\"", detectVersionName)) // Groups parameter is added only when there is atleast one non-empty groupname provided if len(config.Groups) > 0 && len(config.Groups[0]) > 0 { - args = append(args, fmt.Sprintf("\"--detect.project.user.groups='%v'\"", strings.Join(config.Groups, ","))) + args = append(args, fmt.Sprintf("\"--detect.project.user.groups=%v\"", strings.Join(config.Groups, ","))) } // Atleast 1, non-empty category to fail on must be provided @@ -402,15 +405,13 @@ func addDetectArgs(args []string, config detectExecuteScanOptions, utils detectU args = append(args, fmt.Sprintf("--detect.policy.check.fail.on.severities=%v", strings.Join(config.FailOn, ","))) } - args = append(args, fmt.Sprintf("\"--detect.code.location.name='%v'\"", codelocation)) + args = append(args, fmt.Sprintf("\"--detect.code.location.name=%v\"", codelocation)) if len(mavenArgs) > 0 && !checkIfArgumentIsInScanProperties(config, "detect.maven.build.command") { - args = append(args, fmt.Sprintf("\"--detect.maven.build.command='%v'\"", strings.Join(mavenArgs, " "))) + args = append(args, fmt.Sprintf("\"--detect.maven.build.command=%v\"", strings.Join(mavenArgs, " "))) } - } - if config.SuccessOnSkip { - args = append(args, fmt.Sprintf("\"--detect.force.success.on.skip=%v\"", config.SuccessOnSkip)) + args = append(args, fmt.Sprintf("\"--detect.force.success.on.skip=true\"")) } if len(config.ScanPaths) > 0 && len(config.ScanPaths[0]) > 0 { diff --git a/cmd/detectExecuteScan_generated.go b/cmd/detectExecuteScan_generated.go index 6cd4b34cf2..f4cb28a62f 100644 --- a/cmd/detectExecuteScan_generated.go +++ b/cmd/detectExecuteScan_generated.go @@ -45,6 +45,7 @@ type detectExecuteScanOptions struct { MavenExcludedScopes []string `json:"mavenExcludedScopes,omitempty"` DetectTools []string `json:"detectTools,omitempty"` ScanOnChanges bool `json:"scanOnChanges,omitempty"` + UseDetect7 bool `json:"useDetect7,omitempty"` UseDetect8 bool `json:"useDetect8,omitempty"` SuccessOnSkip bool `json:"successOnSkip,omitempty"` CustomEnvironmentVariables []string `json:"customEnvironmentVariables,omitempty"` @@ -287,8 +288,9 @@ func addDetectExecuteScanFlags(cmd *cobra.Command, stepConfig *detectExecuteScan cmd.Flags().StringSliceVar(&stepConfig.MavenExcludedScopes, "mavenExcludedScopes", []string{}, "The maven scopes that need to be excluded from the scan. For example, setting the value 'test' will exclude all components which are defined with a test scope in maven") cmd.Flags().StringSliceVar(&stepConfig.DetectTools, "detectTools", []string{}, "The type of BlackDuck scanners to include while running the BlackDuck scan. By default All scanners are included. For the complete list of possible values, Please refer [Synopsys detect documentation](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=properties%2Fconfiguration%2Fpaths.html&_LANG=enus&anchor=detect-tools-included)") cmd.Flags().BoolVar(&stepConfig.ScanOnChanges, "scanOnChanges", false, "This flag determines if the scan is submitted to the server. If set to true, then the scan request is submitted to the server only when changes are detected in the Open Source Bill of Materials If the flag is set to false, then the scan request is submitted to server regardless of any changes. For more details please refer to the [documentation](https://github.com/blackducksoftware/detect_rescan/blob/master/README.md)") - cmd.Flags().BoolVar(&stepConfig.UseDetect8, "useDetect8", false, "This flag allows to use the currently supported 8 version of Detect Script instead of v7") - cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", false, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped") + cmd.Flags().BoolVar(&stepConfig.UseDetect7, "useDetect7", false, "This flag allows to use the currently supported 8 version of Detect Script instead of v7") + cmd.Flags().BoolVar(&stepConfig.UseDetect8, "useDetect8", true, "This flag allows to use the currently supported 8 version of Detect Script instead of v7") + cmd.Flags().BoolVar(&stepConfig.SuccessOnSkip, "successOnSkip", true, "This flag allows forces Black Duck to exit with 0 error code if any step is skipped") cmd.Flags().StringSliceVar(&stepConfig.CustomEnvironmentVariables, "customEnvironmentVariables", []string{}, "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by Synopsys. The full list can be found [here](https://community.synopsys.com/s/document-item?bundleId=integrations-detect&topicId=configuring%2Fenvvars.html&_LANG=enus) This list affects the detect script downloaded while running the scan. Right now only detect7.sh is available for downloading") cmd.Flags().IntVar(&stepConfig.MinScanInterval, "minScanInterval", 0, "This parameter controls the frequency (in number of hours) at which the signature scan is re-submitted for scan. When set to a value greater than 0, the signature scans are skipped until the specified number of hours has elapsed since the last signature scan.") cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line") @@ -552,22 +554,31 @@ func detectExecuteScanMetadata() config.StepData { Default: false, }, { - Name: "useDetect8", + Name: "useDetect7", ResourceRef: []config.ResourceReference{}, Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, Type: "bool", Mandatory: false, - Aliases: []config.Alias{{Name: "detect/useDetect8"}}, + Aliases: []config.Alias{{Name: "detect/useDetect7"}}, Default: false, }, + { + Name: "useDetect8", + ResourceRef: []config.ResourceReference{}, + Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, + Type: "bool", + Mandatory: false, + Aliases: []config.Alias{{Name: "detect/useDetect8", Deprecated: true}}, + Default: true, + }, { Name: "successOnSkip", ResourceRef: []config.ResourceReference{}, Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, Type: "bool", Mandatory: false, - Aliases: []config.Alias{{Name: "detect/successOnSkip"}}, - Default: false, + Aliases: []config.Alias{{Name: "detect/successOnSkip", Deprecated: true}}, + Default: true, }, { Name: "customEnvironmentVariables", diff --git a/cmd/detectExecuteScan_test.go b/cmd/detectExecuteScan_test.go index 707e9a5d1d..8429c5c9b1 100644 --- a/cmd/detectExecuteScan_test.go +++ b/cmd/detectExecuteScan_test.go @@ -104,157 +104,157 @@ func newBlackduckMockSystem(config detectExecuteScanOptions) blackduckSystem { const ( authContent = `{ - "bearerToken":"bearerTestToken", - "expiresInMilliseconds":7199997 - }` + "bearerToken":"bearerTestToken", + "expiresInMilliseconds":7199997 + }` projectContent = `{ - "totalCount": 1, - "items": [ - { - "name": "SHC-PiperTest", - "_meta": { - "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf", - "links": [ - { - "rel": "versions", - "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions" - } - ] - } - } - ] - }` + "totalCount": 1, + "items": [ + { + "name": "SHC-PiperTest", + "_meta": { + "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf", + "links": [ + { + "rel": "versions", + "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions" + } + ] + } + } + ] + }` projectVersionContent = `{ - "totalCount": 1, - "items": [ - { - "versionName": "1.0", - "_meta": { - "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions/a6c94786-0ee6-414f-9054-90d549c69c36", - "links": [ - { - "rel": "components", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/components" - }, - { - "rel": "vulnerable-components", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/vunlerable-bom-components" - }, - { - "rel": "policy-status", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/policy-status" - } - ] - } - } - ] - }` + "totalCount": 1, + "items": [ + { + "versionName": "1.0", + "_meta": { + "href": "https://my.blackduck.system/api/projects/5ca86e11-1983-4e7b-97d4-eb1a0aeffbbf/versions/a6c94786-0ee6-414f-9054-90d549c69c36", + "links": [ + { + "rel": "components", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/components" + }, + { + "rel": "vulnerable-components", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/vunlerable-bom-components" + }, + { + "rel": "policy-status", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/a6c94786/policy-status" + } + ] + } + } + ] + }` componentsContent = `{ - "totalCount": 3, - "items" : [ - { - "componentName": "Spring Framework", - "componentVersionName": "5.3.9", - "policyStatus": "IN_VIOLATION" - }, { - "componentName": "Apache Tomcat", - "componentVersionName": "9.0.52", - "policyStatus": "IN_VIOLATION" - }, { - "componentName": "Apache Log4j", - "componentVersionName": "4.5.16", - "policyStatus": "UNKNOWN" - } - ] - }` + "totalCount": 3, + "items" : [ + { + "componentName": "Spring Framework", + "componentVersionName": "5.3.9", + "policyStatus": "IN_VIOLATION" + }, { + "componentName": "Apache Tomcat", + "componentVersionName": "9.0.52", + "policyStatus": "IN_VIOLATION" + }, { + "componentName": "Apache Log4j", + "componentVersionName": "4.5.16", + "policyStatus": "UNKNOWN" + } + ] + }` vulnerabilitiesContent = `{ - "totalCount": 3, - "items": [ - { - "componentName": "Spring Framework", - "componentVersionName": "5.3.9", - "vulnerabilityWithRemediation" : { - "vulnerabilityName" : "BDSA-2019-2021", - "baseScore" : 7.5, - "overallScore" : 7.5, - "severity" : "HIGH", - "remediationStatus" : "IGNORED", - "description" : "description" - } - }, { - "componentName": "Apache Log4j", - "componentVersionName": "4.5.16", - "vulnerabilityWithRemediation" : { - "vulnerabilityName" : "BDSA-2020-4711", - "baseScore" : 7.5, - "overallScore" : 7.5, - "severity" : "HIGH", - "remediationStatus" : "IGNORED", - "description" : "description" - } - }, { - "componentName": "Apache Log4j", - "componentVersionName": "4.5.16", - "vulnerabilityWithRemediation" : { - "vulnerabilityName" : "BDSA-2020-4712", - "baseScore" : 4.5, - "overallScore" : 4.5, - "severity" : "MEDIUM", - "remediationStatus" : "IGNORED", - "description" : "description" - } - } - ] - }` + "totalCount": 3, + "items": [ + { + "componentName": "Spring Framework", + "componentVersionName": "5.3.9", + "vulnerabilityWithRemediation" : { + "vulnerabilityName" : "BDSA-2019-2021", + "baseScore" : 7.5, + "overallScore" : 7.5, + "severity" : "HIGH", + "remediationStatus" : "IGNORED", + "description" : "description" + } + }, { + "componentName": "Apache Log4j", + "componentVersionName": "4.5.16", + "vulnerabilityWithRemediation" : { + "vulnerabilityName" : "BDSA-2020-4711", + "baseScore" : 7.5, + "overallScore" : 7.5, + "severity" : "HIGH", + "remediationStatus" : "IGNORED", + "description" : "description" + } + }, { + "componentName": "Apache Log4j", + "componentVersionName": "4.5.16", + "vulnerabilityWithRemediation" : { + "vulnerabilityName" : "BDSA-2020-4712", + "baseScore" : 4.5, + "overallScore" : 4.5, + "severity" : "MEDIUM", + "remediationStatus" : "IGNORED", + "description" : "description" + } + } + ] + }` policyStatusContent = `{ - "overallStatus": "IN_VIOLATION", - "componentVersionPolicyViolationDetails": { - "name": "IN_VIOLATION", - "severityLevels": [{"name":"BLOCKER", "value": 1}, {"name": "CRITICAL", "value": 1}] - } - }` + "overallStatus": "IN_VIOLATION", + "componentVersionPolicyViolationDetails": { + "name": "IN_VIOLATION", + "severityLevels": [{"name":"BLOCKER", "value": 1}, {"name": "CRITICAL", "value": 1}] + } + }` projectContentRapidScan = `{ - "totalCount": 1, - "items": [ - { - "name": "Rapid_scan_on_PRs", - "_meta": { - "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf", - "links": [ - { - "rel": "versions", - "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf/versions" - } - ] - } - } - ] - }` + "totalCount": 1, + "items": [ + { + "name": "Rapid_scan_on_PRs", + "_meta": { + "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf", + "links": [ + { + "rel": "versions", + "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf/versions" + } + ] + } + } + ] + }` projectVersionContentRapid = `{ - "totalCount": 1, - "items": [ - { - "versionName": "1.0", - "_meta": { - "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf/versions/54357fds-0ee6-414f-9054-90d549c69c36", - "links": [ - { - "rel": "components", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/components" - }, - { - "rel": "vulnerable-components", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/vunlerable-bom-components" - }, - { - "rel": "policy-status", - "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/policy-status" - } - ] - } - } - ] - }` + "totalCount": 1, + "items": [ + { + "versionName": "1.0", + "_meta": { + "href": "https://my.blackduck.system/api/projects/654ggfdgf-1983-4e7b-97d4-eb1a0aeffbbf/versions/54357fds-0ee6-414f-9054-90d549c69c36", + "links": [ + { + "rel": "components", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/components" + }, + { + "rel": "vulnerable-components", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/vunlerable-bom-components" + }, + { + "rel": "policy-status", + "href": "https://my.blackduck.system/api/projects/5ca86e11/versions/654784382/policy-status" + } + ] + } + } + ] + }` ) func (c *detectTestUtilsBundle) RunExecutable(string, ...string) error { @@ -302,12 +302,13 @@ func TestRunDetect(t *testing.T) { utilsMock.AddFile("detect.sh", []byte("")) err := runDetect(ctx, detectExecuteScanOptions{}, utilsMock, &detectExecuteScanInflux{}) - assert.Equal(t, utilsMock.downloadedFiles["https://detect.synopsys.com/detect7.sh"], "detect.sh") + assert.Equal(t, utilsMock.downloadedFiles["https://detect.synopsys.com/detect8.sh"], "detect.sh") assert.True(t, utilsMock.HasRemovedFile("detect.sh")) assert.NoError(t, err) assert.Equal(t, ".", utilsMock.Dir, "Wrong execution directory used") assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected") - expectedScript := "./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'" + // TEMPRORARY CHANGED until 25.09.2023 + expectedScript := "./detect.sh --detect.project.codelocation.unmap=true --blackduck.url= --blackduck.api.token= \"--detect.project.name=\" \"--detect.project.version.name=\" \"--detect.code.location.name=\" \"--detect.force.success.on.skip=true\" --detect.source.path='.'" assert.Equal(t, expectedScript, utilsMock.Calls[0]) }) @@ -315,7 +316,8 @@ func TestRunDetect(t *testing.T) { t.Parallel() ctx := context.Background() utilsMock := newDetectTestUtilsBundle(false) - utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'": fmt.Errorf("")} + // TEMPRORARY CHANGED until 25.09.2023 + utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --detect.project.codelocation.unmap=true --blackduck.url= --blackduck.api.token= \"--detect.project.name=\" \"--detect.project.version.name=\" \"--detect.code.location.name=\" \"--detect.force.success.on.skip=true\" --detect.source.path='.'": fmt.Errorf("")} utilsMock.ExitCode = 3 utilsMock.AddFile("detect.sh", []byte("")) err := runDetect(ctx, detectExecuteScanOptions{FailOnSevereVulnerabilities: true}, utilsMock, &detectExecuteScanInflux{}) @@ -341,7 +343,7 @@ func TestRunDetect(t *testing.T) { assert.Equal(t, "/bin/bash", utilsMock.Shell[0], "Bash shell expected") absoluteLocalPath := string(os.PathSeparator) + filepath.Join("root_folder", ".pipeline", "local_repo") - expectedParam := "\"--detect.maven.build.command='--global-settings global-settings.xml --settings project-settings.xml -Dmaven.repo.local=" + absoluteLocalPath + "'\"" + expectedParam := "\"--detect.maven.build.command=--global-settings global-settings.xml --settings project-settings.xml -Dmaven.repo.local=" + absoluteLocalPath + "\"" assert.Contains(t, utilsMock.Calls[0], expectedParam) }) } @@ -374,13 +376,17 @@ func TestAddDetectArgs(t *testing.T) { "--detect.detector.search.depth=100", "--detect.detector.search.continue=true", "--detect.excluded.directories=dir1,dir2", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--scan1=1", "--scan2=2", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.code.location.name='testName/1.0'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.code.location.name=testName/1.0\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", }, @@ -401,13 +407,17 @@ func TestAddDetectArgs(t *testing.T) { }, expected: []string{ "--testProp1=1", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", }, @@ -428,13 +438,17 @@ func TestAddDetectArgs(t *testing.T) { }, expected: []string{ "--testProp1=1", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", }, @@ -456,13 +470,17 @@ func TestAddDetectArgs(t *testing.T) { }, expected: []string{ "--testProp1=1", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", }, @@ -488,11 +506,12 @@ func TestAddDetectArgs(t *testing.T) { "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", }, @@ -522,11 +541,12 @@ func TestAddDetectArgs(t *testing.T) { "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", "--detect.included.detector.types=MAVEN,GRADLE", @@ -560,11 +580,12 @@ func TestAddDetectArgs(t *testing.T) { "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", "--detect.included.detector.types=MAVEN,GRADLE", @@ -598,11 +619,12 @@ func TestAddDetectArgs(t *testing.T) { "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", "--detect.included.detector.types=MAVEN,GRADLE", @@ -638,11 +660,12 @@ func TestAddDetectArgs(t *testing.T) { "--detect.project.codelocation.unmap=true", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.project.user.groups='testGroup,testGroup2'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.project.user.groups=testGroup,testGroup2\"", "--detect.policy.check.fail.on.severities=BLOCKER,MAJOR", - "\"--detect.code.location.name='testLocation'\"", + "\"--detect.code.location.name=testLocation\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path=pathx", "--detect.included.detector.types=MAVEN,GRADLE", @@ -662,15 +685,22 @@ func TestAddDetectArgs(t *testing.T) { CodeLocation: "", ScanPaths: []string{"path1", "path2"}, MinScanInterval: 4, + //Temp until 25.09.2023 + //Unmap: true, + // -------------------- }, expected: []string{ "--testProp1=1", "--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='testName'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.code.location.name='testName/1.0'\"", + "\"--detect.project.name=testName\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.code.location.name=testName/1.0\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", }, @@ -687,16 +717,23 @@ func TestAddDetectArgs(t *testing.T) { ScanPaths: []string{"path1", "path2"}, MinScanInterval: 4, CustomScanVersion: "1.0", + //Temp until 25.09.2023 + //Unmap: true, + // -------------------- }, isPullRequest: true, expected: []string{ "--testProp1=1", "--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='Rapid_scan_on_PRs'\"", - "\"--detect.project.version.name='1.0'\"", - "\"--detect.code.location.name='Rapid_scan_on_PRs/1.0'\"", + "\"--detect.project.name=Rapid_scan_on_PRs\"", + "\"--detect.project.version.name=1.0\"", + "\"--detect.code.location.name=Rapid_scan_on_PRs/1.0\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", "--detect.blackduck.scan.mode='RAPID'", @@ -723,20 +760,27 @@ func TestAddDetectArgs(t *testing.T) { }, ExcludedDirectories: []string{"dir3,dir4"}, MinScanInterval: 4, - CustomScanVersion: "2.0", + //Temp until 25.09.2023 + //Unmap: true, + // -------------------- + CustomScanVersion: "2.0", }, isPullRequest: true, expected: []string{ "--testProp1=1", "--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--detect.detector.search.depth=5", "--detect.detector.search.continue=false", "--detect.excluded.directories=dir1,dir2", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='Rapid_scan_on_PRs'\"", - "\"--detect.project.version.name='2.0'\"", - "\"--detect.code.location.name='Rapid_scan_on_PRs/2.0'\"", + "\"--detect.project.name=Rapid_scan_on_PRs\"", + "\"--detect.project.version.name=2.0\"", + "\"--detect.code.location.name=Rapid_scan_on_PRs/2.0\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", "--detect.blackduck.scan.mode='RAPID'", @@ -760,13 +804,19 @@ func TestAddDetectArgs(t *testing.T) { ScanProperties: []string{ "--detect.maven.build.command= --settings .pipeline/settings.xml -DskipTests install", }, - MinScanInterval: 4, + MinScanInterval: 4, + //Temp until 25.09.2023 + //Unmap: true, + // -------------------- CustomScanVersion: "2.0", }, isPullRequest: true, expected: []string{ "--testProp1=1", "--detect.blackduck.signature.scanner.arguments='--min-scan-interval=4'", + //Temp until 25.09.2023 + "--detect.project.codelocation.unmap=true", + // -------------------- "--detect.maven.build.command=", "--settings", ".pipeline/settings.xml", @@ -774,9 +824,10 @@ func TestAddDetectArgs(t *testing.T) { "install", "--blackduck.url=https://server.url", "--blackduck.api.token=apiToken", - "\"--detect.project.name='Rapid_scan_on_PRs'\"", - "\"--detect.project.version.name='2.0'\"", - "\"--detect.code.location.name='Rapid_scan_on_PRs/2.0'\"", + "\"--detect.project.name=Rapid_scan_on_PRs\"", + "\"--detect.project.version.name=2.0\"", + "\"--detect.code.location.name=Rapid_scan_on_PRs/2.0\"", + "\"--detect.force.success.on.skip=true\"", "--detect.blackduck.signature.scanner.paths=path1,path2", "--detect.source.path='.'", "--detect.blackduck.scan.mode='RAPID'", diff --git a/resources/metadata/detectExecuteScan.yaml b/resources/metadata/detectExecuteScan.yaml index 2a9d44bc9d..35c10a9f90 100644 --- a/resources/metadata/detectExecuteScan.yaml +++ b/resources/metadata/detectExecuteScan.yaml @@ -297,28 +297,43 @@ spec: - STAGES - STEPS deprecated: true + - name: useDetect7 + description: + "This flag allows to use the currently supported 8 version of Detect Script instead of v7" + aliases: + - name: detect/useDetect7 + type: bool + scope: + - PARAMETERS + - STAGES + - STEPS + default: false - name: useDetect8 description: "This flag allows to use the currently supported 8 version of Detect Script instead of v7" aliases: - name: detect/useDetect8 + deprecated: true type: bool scope: - PARAMETERS - STAGES - STEPS - default: false + default: true + deprecated: true - name: successOnSkip description: "This flag allows forces Black Duck to exit with 0 error code if any step is skipped" aliases: - name: detect/successOnSkip + deprecated: true type: bool scope: - PARAMETERS - STAGES - STEPS - default: false + default: true + deprecated: true - name: customEnvironmentVariables description: "A list of environment variables which can be set to prepare the environment to run a BlackDuck scan. This includes a list of environment variables defined by