SAP · anilkeshav27 · Jun 14, 2023 · May 25, 2023 · May 25, 2023 · May 25, 2023
@@ -15,6 +15,7 @@ import (
 	"github.com/pkg/errors"
 
 	"github.com/SAP/jenkins-library/pkg/command"
+	"github.com/SAP/jenkins-library/pkg/docker"
 	piperDocker "github.com/SAP/jenkins-library/pkg/docker"
 	"github.com/SAP/jenkins-library/pkg/log"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
@@ -25,9 +26,10 @@ import (
 )
 
 const (
-	webReportPath  = "%s/#/product/%v/"
-	scanResultFile = "protecodescan_vulns.json"
-	stepResultFile = "protecodeExecuteScan.json"
+	webReportPath    = "%s/#/product/%v/"
+	scanResultFile   = "protecodescan_vulns.json"
+	stepResultFile   = "protecodeExecuteScan.json"
+	dockerConfigFile = ".pipeline/docker/config.json"
 )
 
 type protecodeUtils interface {
@@ -72,7 +74,9 @@ func runProtecodeScan(config *protecodeExecuteScanOptions, influx *protecodeExec
 		return err
 	}
 
-	correctDockerConfigEnvVar(config)
+	if err := correctDockerConfigEnvVar(config, utils); err != nil {
+		return err
+	}
 
 	var fileName, filePath string
 	var err error
@@ -372,8 +376,18 @@ func uploadFile(utils protecodeUtils, config protecodeExecuteScanOptions, produc
 	return productID
 }
 
-func correctDockerConfigEnvVar(config *protecodeExecuteScanOptions) {
+func correctDockerConfigEnvVar(config *protecodeExecuteScanOptions, utils protecodeUtils) error {
+	var err error
 	path := config.DockerConfigJSON
+
+	if len(config.DockerConfigJSON) > 0 && len(config.DockerRegistryURL) > 0 && len(config.ContainerRegistryPassword) > 0 && len(config.ContainerRegistryUser) > 0 {
+		path, err = docker.CreateDockerConfigJSON(config.DockerRegistryURL, config.ContainerRegistryUser, config.ContainerRegistryPassword, dockerConfigFile, config.DockerConfigJSON, utils)
+	}
+
+	if err != nil {
+		return errors.Wrapf(err, "failed to create / update docker config json file")
+	}
+
 	if len(path) > 0 {
 		log.Entry().Infof("Docker credentials configuration: %v", path)
 		path, _ := filepath.Abs(path)
@@ -383,6 +397,7 @@ func correctDockerConfigEnvVar(config *protecodeExecuteScanOptions) {
 	} else {
 		log.Entry().Info("Docker credentials configuration: NONE")
 	}
+	return nil
 }
 
 // Calculate version based on versioning model and artifact version or return custom scan version provided by user

diff --git a/cmd/protecodeExecuteScan_generated.go b/cmd/protecodeExecuteScan_generated.go
@@ -348,6 +348,11 @@ func TestExecuteProtecodeScan(t *testing.T) {
 }
 
 func TestCorrectDockerConfigEnvVar(t *testing.T) {
+	utils := protecodeTestUtilsBundle{
+		FilesMock:    &mock.FilesMock{},
+		DownloadMock: &mock.DownloadMock{},
+	}
+
 	t.Run("with credentials", func(t *testing.T) {
 		// init
 		testDirectory := t.TempDir()
@@ -366,7 +371,7 @@ func TestCorrectDockerConfigEnvVar(t *testing.T) {
 		resetValue := os.Getenv("DOCKER_CONFIG")
 		defer os.Setenv("DOCKER_CONFIG", resetValue)
 		// test
-		correctDockerConfigEnvVar(&protecodeExecuteScanOptions{DockerConfigJSON: dockerConfigFile})
+		correctDockerConfigEnvVar(&protecodeExecuteScanOptions{DockerConfigJSON: dockerConfigFile}, utils)
 		// assert
 		absolutePath, _ := filepath.Abs(dockerConfigDir)
 		assert.Equal(t, absolutePath, os.Getenv("DOCKER_CONFIG"))
@@ -376,7 +381,7 @@ func TestCorrectDockerConfigEnvVar(t *testing.T) {
 		resetValue := os.Getenv("DOCKER_CONFIG")
 		defer os.Setenv("DOCKER_CONFIG", resetValue)
 		// test
-		correctDockerConfigEnvVar(&protecodeExecuteScanOptions{})
+		correctDockerConfigEnvVar(&protecodeExecuteScanOptions{}, utils)
 		// assert
 		assert.Equal(t, resetValue, os.Getenv("DOCKER_CONFIG"))
 	})

@@ -67,6 +67,32 @@ spec:
           - PARAMETERS
           - STAGES
           - STEPS
+      - name: containerRegistryPassword
+        description: "For `buildTool: docker`: Password for container registry access - typically provided by the CI/CD environment."
+        type: string
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        secret: true
+        resourceRef:
+          - name: commonPipelineEnvironment
+            param: container/repositoryPassword
+          - name: commonPipelineEnvironment
+            param: custom/repositoryPassword
+      - name: containerRegistryUser
+        description: "For `buildTool: docker`: Username for container registry access - typically provided by the CI/CD environment."
+        type: string
+        scope:
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        secret: true
+        resourceRef:
+          - name: commonPipelineEnvironment
+            param: container/repositoryUsername
+          - name: commonPipelineEnvironment
+            param: custom/repositoryUsername
       - name: dockerConfigJSON
         type: string
         description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).