From 4f5ed26031f8e4d0a502a9073804e2768c444c61 Mon Sep 17 00:00:00 2001 From: Daria Kuznetsova Date: Wed, 13 Dec 2023 09:55:07 +0100 Subject: [PATCH] fix(codeqlExecuteScan): support http(s) urls for maven settings files (#4718) --- cmd/codeqlExecuteScan.go | 30 +++++++------- cmd/codeqlExecuteScan_test.go | 76 ++++++++++++++++++++++++++--------- 2 files changed, 72 insertions(+), 34 deletions(-) diff --git a/cmd/codeqlExecuteScan.go b/cmd/codeqlExecuteScan.go index 8dfced36d1..d9ac049512 100644 --- a/cmd/codeqlExecuteScan.go +++ b/cmd/codeqlExecuteScan.go @@ -3,6 +3,7 @@ package cmd import ( "bytes" "fmt" + "net/http" "os" "path/filepath" "regexp" @@ -11,7 +12,9 @@ import ( "github.com/SAP/jenkins-library/pkg/codeql" "github.com/SAP/jenkins-library/pkg/command" + piperhttp "github.com/SAP/jenkins-library/pkg/http" "github.com/SAP/jenkins-library/pkg/log" + "github.com/SAP/jenkins-library/pkg/maven" "github.com/SAP/jenkins-library/pkg/orchestrator" "github.com/SAP/jenkins-library/pkg/piperutils" "github.com/SAP/jenkins-library/pkg/telemetry" @@ -22,11 +25,14 @@ type codeqlExecuteScanUtils interface { command.ExecRunner piperutils.FileUtils + + DownloadFile(url, filename string, header http.Header, cookies []*http.Cookie) error } type codeqlExecuteScanUtilsBundle struct { *command.Command *piperutils.Files + *piperhttp.Client } const ( @@ -38,6 +44,7 @@ func newCodeqlExecuteScanUtils() codeqlExecuteScanUtils { utils := codeqlExecuteScanUtilsBundle{ Command: &command.Command{}, Files: &piperutils.Files{}, + Client: &piperhttp.Client{}, } utils.Stdout(log.Writer()) @@ -284,7 +291,7 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem if len(config.BuildCommand) > 0 { buildCmd := config.BuildCommand - buildCmd = buildCmd + getMavenSettings(config) + buildCmd = buildCmd + getMavenSettings(config, utils) cmd = append(cmd, "--command="+buildCmd) } @@ -417,23 +424,16 @@ func getRamAndThreadsFromConfig(config *codeqlExecuteScanOptions) []string { return params } -func getMavenSettings(config *codeqlExecuteScanOptions) string { +func getMavenSettings(config *codeqlExecuteScanOptions, utils codeqlExecuteScanUtils) string { params := "" if len(config.BuildCommand) > 0 && config.BuildTool == "maven" && !strings.Contains(config.BuildCommand, "--global-settings") && !strings.Contains(config.BuildCommand, "--settings") { - if len(config.ProjectSettingsFile) > 0 { - if strings.Contains(config.ProjectSettingsFile, "http") { - log.Entry().Warn("codeqlExecuteScan's projectSettingsFile param still does not support http(s) urls. Please use a local file path") - } else { - params = " --settings=" + config.ProjectSettingsFile - } + mvnParams, err := maven.DownloadAndGetMavenParameters(config.GlobalSettingsFile, config.ProjectSettingsFile, utils) + if err != nil { + log.Entry().Error("failed to download and get maven parameters: ", err) + return params } - - if len(config.GlobalSettingsFile) > 0 { - if strings.Contains(config.GlobalSettingsFile, "http") { - log.Entry().Warn("codeqlExecuteScan's globalSettingsFile param still does not support http(s) urls. Please use a local file path") - } else { - params = params + " --global-settings=" + config.GlobalSettingsFile - } + for i := 1; i < len(mvnParams); i += 2 { + params = fmt.Sprintf("%s %s=%s", params, mvnParams[i-1], mvnParams[i]) } } return params diff --git a/cmd/codeqlExecuteScan_test.go b/cmd/codeqlExecuteScan_test.go index bbdbe26159..28f056b0c7 100644 --- a/cmd/codeqlExecuteScan_test.go +++ b/cmd/codeqlExecuteScan_test.go @@ -17,12 +17,14 @@ import ( type codeqlExecuteScanMockUtils struct { *mock.ExecMockRunner *mock.FilesMock + *mock.HttpClientMock } func newCodeqlExecuteScanTestsUtils() codeqlExecuteScanMockUtils { utils := codeqlExecuteScanMockUtils{ ExecMockRunner: &mock.ExecMockRunner{}, FilesMock: &mock.FilesMock{}, + HttpClientMock: &mock.HttpClientMock{}, } return utils } @@ -304,62 +306,98 @@ func TestGetMavenSettings(t *testing.T) { t.Parallel() t.Run("No maven", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "npm"} - params := getMavenSettings(&config) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) assert.Equal(t, "", params) }) t.Run("No build command", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven"} - params := getMavenSettings(&config) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) assert.Equal(t, "", params) }) t.Run("Project Settings file", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "test.xml"} - params := getMavenSettings(&config) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) assert.Equal(t, " --settings=test.xml", params) }) t.Run("Skip Project Settings file incase already used", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install --settings=project.xml", ProjectSettingsFile: "test.xml"} - params := getMavenSettings(&config) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) assert.Equal(t, "", params) }) t.Run("Global Settings file", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "gloabl.xml"} - params := getMavenSettings(&config) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) assert.Equal(t, " --global-settings=gloabl.xml", params) }) t.Run("Project and Global Settings file", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "test.xml", GlobalSettingsFile: "global.xml"} - params := getMavenSettings(&config) - assert.Equal(t, " --settings=test.xml --global-settings=global.xml", params) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=global.xml --settings=test.xml", params) }) - t.Run("Skip incase of ProjectSettingsFile https url", func(t *testing.T) { + t.Run("ProjectSettingsFile https url", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "https://jenkins-sap-test.com/test.xml"} - params := getMavenSettings(&config) - assert.Equal(t, "", params) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --settings=.pipeline/mavenProjectSettings.xml", params) }) - t.Run("Skip incase of ProjectSettingsFile http url", func(t *testing.T) { + t.Run("ProjectSettingsFile http url", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"} - params := getMavenSettings(&config) - assert.Equal(t, "", params) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --settings=.pipeline/mavenProjectSettings.xml", params) }) - t.Run("Skip incase of GlobalSettingsFile https url", func(t *testing.T) { + t.Run("GlobalSettingsFile https url", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml"} - params := getMavenSettings(&config) - assert.Equal(t, "", params) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml", params) }) - t.Run("Skip incase of GlobalSettingsFile http url", func(t *testing.T) { + t.Run("GlobalSettingsFile http url", func(t *testing.T) { config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml"} - params := getMavenSettings(&config) - assert.Equal(t, "", params) + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml", params) + }) + + t.Run("ProjectSettingsFile and GlobalSettingsFile https url", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=.pipeline/mavenProjectSettings.xml", params) + }) + + t.Run("ProjectSettingsFile and GlobalSettingsFile http url", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=.pipeline/mavenProjectSettings.xml", params) + }) + + t.Run("ProjectSettingsFile file and GlobalSettingsFile https url", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "https://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=test.xml", params) + }) + + t.Run("ProjectSettingsFile file and GlobalSettingsFile https url", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "http://jenkins-sap-test.com/test.xml", ProjectSettingsFile: "test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=.pipeline/mavenGlobalSettings.xml --settings=test.xml", params) + }) + + t.Run("ProjectSettingsFile https url and GlobalSettingsFile file", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "global.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=global.xml --settings=.pipeline/mavenProjectSettings.xml", params) + }) + + t.Run("ProjectSettingsFile http url and GlobalSettingsFile file", func(t *testing.T) { + config := codeqlExecuteScanOptions{BuildTool: "maven", BuildCommand: "mvn clean install", GlobalSettingsFile: "global.xml", ProjectSettingsFile: "http://jenkins-sap-test.com/test.xml"} + params := getMavenSettings(&config, newCodeqlExecuteScanTestsUtils()) + assert.Equal(t, " --global-settings=global.xml --settings=.pipeline/mavenProjectSettings.xml", params) }) }