From e28481a460222a4fe56366c827c60e178df68333 Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:43:21 +0200 Subject: [PATCH 1/8] Update URL to recent SapMachine 11.0.2 in from Jan2019 := 5 years old use the recent version => 11.0.24 --- resources/metadata/whitesourceExecuteScan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index 95adcdd7fc..b916516bf7 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -255,7 +255,7 @@ spec: - PARAMETERS - STAGES - STEPS - default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz" + default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.24/sapmachine-jre-11.0.24_linux-x64_bin.tar.gz" - name: licensingVulnerabilities type: bool description: "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment." From f727baf0ee5a2033e1003d5f059934256eaf8310 Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Fri, 25 Oct 2024 18:19:59 +0200 Subject: [PATCH 2/8] 11.0.24 to 25 meanwhile 11.0.25 is the latest version --- resources/metadata/whitesourceExecuteScan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index b916516bf7..44968b44e5 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -255,7 +255,7 @@ spec: - PARAMETERS - STAGES - STEPS - default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.24/sapmachine-jre-11.0.24_linux-x64_bin.tar.gz" + default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.25/sapmachine-jre-11.0.25_linux-x64_bin.tar.gz" - name: licensingVulnerabilities type: bool description: "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment." From 4c110747e67967cafafc2c4635eac437ede3990d Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Fri, 25 Oct 2024 18:29:13 +0200 Subject: [PATCH 3/8] update from 11.0.25 to stable 21 link now to use https://sap.github.io/SapMachine/latest/21/linux-x64/jre/ --- resources/metadata/whitesourceExecuteScan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index 44968b44e5..941439f8ff 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -255,7 +255,7 @@ spec: - PARAMETERS - STAGES - STEPS - default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.25/sapmachine-jre-11.0.25_linux-x64_bin.tar.gz" + default: "https://sap.github.io/SapMachine/latest/21/linux-x64/jre/" - name: licensingVulnerabilities type: bool description: "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment." From 6b76f7366fc7ec9f2ab5dec417009dcd3ae69bd4 Mon Sep 17 00:00:00 2001 From: Harald Aamot Date: Wed, 30 Oct 2024 09:59:25 +0100 Subject: [PATCH 4/8] applied generated go code --- cmd/whitesourceExecuteScan_generated.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/whitesourceExecuteScan_generated.go b/cmd/whitesourceExecuteScan_generated.go index d5748b20ce..a34be76bc2 100644 --- a/cmd/whitesourceExecuteScan_generated.go +++ b/cmd/whitesourceExecuteScan_generated.go @@ -345,7 +345,7 @@ func addWhitesourceExecuteScanFlags(cmd *cobra.Command, stepConfig *whitesourceE cmd.Flags().BoolVar(&stepConfig.FailOnSevereVulnerabilities, "failOnSevereVulnerabilities", true, "Whether to fail the step on severe vulnerabilties or not") cmd.Flags().StringSliceVar(&stepConfig.Includes, "includes", []string{}, "List of file path patterns to include in the scan.") cmd.Flags().StringVar(&stepConfig.InstallCommand, "installCommand", os.Getenv("PIPER_installCommand"), "Install command that can be used to populate the default docker image for some scenarios.") - cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.") + cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://sap.github.io/SapMachine/latest/21/linux-x64/jre/`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.") cmd.Flags().BoolVar(&stepConfig.LicensingVulnerabilities, "licensingVulnerabilities", true, "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment.") cmd.Flags().StringVar(&stepConfig.OrgToken, "orgToken", os.Getenv("PIPER_orgToken"), "WhiteSource token identifying your organization.") cmd.Flags().StringVar(&stepConfig.ProductName, "productName", os.Getenv("PIPER_productName"), "Name of the WhiteSource product used for results aggregation. This parameter is mandatory if the parameter `createProductFromPipeline` is set to `true` and the WhiteSource product does not yet exist. It is also mandatory if the parameter `productToken` is not provided.") @@ -659,7 +659,7 @@ func whitesourceExecuteScanMetadata() config.StepData { Type: "string", Mandatory: false, Aliases: []config.Alias{{Name: "whitesource/jreDownloadUrl", Deprecated: true}}, - Default: `https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz`, + Default: `https://sap.github.io/SapMachine/latest/21/linux-x64/jre/`, }, { Name: "licensingVulnerabilities", From dee5d14474c34d54c8b5369d9993dec90bc91164 Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Mon, 4 Nov 2024 10:28:38 +0100 Subject: [PATCH 5/8] Update whitesourceExecuteScan.yaml --- resources/metadata/whitesourceExecuteScan.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index 941439f8ff..c061fc26c1 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -248,8 +248,7 @@ spec: deprecated: true type: string description: - "URL used for downloading the Java Runtime Environment (JRE) required to run the - WhiteSource Unified Agent." + "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent. The URL is a HTTP 302 Temp Redirect to the always latest available SapMachine 21, linux-x64, JRE" scope: - GENERAL - PARAMETERS From 4245bd563ebef98c0b3a7e1206ae1887e0fbd06a Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Thu, 7 Nov 2024 15:50:28 +0100 Subject: [PATCH 6/8] from 21-latest to 17.0.13 to speed this up --- resources/metadata/whitesourceExecuteScan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index 796d3dbffb..2d95697071 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -263,7 +263,7 @@ spec: - PARAMETERS - STAGES - STEPS - default: "https://sap.github.io/SapMachine/latest/21/linux-x64/jre/" + default: "https://github.com/SAP/SapMachine/releases/download/sapmachine-17.0.13/sapmachine-jre-17.0.13_linux-x64_bin.tar.gz" - name: licensingVulnerabilities type: bool description: "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment." From 0f68a2fc9aca8d4b8b6c80bc28aaf5ec7fd43159 Mon Sep 17 00:00:00 2001 From: christian <153755613+skateball@users.noreply.github.com> Date: Thu, 7 Nov 2024 15:52:24 +0100 Subject: [PATCH 7/8] revert description --- resources/metadata/whitesourceExecuteScan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml index 2d95697071..85298d9c76 100644 --- a/resources/metadata/whitesourceExecuteScan.yaml +++ b/resources/metadata/whitesourceExecuteScan.yaml @@ -257,7 +257,7 @@ spec: deprecated: true type: string description: - "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent. The URL is a HTTP 302 Temp Redirect to the always latest available SapMachine 21, linux-x64, JRE" + "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent." scope: - GENERAL - PARAMETERS From 0c10353cd32c3b9c397c5f56ea44832332617149 Mon Sep 17 00:00:00 2001 From: Oliver Feldmann Date: Thu, 7 Nov 2024 15:54:06 +0100 Subject: [PATCH 8/8] generate for new url --- cmd/whitesourceExecuteScan_generated.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/whitesourceExecuteScan_generated.go b/cmd/whitesourceExecuteScan_generated.go index 663e2f1682..c41928a315 100644 --- a/cmd/whitesourceExecuteScan_generated.go +++ b/cmd/whitesourceExecuteScan_generated.go @@ -369,7 +369,7 @@ func addWhitesourceExecuteScanFlags(cmd *cobra.Command, stepConfig *whitesourceE cmd.Flags().BoolVar(&stepConfig.FailOnSevereVulnerabilities, "failOnSevereVulnerabilities", true, "Whether to fail the step on severe vulnerabilties or not") cmd.Flags().StringSliceVar(&stepConfig.Includes, "includes", []string{}, "List of file path patterns to include in the scan.") cmd.Flags().StringVar(&stepConfig.InstallCommand, "installCommand", os.Getenv("PIPER_installCommand"), "Install command that can be used to populate the default docker image for some scenarios.") - cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://sap.github.io/SapMachine/latest/21/linux-x64/jre/`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.") + cmd.Flags().StringVar(&stepConfig.JreDownloadURL, "jreDownloadUrl", `https://github.com/SAP/SapMachine/releases/download/sapmachine-17.0.13/sapmachine-jre-17.0.13_linux-x64_bin.tar.gz`, "URL used for downloading the Java Runtime Environment (JRE) required to run the WhiteSource Unified Agent.") cmd.Flags().BoolVar(&stepConfig.LicensingVulnerabilities, "licensingVulnerabilities", true, "[NOT IMPLEMENTED] Whether license compliance is considered and reported as part of the assessment.") cmd.Flags().StringVar(&stepConfig.OrgToken, "orgToken", os.Getenv("PIPER_orgToken"), "WhiteSource token identifying your organization.") cmd.Flags().StringVar(&stepConfig.ProductName, "productName", os.Getenv("PIPER_productName"), "Name of the WhiteSource product used for results aggregation. This parameter is mandatory if the parameter `createProductFromPipeline` is set to `true` and the WhiteSource product does not yet exist. It is also mandatory if the parameter `productToken` is not provided.") @@ -692,7 +692,7 @@ func whitesourceExecuteScanMetadata() config.StepData { Type: "string", Mandatory: false, Aliases: []config.Alias{{Name: "whitesource/jreDownloadUrl", Deprecated: true}}, - Default: `https://sap.github.io/SapMachine/latest/21/linux-x64/jre/`, + Default: `https://github.com/SAP/SapMachine/releases/download/sapmachine-17.0.13/sapmachine-jre-17.0.13_linux-x64_bin.tar.gz`, }, { Name: "licensingVulnerabilities",