fix(codeqlExecuteScan): support http(s) urls for maven settings files (…

…SAP#4718)
mscudlik · Dec 13, 2023 · 4f5ed26 · 4f5ed26
1 parent 405e42a
commit 4f5ed26
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 34 deletions.
diff --git a/cmd/codeqlExecuteScan.go b/cmd/codeqlExecuteScan.go
@@ -3,6 +3,7 @@ package cmd
 import (
 	"bytes"
 	"fmt"
+	"net/http"
 	"os"
 	"path/filepath"
 	"regexp"
@@ -11,7 +12,9 @@ import (
 
 	"github.com/SAP/jenkins-library/pkg/codeql"
 	"github.com/SAP/jenkins-library/pkg/command"
+	piperhttp "github.com/SAP/jenkins-library/pkg/http"
 	"github.com/SAP/jenkins-library/pkg/log"
+	"github.com/SAP/jenkins-library/pkg/maven"
 	"github.com/SAP/jenkins-library/pkg/orchestrator"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
 	"github.com/SAP/jenkins-library/pkg/telemetry"
@@ -22,11 +25,14 @@ type codeqlExecuteScanUtils interface {
 	command.ExecRunner
 
 	piperutils.FileUtils
+
+	DownloadFile(url, filename string, header http.Header, cookies []*http.Cookie) error
 }
 
 type codeqlExecuteScanUtilsBundle struct {
 	*command.Command
 	*piperutils.Files
+	*piperhttp.Client
 }
 
 const (
@@ -38,6 +44,7 @@ func newCodeqlExecuteScanUtils() codeqlExecuteScanUtils {
 	utils := codeqlExecuteScanUtilsBundle{
 		Command: &command.Command{},
 		Files:   &piperutils.Files{},
+		Client:  &piperhttp.Client{},
 	}
 
 	utils.Stdout(log.Writer())
@@ -284,7 +291,7 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
 
 	if len(config.BuildCommand) > 0 {
 		buildCmd := config.BuildCommand
-		buildCmd = buildCmd + getMavenSettings(config)
+		buildCmd = buildCmd + getMavenSettings(config, utils)
 		cmd = append(cmd, "--command="+buildCmd)
 	}
 
@@ -417,23 +424,16 @@ func getRamAndThreadsFromConfig(config *codeqlExecuteScanOptions) []string {
 	return params
 }
 
-func getMavenSettings(config *codeqlExecuteScanOptions) string {
+func getMavenSettings(config *codeqlExecuteScanOptions, utils codeqlExecuteScanUtils) string {
 	params := ""
 	if len(config.BuildCommand) > 0 && config.BuildTool == "maven" && !strings.Contains(config.BuildCommand, "--global-settings") && !strings.Contains(config.BuildCommand, "--settings") {
-		if len(config.ProjectSettingsFile) > 0 {
-			if strings.Contains(config.ProjectSettingsFile, "http") {
-				log.Entry().Warn("codeqlExecuteScan's projectSettingsFile param still does not support http(s) urls. Please use a local file path")
-			} else {
-				params = " --settings=" + config.ProjectSettingsFile
-			}
+		mvnParams, err := maven.DownloadAndGetMavenParameters(config.GlobalSettingsFile, config.ProjectSettingsFile, utils)
+		if err != nil {
+			log.Entry().Error("failed to download and get maven parameters: ", err)
+			return params
 		}
-
-		if len(config.GlobalSettingsFile) > 0 {
-			if strings.Contains(config.GlobalSettingsFile, "http") {
-				log.Entry().Warn("codeqlExecuteScan's globalSettingsFile param still does not support http(s) urls. Please use a local file path")
-			} else {
-				params = params + " --global-settings=" + config.GlobalSettingsFile
-			}
+		for i := 1; i < len(mvnParams); i += 2 {
+			params = fmt.Sprintf("%s %s=%s", params, mvnParams[i-1], mvnParams[i])
 		}
 	}
 	return params

diff --git a/cmd/codeqlExecuteScan_test.go b/cmd/codeqlExecuteScan_test.go
@@ -17,12 +17,14 @@ import (
 type codeqlExecuteScanMockUtils struct {
 	*mock.ExecMockRunner
 	*mock.FilesMock
+	*mock.HttpClientMock
 }
 
 func newCodeqlExecuteScanTestsUtils() codeqlExecuteScanMockUtils {
 	utils := codeqlExecuteScanMockUtils{
 		ExecMockRunner: &mock.ExecMockRunner{},
 		FilesMock:      &mock.FilesMock{},
+		HttpClientMock: &mock.HttpClientMock{},
 	}
 	return utils
 }
@@ -304,62 +306,98 @@ func TestGetMavenSettings(t *testing.T) {
 	t.Parallel()
 	t.Run("No maven", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "npm"}
-		params := getMavenSettings(&config)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
 		assert.Equal(t, "", params)
 	})
 
 	t.Run("No build command", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven"}
-		params := getMavenSettings(&config)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
 		assert.Equal(t, "", params)
 	})
 
 	t.Run("Project Settings file", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "test.xml"}
-		params := getMavenSettings(&config)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
 		assert.Equal(t, " --settings=test.xml", params)
 	})
 
 	t.Run("Skip Project Settings file incase already used", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install --settings=project.xml", ProjectSettingsFile: "test.xml"}
-		params := getMavenSettings(&config)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
 		assert.Equal(t, "", params)
 	})
 
 	t.Run("Global Settings file", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "gloabl.xml"}
-		params := getMavenSettings(&config)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
 		assert.Equal(t, " --global-settings=gloabl.xml", params)
 	})
 
 	t.Run("Project and Global Settings file", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "test.xml", GlobalSettingsFile: "global.xml"}
-		params := getMavenSettings(&config)
-		assert.Equal(t, " --settings=test.xml --global-settings=global.xml", params)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=global.xml --settings=test.xml", params)
 	})
 
-	t.Run("Skip incase of ProjectSettingsFile https url", func(t *testing.T) {
+	t.Run("ProjectSettingsFile https url", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "https://jenkins-sap-test.com/test.xml"}
-		params := getMavenSettings(&config)
-		assert.Equal(t, "", params)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --settings=.pipeline/mavenProjectSettings.xml", params)
 	})
 
-	t.Run("Skip incase of ProjectSettingsFile http url", func(t *testing.T) {
+	t.Run("ProjectSettingsFile http url", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"}
-		params := getMavenSettings(&config)
-		assert.Equal(t, "", params)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --settings=.pipeline/mavenProjectSettings.xml", params)
 	})
 
-	t.Run("Skip incase of GlobalSettingsFile https url", func(t *testing.T) {
+	t.Run("GlobalSettingsFile https url", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml"}
-		params := getMavenSettings(&config)
-		assert.Equal(t, "", params)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml", params)
 	})
 
-	t.Run("Skip incase of GlobalSettingsFile http url", func(t *testing.T) {
+	t.Run("GlobalSettingsFile http url", func(t *testing.T) {
 		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml"}
-		params := getMavenSettings(&config)
-		assert.Equal(t, "", params)
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile and GlobalSettingsFile https url", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=.pipeline/mavenProjectSettings.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile and GlobalSettingsFile http url", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=.pipeline/mavenProjectSettings.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile file and GlobalSettingsFile https url", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=test.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile file and GlobalSettingsFile https url", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=test.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile https url and GlobalSettingsFile file", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "global.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=global.xml --settings=.pipeline/mavenProjectSettings.xml", params)
+	})
+
+	t.Run("ProjectSettingsFile http url and GlobalSettingsFile file", func(t *testing.T) {
+		config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "global.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"}
+		params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils())
+		assert.Equal(t, " --global-settings=global.xml --settings=.pipeline/mavenProjectSettings.xml", params)
 	})
 }