Skip to content

feat: add new flag containerScan to detectExecuteScan #5312

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Apr 22, 2025
Merged

feat: add new flag containerScan to detectExecuteScan #5312

merged 6 commits into from
Apr 22, 2025

Conversation

pkunray
Copy link
Contributor

@pkunray pkunray commented Apr 4, 2025

Description

This change adds a new flag 'containerScan' that enables using the Detect CONTAINER_SCAN tool instead of Docker Inspector for container image scanning.

When containerScan is set to true:

  • Only container image scanning is performed, other scans are skipped
  • Container scanning uses the Detect CONTAINER_SCAN tool
  • Docker Inspector parameters are not used

The implementation includes:

  • New containerScan parameter in the step configuration
  • Updated logic in runDetect to handle the containerScan flag
  • Updated addDetectArgsImages to use container scan parameters
  • Unit tests to verify container scan functionality
  • Removed duplicated unit tests in TestAddDetectArgs

Checklist

  • Tests
  • Documentation
  • Inner source library needs updating

pkunray added 2 commits April 4, 2025 00:24
@pkunray
feat(detectExecuteScan): add container scan support as alternative to…
77112e5 
… Docker Inspector

This change adds a new flag 'containerScan' that enables using the Detect
CONTAINER_SCAN tool instead of Docker Inspector for container image scanning.

When containerScan is set to true:
- Only container image scanning is performed, other scans are skipped
- Container scanning uses the Detect CONTAINER_SCAN tool
- Docker Inspector parameters are not used

The implementation includes:
- New containerScan parameter in the step configuration
- Updated logic in runDetect to handle the containerScan flag
- Updated addDetectArgsImages to use container scan parameters
- Unit tests to verify container scan functionality
- Removed duplicated unit tests in TestAddDetectArgs
@pkunray
chore: Remove outdated comment
1976174
@pkunray pkunray requested a review from a team as a code owner April 4, 2025 08:23
@cla-assistant CLA Assistant
Copy link

cla-assistant bot commented Apr 4, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

jitendk
jitendk approved these changes Apr 7, 2025
View reviewed changes
Copy link
Contributor

@jitendk jitendk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes approved,

CCFenner
CCFenner approved these changes Apr 11, 2025
View reviewed changes
@CCFenner
Copy link
Member

/it-go

@pkunray
Copy link
Contributor Author

pkunray commented Apr 11, 2025

Hi @CCFenner regarding the integration test errors, they don't seem caused by my changes, should I take any actions on that or are they being handled separately?

Example:

fatal tmsExport - Failed to prepare client for talking with TMS - Error fetching OAuth token: HTTP POST request to https://piperinttest.authentication.sap.hana.ondemand.com/oauth/token/?grant_type=client_credentials&response_type=token failed: Post "https://piperinttest.authentication.sap.hana.ondemand.com/oauth/token/?grant_type=client_credentials&response_type=token": tls: failed to verify certificate: x509: certificate signed by unknown authority

@CCFenner
Copy link
Member

/it-go

@manjunathSurendrakumar
Copy link
Member

/it-go

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@pkunray
Copy link
Contributor Author

pkunray commented Apr 22, 2025

/it-go

@CCFenner CCFenner merged commit bdfddf0 into SAP:master Apr 22, 2025
13 checks passed
maxatsap added a commit to maxatsap/jenkins-library that referenced this pull request May 8, 2025
@maxatsap
Merge remote-tracking branch 'origin' into kaniko-context-prefix-fix
625fdcf 
* origin: (27 commits)
  fix(golang): handle errors with simple module names (SAP#5339)
  Revert "fix(integration): Skip failing intergration tests for now (SAP#5… (SAP#5330)
  Abap env cf cli latest (SAP#5338)
  [golangBuild] Add better error logging to `isMainPackage` (SAP#5308)
  abapEnvironment steps cf-cli v12 to latest (SAP#5333)
  Add link to CNB docs for run images (SAP#5336)
  feat(detect): add flag containerScan to detect step (SAP#5312)
  fix(sonarExecuteScan): update sonarScannerDownloadUrl (SAP#5314)
  (improvement!) handle case if AdoPersonalAccessToken is not set (SAP#5322)
  fix(gcs): return Temporary hold error without retry (SAP#5335)
  feat(cnbBuild): enable additional syft catalogers for sbom generation (SAP#5332)
  chore(deps): Update direct dependencies (SAP#5327)
  fix(integration): Skip failing intergration tests for now (SAP#5329)
  Update CODEOWNERS for Sonar files (SAP#5317)
  chore(sonar): drop code ownership for sonar (SAP#5315)
  chore(): Replaced node version `lts-buster` with `lts-bookworm` (SAP#5286)
  feat: output hooks values in stage-config.json (SAP#5311)
  fix(docs): update Gauge url (SAP#5313)
  [ABAP] Add type to log output (SAP#5310)
  usage of BASH from PATH (SAP#5282)
  ...
maxatsap added a commit to maxatsap/jenkins-library that referenced this pull request May 8, 2025
@maxatsap
Merge remote-tracking branch 'origin' into malwarescan-async-scan
cee1dc5 
* origin: (27 commits)
  fix(golang): handle errors with simple module names (SAP#5339)
  Revert "fix(integration): Skip failing intergration tests for now (SAP#5… (SAP#5330)
  Abap env cf cli latest (SAP#5338)
  [golangBuild] Add better error logging to `isMainPackage` (SAP#5308)
  abapEnvironment steps cf-cli v12 to latest (SAP#5333)
  Add link to CNB docs for run images (SAP#5336)
  feat(detect): add flag containerScan to detect step (SAP#5312)
  fix(sonarExecuteScan): update sonarScannerDownloadUrl (SAP#5314)
  (improvement!) handle case if AdoPersonalAccessToken is not set (SAP#5322)
  fix(gcs): return Temporary hold error without retry (SAP#5335)
  feat(cnbBuild): enable additional syft catalogers for sbom generation (SAP#5332)
  chore(deps): Update direct dependencies (SAP#5327)
  fix(integration): Skip failing intergration tests for now (SAP#5329)
  Update CODEOWNERS for Sonar files (SAP#5317)
  chore(sonar): drop code ownership for sonar (SAP#5315)
  chore(): Replaced node version `lts-buster` with `lts-bookworm` (SAP#5286)
  feat: output hooks values in stage-config.json (SAP#5311)
  fix(docs): update Gauge url (SAP#5313)
  [ABAP] Add type to log output (SAP#5310)
  usage of BASH from PATH (SAP#5282)
  ...
maxatsap added a commit to maxatsap/jenkins-library that referenced this pull request May 8, 2025
@maxatsap
Merge remote-tracking branch 'origin' into whitesource-sbt-config-fix
1531c03 
* origin: (27 commits)
  fix(golang): handle errors with simple module names (SAP#5339)
  Revert "fix(integration): Skip failing intergration tests for now (SAP#5… (SAP#5330)
  Abap env cf cli latest (SAP#5338)
  [golangBuild] Add better error logging to `isMainPackage` (SAP#5308)
  abapEnvironment steps cf-cli v12 to latest (SAP#5333)
  Add link to CNB docs for run images (SAP#5336)
  feat(detect): add flag containerScan to detect step (SAP#5312)
  fix(sonarExecuteScan): update sonarScannerDownloadUrl (SAP#5314)
  (improvement!) handle case if AdoPersonalAccessToken is not set (SAP#5322)
  fix(gcs): return Temporary hold error without retry (SAP#5335)
  feat(cnbBuild): enable additional syft catalogers for sbom generation (SAP#5332)
  chore(deps): Update direct dependencies (SAP#5327)
  fix(integration): Skip failing intergration tests for now (SAP#5329)
  Update CODEOWNERS for Sonar files (SAP#5317)
  chore(sonar): drop code ownership for sonar (SAP#5315)
  chore(): Replaced node version `lts-buster` with `lts-bookworm` (SAP#5286)
  feat: output hooks values in stage-config.json (SAP#5311)
  fix(docs): update Gauge url (SAP#5313)
  [ABAP] Add type to log output (SAP#5310)
  usage of BASH from PATH (SAP#5282)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CCFenner CCFenner CCFenner approved these changes

@jitendk jitendk jitendk approved these changes

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pkunray @CCFenner @manjunathSurendrakumar @jitendk