added logic of fetching golang private packages for whitesource step (S…

…AP#4595) * added logic of fetching golang private packages for whitesource step and detectExecuteScan step * changed logic of checking by config.PrivateModulesGitToken * moved func prepareGolangPrivatePackages to golangBuild.go * fix (gitOpsUpdateDeployment) add CA bundle options to plain clone and commit to trust enterprise github instances (SAP#4602) * downloading ca cert bundle when added as config * adding logging statements * allowing bats test to handle ca cert * adding info message * hard coding file names * including correct http client util bundle * removing logging message not needed * adding cert bundle to commit and push * improving the condition to add ca cert in commit and push * fixing unit test * fixing unit test * fixing unit test * fixing unit test * fixing unit test * feat(kanikoExecute): add dockerfilePath param to multipleImages (SAP#4569) * add containerDockerfilePath param to multipleImages * rename ContainerDockerfilePath param to DockerfilePath * Fix trailing spaces --------- Co-authored-by: Egor Balakin <[email protected]> Co-authored-by: Vyacheslav Starostin <[email protected]> * fix(helm): forward sourceRepositoryCredentialsId from groovy to go layer (SAP#4604) forward sourceRepositoryCredentialsId from groovy to go layer in the same way how this is done for the targetRepositoryCredentialsId * feat(config): exporting generateConfig function and applying minor changes (SAP#4605) * exporting generateConfig function and applying minor changes * Added setConfigOptions to set configOptions variable. Added possibility to set format output, json or yaml for now. * Correcting mistake on cmd/getDefaults.go Co-authored-by: Jordi van Liempt <[email protected]> --------- Co-authored-by: Jordi van Liempt <[email protected]> * moved func prepareGolangPrivatePackages to pkg/golang --------- Co-authored-by: Akramdzhon Azamov <[email protected]> Co-authored-by: Andrei Kireev <[email protected]> Co-authored-by: Anil Keshav <[email protected]> Co-authored-by: Egor Balakin <[email protected]> Co-authored-by: Egor Balakin <[email protected]> Co-authored-by: Vyacheslav Starostin <[email protected]> Co-authored-by: Marcus Holl <[email protected]> Co-authored-by: Jk1484 <[email protected]> Co-authored-by: Jordi van Liempt <[email protected]>
maxatsap · Jul 23, 2024 · 83be1a1 · 83be1a1
1 parent 4427eb7
commit 83be1a1
Show file tree

Hide file tree

Showing 11 changed files with 195 additions and 2 deletions.
diff --git a/cmd/detectExecuteScan.go b/cmd/detectExecuteScan.go
@@ -15,6 +15,7 @@ import (
 	bd "github.com/SAP/jenkins-library/pkg/blackduck"
 	"github.com/SAP/jenkins-library/pkg/command"
 	piperGithub "github.com/SAP/jenkins-library/pkg/github"
+	"github.com/SAP/jenkins-library/pkg/golang"
 	piperhttp "github.com/SAP/jenkins-library/pkg/http"
 	"github.com/SAP/jenkins-library/pkg/log"
 	"github.com/SAP/jenkins-library/pkg/maven"
@@ -138,6 +139,14 @@ func detectExecuteScan(config detectExecuteScanOptions, _ *telemetry.CustomData,
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}
+
+	if config.PrivateModules == "" && config.PrivateModulesGitToken != "" {
+		//configuring go private packages
+		if err := golang.PrepareGolangPrivatePackages("detectExecuteStep", config.PrivateModules, config.PrivateModulesGitToken); err != nil {
+			log.Entry().Warningf("couldn't set private packages for golang, error: %s", err.Error())
+		}
+	}
+
 	utils := newDetectUtils(client)
 	if err := runDetect(ctx, config, utils, influx); err != nil {
 		log.Entry().

diff --git a/cmd/detectExecuteScan_generated.go b/cmd/detectExecuteScan_generated.go
diff --git a/cmd/golangBuild_generated.go b/cmd/golangBuild_generated.go
diff --git a/cmd/whitesourceExecuteScan.go b/cmd/whitesourceExecuteScan.go
@@ -18,6 +18,7 @@ import (
 
 	"github.com/SAP/jenkins-library/pkg/command"
 	"github.com/SAP/jenkins-library/pkg/format"
+	"github.com/SAP/jenkins-library/pkg/golang"
 	"github.com/SAP/jenkins-library/pkg/log"
 	"github.com/SAP/jenkins-library/pkg/npm"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
@@ -157,6 +158,13 @@ func whitesourceExecuteScan(config ScanOptions, _ *telemetry.CustomData, commonP
 }
 
 func runWhitesourceExecuteScan(ctx context.Context, config *ScanOptions, scan *ws.Scan, utils whitesourceUtils, sys whitesource, commonPipelineEnvironment *whitesourceExecuteScanCommonPipelineEnvironment, influx *whitesourceExecuteScanInflux) error {
+	if config != nil && config.PrivateModules != "" && config.PrivateModulesGitToken != "" {
+		//configuring go private packages
+		if err := golang.PrepareGolangPrivatePackages("WhitesourceExecuteStep", config.PrivateModules, config.PrivateModulesGitToken); err != nil {
+			log.Entry().Warningf("couldn't set private packages for golang, error: %s", err.Error())
+		}
+	}
+
 	if err := resolveAggregateProjectName(config, scan, sys); err != nil {
 		return errors.Wrapf(err, "failed to resolve and aggregate project name")
 	}

diff --git a/cmd/whitesourceExecuteScan_generated.go b/cmd/whitesourceExecuteScan_generated.go
diff --git a/pkg/golang/golang.go b/pkg/golang/golang.go
@@ -0,0 +1,43 @@
+package golang
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/SAP/jenkins-library/pkg/command"
+)
+
+type utilsBundle struct {
+	command.Command
+}
+
+// prepare golang private packages for whitesource and blackduck(detectExecuteScan)
+func PrepareGolangPrivatePackages(stepName, privateModules, privateModulesGitToken string) error {
+	utils := &utilsBundle{
+		Command: command.Command{
+			StepName: stepName,
+		},
+	}
+	os.Setenv("GOPRIVATE", privateModules)
+	err := gitConfigurationForPrivateModules(privateModules, privateModulesGitToken, utils)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func gitConfigurationForPrivateModules(privateMod string, token string, utils *utilsBundle) error {
+	privateMod = strings.ReplaceAll(privateMod, "/*", "")
+	privateMod = strings.ReplaceAll(privateMod, "*.", "")
+	modules := strings.Split(privateMod, ",")
+	for _, v := range modules {
+		authenticatedRepoURL := fmt.Sprintf("https://%s@%s", token, v)
+		repoBaseURL := fmt.Sprintf("https://%s", v)
+		err := utils.RunExecutable("git", "config", "--global", fmt.Sprintf("url.%s.insteadOf", authenticatedRepoURL), repoBaseURL)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/resources/metadata/detectExecuteScan.yaml b/resources/metadata/detectExecuteScan.yaml
@@ -21,6 +21,9 @@ spec:
       - name: githubTokenCredentialsId
         description: Jenkins 'Secret text' credentials ID containing token to authenticate to GitHub.
         type: jenkins
+      - name: golangPrivateModulesGitTokenCredentialsId
+        description: Jenkins 'Username with password' credentials ID containing username/password for http access to your git repos where your go private modules are stored.
+        type: jenkins
     params:
       - name: token
         aliases:
@@ -489,6 +492,32 @@ spec:
           - PARAMETERS
           - STAGES
           - STEPS
+      - name: privateModules
+        type: "string"
+        description: Tells go which modules shall be considered to be private (by setting [GOPRIVATE](https://pkg.go.dev/cmd/go#hdr-Configuration_for_downloading_non_public_code)).
+        scope:
+          - GENERAL
+          - STEPS
+          - STAGES
+          - PARAMETERS
+        alias:
+          - goprivate
+      - name: privateModulesGitToken
+        description: GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line.
+        scope:
+          - GENERAL
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        type: string
+        secret: true
+        resourceRef:
+          - name: golangPrivateModulesGitTokenCredentialsId
+            type: secret
+            param: password
+          - type: vaultSecret
+            name: golangPrivateModulesGitTokenVaultSecret
+            default: golang
   outputs:
     resources:
       - name: influx

diff --git a/resources/metadata/golangBuild.yaml b/resources/metadata/golangBuild.yaml
@@ -209,6 +209,7 @@ spec:
         type: "string"
         description: Tells go which modules shall be considered to be private (by setting [GOPRIVATE](https://pkg.go.dev/cmd/go#hdr-Configuration_for_downloading_non_public_code)).
         scope:
+          - GENERAL
           - STEPS
           - STAGES
           - PARAMETERS

diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml
@@ -38,6 +38,9 @@ spec:
       - name: githubTokenCredentialsId
         description: Jenkins 'Secret text' credentials ID containing token to authenticate to GitHub.
         type: jenkins
+      - name: golangPrivateModulesGitTokenCredentialsId
+        description: Jenkins 'Username with password' credentials ID containing username/password for http access to your git repos where your go private modules are stored.
+        type: jenkins
     params:
       - name: agentDownloadUrl
         type: string
@@ -597,6 +600,32 @@ spec:
           - PARAMETERS
           - STAGES
           - STEPS
+      - name: privateModules
+        type: "string"
+        description: Tells go which modules shall be considered to be private (by setting [GOPRIVATE](https://pkg.go.dev/cmd/go#hdr-Configuration_for_downloading_non_public_code)).
+        scope:
+          - GENERAL
+          - STEPS
+          - STAGES
+          - PARAMETERS
+        alias:
+          - goprivate
+      - name: privateModulesGitToken
+        description: GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line.
+        scope:
+          - GENERAL
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        type: string
+        secret: true
+        resourceRef:
+          - name: golangPrivateModulesGitTokenCredentialsId
+            type: secret
+            param: password
+          - type: vaultSecret
+            name: golangPrivateModulesGitTokenVaultSecret
+            default: golang
     resources:
       - name: buildDescriptor
         type: stash

diff --git a/vars/detectExecuteScan.groovy b/vars/detectExecuteScan.groovy
@@ -12,7 +12,8 @@ void call(Map parameters = [:]) {
     parameters = DownloadCacheUtils.injectDownloadCacheInParameters(script, parameters, BuildTool.MAVEN)
     List credentials = [
         [type: 'token', id: 'detectTokenCredentialsId', env: ['PIPER_token']],
-        [type: 'token', id: 'githubTokenCredentialsId', env: ['PIPER_githubToken']]
+        [type: 'token', id: 'githubTokenCredentialsId', env: ['PIPER_githubToken']],
+        [type: 'usernamePassword', id: 'golangPrivateModulesGitTokenCredentialsId', env: ['PIPER_privateModulesGitUsername', 'PIPER_privateModulesGitToken']]
     ]
     piperExecuteBin(parameters, STEP_NAME, METADATA_FILE, credentials)
 }
diff --git a/vars/whitesourceExecuteScan.groovy b/vars/whitesourceExecuteScan.groovy
@@ -18,6 +18,7 @@ void call(Map parameters = [:]) {
         [type: 'token', id: 'userTokenCredentialsId', env: ['PIPER_userToken']],
         [type: 'token', id: 'githubTokenCredentialsId', env: ['PIPER_githubToken']],
         [type: 'file', id: 'dockerConfigJsonCredentialsId', env: ['PIPER_dockerConfigJSON']],
+        [type: 'usernamePassword', id: 'golangPrivateModulesGitTokenCredentialsId', env: ['PIPER_privateModulesGitUsername', 'PIPER_privateModulesGitToken']]
     ]
     piperExecuteBin(parameters, STEP_NAME, METADATA_FILE, credentials)
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -209,6 +209,7 @@ spec: @@
             type: "string"
             description: Tells go which modules shall be considered to be private (by setting [GOPRIVATE](https://pkg.go.dev/cmd/go#hdr-Configuration_for_downloading_non_public_code)).
             scope:
+              - GENERAL
               - STEPS
               - STAGES
               - PARAMETERS
@@ Expand Down @@