From 3abc68a1d5c49cd4e0a50bc80a6b144c465d6911 Mon Sep 17 00:00:00 2001 From: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com> Date: Wed, 11 Jan 2023 20:42:02 +0100 Subject: [PATCH 1/5] pin bootstrap-vue to 2.21.2 to repair filtering see https://github.com/bootstrap-vue/bootstrap-vue/issues/6967 --- CHANGELOG.md | 1 + package.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a7024cd..77aec149 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ ### ⚠ Breaking ### ⭐ New Features ### 🐞 Bugs Fixed +- Searching on the result page was partially broken due to [a bug in bootstrap-vue 2.22+](https://github.com/bootstrap-vue/bootstrap-vue/issues/6967) ## v4.2.0 - 2022-07-04 ### ⚠ Breaking diff --git a/package.json b/package.json index 11fa46dc..d1a53082 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "license": "Apache-2.0", "description": "Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components. This plug-in can publish supported Software Bill-of-Materials (SBOM) formats to Dependency-Track.", "dependencies": { - "bootstrap-vue": "^2.21.1", + "bootstrap-vue": "2.21.2", "echarts": "^5.0.0", "vue": "^2.6.12" } From 65059a1d81aa26330c14917f60b9c3a66949a19c Mon Sep 17 00:00:00 2001 From: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com> Date: Tue, 31 Jan 2023 19:53:07 +0100 Subject: [PATCH 2/5] support for parent-child-relationships of projects with Dependency-Track v4.7 and newer closes #139 --- CHANGELOG.md | 2 + .../plugins/DependencyTrack/ApiClient.java | 5 +++ .../DependencyTrack/DescriptorImpl.java | 2 +- .../DependencyTrack/ProjectParser.java | 1 + .../DependencyTrack/ProjectProperties.java | 37 +++++++++++++++++++ .../DependencyTrack/model/Project.java | 1 + .../ProjectProperties/config.jelly | 3 ++ .../ProjectProperties/config.properties | 1 + .../ProjectProperties/config_de.properties | 1 + .../ProjectProperties/help-parentId.html | 3 ++ .../ProjectProperties/help-parentId_de.html | 3 ++ .../DependencyTrack/ApiClientTest.java | 4 +- .../ProjectPropertiesTest.java | 31 ++++++++++++++++ 13 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId.html create mode 100644 src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId_de.html diff --git a/CHANGELOG.md b/CHANGELOG.md index 77aec149..8dfc1f8e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ ## Unreleased ### ⚠ Breaking ### ⭐ New Features +- Added support for parent-child-relationships of projects with Dependency-Track v4.7 and newer (fixes [#139](https://github.com/jenkinsci/dependency-track-plugin/issues/139)) + ### 🐞 Bugs Fixed - Searching on the result page was partially broken due to [a bug in bootstrap-vue 2.22+](https://github.com/bootstrap-vue/bootstrap-vue/issues/6967) diff --git a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ApiClient.java b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ApiClient.java index 8fa20a5a..03d69212 100644 --- a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ApiClient.java +++ b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ApiClient.java @@ -327,6 +327,11 @@ public void updateProjectProperties(@NonNull final String projectUuid, @NonNull rawProject.elementOpt("group", properties.getGroup()); // overwrite description only if it is set (means not null) rawProject.elementOpt("description", properties.getDescription()); + // set new parent project if it is set (means not null) + if (properties.getParentId() != null) { + JSONObject newParent = new JSONObject().elementOpt("uuid", properties.getParentId()); + rawProject.element("parent", newParent); + } // 3. update project updateProject(projectUuid, rawProject); } diff --git a/src/main/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImpl.java b/src/main/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImpl.java index dd0bb8f6..e413c675 100644 --- a/src/main/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImpl.java +++ b/src/main/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImpl.java @@ -69,7 +69,7 @@ */ @Extension @Symbol("dependencyTrackPublisher") // This indicates to Jenkins that this is an implementation of an extension point. -public final class DescriptorImpl extends BuildStepDescriptor implements Serializable { +public class DescriptorImpl extends BuildStepDescriptor implements Serializable { private static final long serialVersionUID = -2018722914973282748L; diff --git a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectParser.java b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectParser.java index c9db5d5a..881c438f 100644 --- a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectParser.java +++ b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectParser.java @@ -44,6 +44,7 @@ Project parse(final JSONObject json) { .active(activeStr != null ? Boolean.parseBoolean(activeStr) : null) .swidTagId(getKeyOrNull(json, "swidTagId")) .group(getKeyOrNull(json, "group")) + .parent(json.has("parent") ? ProjectParser.parse(json.getJSONObject("parent")) : null) .build(); } diff --git a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectProperties.java b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectProperties.java index bfa31cac..0642d2ff 100644 --- a/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectProperties.java +++ b/src/main/java/org/jenkinsci/plugins/DependencyTrack/ProjectProperties.java @@ -16,19 +16,27 @@ package org.jenkinsci.plugins.DependencyTrack; import edu.umd.cs.findbugs.annotations.NonNull; +import edu.umd.cs.findbugs.annotations.Nullable; import hudson.Extension; +import hudson.RelativePath; import hudson.model.AbstractDescribableImpl; import hudson.model.Descriptor; +import hudson.model.Item; +import hudson.util.ListBoxModel; import java.io.Serializable; import java.util.Collection; import java.util.List; import java.util.stream.Collectors; import java.util.stream.Stream; +import jenkins.model.Jenkins; import lombok.EqualsAndHashCode; import lombok.Getter; import org.apache.commons.lang.StringUtils; +import org.kohsuke.stapler.AncestorInPath; import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; +import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.verb.POST; import static org.jenkinsci.plugins.DependencyTrack.PluginUtil.areAllElementsOfType; @@ -46,22 +54,32 @@ public final class ProjectProperties extends AbstractDescribableImpl tags; /** * SWID Tag ID for the project */ + @Nullable private String swidTagId; /** * Group to set for the project */ + @Nullable private String group; /** * Description to set for the project */ + @Nullable private String description; + + /** + * UUID of the parent project + */ + @Nullable + private String parentId; @NonNull public List getTags() { @@ -111,6 +129,11 @@ public void setDescription(final String description) { this.description = StringUtils.trimToNull(description); } + @DataBoundSetter + public void setParentId(final String parentId) { + this.parentId = StringUtils.trimToNull(parentId); + } + @NonNull public String getTagsAsText() { return StringUtils.join(getTags(), System.lineSeparator()); @@ -129,5 +152,19 @@ private List normalizeTags(final Collection values) { @Extension public static class DescriptorImpl extends Descriptor { + + /** + * Retrieve the projects to populate the dropdown. + * + * @param dependencyTrackUrl the base URL to Dependency-Track + * @param dependencyTrackApiKey the API key to use for authentication + * @param item used to lookup credentials in job config + * @return ListBoxModel + */ + @POST + public ListBoxModel doFillParentIdItems(@RelativePath("..") @QueryParameter final String dependencyTrackUrl, @RelativePath("..") @QueryParameter final String dependencyTrackApiKey, @AncestorInPath @Nullable final Item item) { + org.jenkinsci.plugins.DependencyTrack.DescriptorImpl pluginDescriptor = Jenkins.get().getDescriptorByType(org.jenkinsci.plugins.DependencyTrack.DescriptorImpl.class); + return pluginDescriptor.doFillProjectIdItems(dependencyTrackUrl, dependencyTrackApiKey, item); + } } } diff --git a/src/main/java/org/jenkinsci/plugins/DependencyTrack/model/Project.java b/src/main/java/org/jenkinsci/plugins/DependencyTrack/model/Project.java index cf75498c..2051d2c8 100644 --- a/src/main/java/org/jenkinsci/plugins/DependencyTrack/model/Project.java +++ b/src/main/java/org/jenkinsci/plugins/DependencyTrack/model/Project.java @@ -23,4 +23,5 @@ public class Project implements Serializable { private Boolean active; private String swidTagId; private String group; + private Project parent; } diff --git a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.jelly b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.jelly index d5d46036..210c25c7 100644 --- a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.jelly +++ b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.jelly @@ -28,5 +28,8 @@ limitations under the License. + + + diff --git a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.properties b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.properties index 827cc021..f5088828 100644 --- a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.properties +++ b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config.properties @@ -16,3 +16,4 @@ tags=Tags swidTagId=SWID Tag ID group=Namespace / Group / Vendor description=Description +parentId=Parent project \ No newline at end of file diff --git a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config_de.properties b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config_de.properties index 79575254..3b52dc75 100644 --- a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config_de.properties +++ b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/config_de.properties @@ -16,3 +16,4 @@ tags=Tags swidTagId=SWID Tag ID group=Namensraum / Gruppe / Hersteller description=Beschreibung +parentId=\u00dcbergeordnetes Projekt \ No newline at end of file diff --git a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId.html b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId.html new file mode 100644 index 00000000..10f6cab2 --- /dev/null +++ b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId.html @@ -0,0 +1,3 @@ +
+ The ID (UUID) of the parent project. +
diff --git a/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId_de.html b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId_de.html new file mode 100644 index 00000000..8e07eccc --- /dev/null +++ b/src/main/resources/org/jenkinsci/plugins/DependencyTrack/ProjectProperties/help-parentId_de.html @@ -0,0 +1,3 @@ +
+ Die ID (UUID) des übergeordneten Projektes. +
diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ApiClientTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ApiClientTest.java index 0ba929b8..29c9bd41 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ApiClientTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ApiClientTest.java @@ -359,7 +359,7 @@ public void updateProjectPropertiesTest() throws ApiClientException, Interrupted .get(ApiClient.PROJECT_URL + "/uuid-3", (request, response) -> { assertThat(request.requestHeaders().contains(ApiClient.API_KEY_HEADER, API_KEY, false)).isTrue(); assertThat(request.requestHeaders().contains(HttpHeaderNames.ACCEPT, HttpHeaderValues.APPLICATION_JSON, true)).isTrue(); - return response.sendString(Mono.just("{\"name\":\"test-project\",\"uuid\":\"uuid-3\",\"version\":\"1.2.3\",\"tags\":[{\"name\":\"tag1\"},{\"name\":\"tag2\"}]}")); + return response.sendString(Mono.just("{\"name\":\"test-project\",\"uuid\":\"uuid-3\",\"version\":\"1.2.3\",\"tags\":[{\"name\":\"tag1\"},{\"name\":\"tag2\"}],\"parent\":{\"uuid\":\"old-parent\"}}")); }) .post(ApiClient.PROJECT_URL, (request, response) -> { assertThat(request.requestHeaders().contains(ApiClient.API_KEY_HEADER, API_KEY, false)).isTrue(); @@ -380,6 +380,7 @@ public void updateProjectPropertiesTest() throws ApiClientException, Interrupted props.setSwidTagId("my swid tag id"); props.setGroup("my group"); props.setDescription("my description"); + props.setParentId("parent-uuid"); assertThatCode(() -> uut.updateProjectProperties("uuid-3", props)).doesNotThrowAnyException(); completionSignal.await(5, TimeUnit.SECONDS); @@ -388,6 +389,7 @@ public void updateProjectPropertiesTest() throws ApiClientException, Interrupted assertThat(project.getSwidTagId()).isEqualTo(props.getSwidTagId()); assertThat(project.getGroup()).isEqualTo(props.getGroup()); assertThat(project.getDescription()).isEqualTo(props.getDescription()); + assertThat(project.getParent()).hasFieldOrPropertyWithValue("uuid", props.getParentId()); } @Test diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ProjectPropertiesTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ProjectPropertiesTest.java index 93bd3e8f..f9760a08 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ProjectPropertiesTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ProjectPropertiesTest.java @@ -15,15 +15,22 @@ */ package org.jenkinsci.plugins.DependencyTrack; +import hudson.util.ReflectionUtils; +import java.lang.reflect.Field; import java.util.Collections; import java.util.List; import java.util.Set; import java.util.stream.Collectors; import java.util.stream.Stream; +import jenkins.model.Jenkins; +import org.junit.jupiter.api.Nested; import org.junit.jupiter.api.Test; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatCode; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; /** * @@ -70,8 +77,32 @@ void verifyEmptyStringsShallBeNull() { uut.setDescription(""); uut.setGroup("\t"); uut.setSwidTagId(System.lineSeparator()); + uut.setParentId(" "); assertThat(uut.getDescription()).isNull(); assertThat(uut.getGroup()).isNull(); assertThat(uut.getSwidTagId()).isNull(); + assertThat(uut.getParentId()).isNull(); + } + + @Nested + class DescriptorImplTest { + + @Test + void doFillParentIdItemsTest() throws Exception { + Field instanceField = ReflectionUtils.findField(Jenkins.class, "theInstance", Jenkins.class); + ReflectionUtils.makeAccessible(instanceField); + Jenkins origJenkins = (Jenkins) instanceField.get(null); + Jenkins mockJenkins = mock(Jenkins.class); + ReflectionUtils.setField(instanceField, null, mockJenkins); + org.jenkinsci.plugins.DependencyTrack.DescriptorImpl descriptorMock = mock(org.jenkinsci.plugins.DependencyTrack.DescriptorImpl.class); + when(mockJenkins.getDescriptorByType(org.jenkinsci.plugins.DependencyTrack.DescriptorImpl.class)).thenReturn(descriptorMock); + ProjectProperties.DescriptorImpl uut = new ProjectProperties.DescriptorImpl(); + + uut.doFillParentIdItems("url", "key", null); + + ReflectionUtils.setField(instanceField, null, origJenkins); + verify(mockJenkins).getDescriptorByType(org.jenkinsci.plugins.DependencyTrack.DescriptorImpl.class); + verify(descriptorMock).doFillProjectIdItems("url", "key", null); + } } } From 09625c05969cc95b34fac505199e995af9e60a3c Mon Sep 17 00:00:00 2001 From: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com> Date: Tue, 31 Jan 2023 19:54:30 +0100 Subject: [PATCH 3/5] `JenkinsRule` is sufficient here --- .../plugins/DependencyTrack/DependencyTrackPublisherTest.java | 4 ++-- .../jenkinsci/plugins/DependencyTrack/DescriptorImplTest.java | 4 ++-- .../org/jenkinsci/plugins/DependencyTrack/JobActionTest.java | 4 ++-- .../jenkinsci/plugins/DependencyTrack/ResultActionTest.java | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/DependencyTrackPublisherTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/DependencyTrackPublisherTest.java index a6c924a3..e215acd0 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/DependencyTrackPublisherTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/DependencyTrackPublisherTest.java @@ -27,7 +27,6 @@ import hudson.model.Run; import hudson.model.TaskListener; import hudson.util.Secret; -import io.jenkins.plugins.casc.misc.JenkinsConfiguredRule; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; @@ -44,6 +43,7 @@ import org.junit.Test; import org.junit.rules.TemporaryFolder; import org.junit.runner.RunWith; +import org.jvnet.hudson.test.JenkinsRule; import org.mockito.Mock; import org.mockito.junit.MockitoJUnitRunner.StrictStubs; @@ -70,7 +70,7 @@ public class DependencyTrackPublisherTest { public TemporaryFolder tmpDir = new TemporaryFolder(); @Rule - public JenkinsConfiguredRule r = new JenkinsConfiguredRule(); + public JenkinsRule r = new JenkinsRule(); @Mock private Run build; diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImplTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImplTest.java index 72f5d365..68ff6f55 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImplTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/DescriptorImplTest.java @@ -29,7 +29,6 @@ import hudson.util.ListBoxModel; import hudson.util.Secret; import hudson.util.VersionNumber; -import io.jenkins.plugins.casc.misc.JenkinsConfiguredRule; import java.io.IOException; import java.util.ArrayList; import java.util.List; @@ -43,6 +42,7 @@ import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; +import org.jvnet.hudson.test.JenkinsRule; import org.jvnet.hudson.test.MockAuthorizationStrategy; import org.kohsuke.stapler.StaplerRequest; import org.mockito.Mock; @@ -65,7 +65,7 @@ public class DescriptorImplTest { @Rule - public JenkinsConfiguredRule r = new JenkinsConfiguredRule(); + public JenkinsRule r = new JenkinsRule(); @Mock private ApiClient client; diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/JobActionTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/JobActionTest.java index 8f35ff81..3b9db686 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/JobActionTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/JobActionTest.java @@ -24,7 +24,6 @@ import hudson.security.ACLContext; import hudson.security.AccessDeniedException3; import hudson.util.RunList; -import io.jenkins.plugins.casc.misc.JenkinsConfiguredRule; import java.io.IOException; import java.util.Arrays; import java.util.Collections; @@ -34,6 +33,7 @@ import org.jenkinsci.plugins.DependencyTrack.model.SeverityDistribution; import org.junit.Rule; import org.junit.Test; +import org.jvnet.hudson.test.JenkinsRule; import org.jvnet.hudson.test.MockAuthorizationStrategy; import static org.assertj.core.api.Assertions.assertThat; @@ -49,7 +49,7 @@ public class JobActionTest { @Rule - public JenkinsConfiguredRule j = new JenkinsConfiguredRule(); + public JenkinsRule j = new JenkinsRule(); @Test public void isTrendVisible() { diff --git a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ResultActionTest.java b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ResultActionTest.java index e1726e6c..42454bb2 100644 --- a/src/test/java/org/jenkinsci/plugins/DependencyTrack/ResultActionTest.java +++ b/src/test/java/org/jenkinsci/plugins/DependencyTrack/ResultActionTest.java @@ -22,7 +22,6 @@ import hudson.security.ACL; import hudson.security.ACLContext; import hudson.security.AccessDeniedException3; -import io.jenkins.plugins.casc.misc.JenkinsConfiguredRule; import java.io.File; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -35,6 +34,7 @@ import org.jenkinsci.plugins.DependencyTrack.model.SeverityDistribution; import org.junit.Rule; import org.junit.Test; +import org.jvnet.hudson.test.JenkinsRule; import org.jvnet.hudson.test.MockAuthorizationStrategy; import static org.assertj.core.api.Assertions.assertThat; @@ -48,7 +48,7 @@ public class ResultActionTest { @Rule - public JenkinsConfiguredRule j = new JenkinsConfiguredRule(); + public JenkinsRule j = new JenkinsRule(); private List getTestFindings() { File findings = new File("src/test/resources/findings.json"); From 6aad5cc9a7fefd9973bf366121bc6ee1ffd9762d Mon Sep 17 00:00:00 2001 From: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com> Date: Wed, 1 Feb 2023 19:45:28 +0100 Subject: [PATCH 4/5] update nodejs --- .github/workflows/ci-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 33db8b75..2c821717 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -22,7 +22,7 @@ jobs: - name: Set up Node.js uses: actions/setup-node@v3 with: - node-version: '16' + node-version: 'lts/Hydrogen' - name: Cache Maven packages uses: actions/cache@v3 with: From 535bfa48081642a6db52f03d4fcbcfda142cc1a2 Mon Sep 17 00:00:00 2001 From: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com> Date: Wed, 1 Feb 2023 20:20:58 +0100 Subject: [PATCH 5/5] run Sonar only if required secrets are available skip Sonar and perform build without it if secrets are missing (e.g. for PRs from forks) or the PR is from dependabot fixes #134 --- .github/workflows/ci-build.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 2c821717..6f1aa20e 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -29,15 +29,24 @@ jobs: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - - name: Build with Maven and Sonar - if: matrix.java == '11' && github.repository == 'jenkinsci/dependency-track-plugin' && !startsWith(github.head_ref, 'dependabot/') + - name: check Sonar pre-conditions + id: check_sonar + continue-on-error: true + env: + SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} + SONAR_ORGANIZATION: ${{ secrets.SONARCLOUD_ORGANIZATION }} + run: test "${SONAR_ORGANIZATION}" -a "${SONAR_TOKEN}" + shell: bash + - name: Build with Sonar + id: build_sonar + if: matrix.java == '11' && steps.check_sonar.outcome == 'success' && !startsWith(github.head_ref, 'dependabot/') env: SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} SONAR_ORGANIZATION: ${{ secrets.SONARCLOUD_ORGANIZATION }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: mvn -B clean test verify package org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectKey=org.jenkins-ci.plugins:dependency-track -Dsonar.organization=$SONAR_ORGANIZATION -Dsonar.login=$SONAR_TOKEN - - name: Build with Maven - if: matrix.java == '11' && ( github.repository != 'jenkinsci/dependency-track-plugin' || startsWith(github.head_ref, 'dependabot/') ) + - name: Build without Sonar + if: steps.build_sonar.conclusion == 'skipped' run: mvn -B clean test verify package - uses: actions/upload-artifact@v3 if: success()