Skip to content

Commit

Permalink
feat(codeqlExecuteScan): added a feature to execute custom command (#…
Browse files Browse the repository at this point in the history
…4912)

* added running custom command

* go mod tidy

* added log with parsed command info

* fixed log format

---------

Co-authored-by: sumeet patil <[email protected]>
  • Loading branch information
daskuznetsova and sumeetpatil authored May 27, 2024
1 parent f7543be commit 8924b97
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 1 deletion.
26 changes: 26 additions & 0 deletions cmd/codeqlExecuteScan.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"github.com/SAP/jenkins-library/pkg/maven"
"github.com/SAP/jenkins-library/pkg/piperutils"
"github.com/SAP/jenkins-library/pkg/telemetry"
"github.com/google/shlex"
"github.com/pkg/errors"
)

Expand Down Expand Up @@ -139,6 +140,13 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
}
reports = append(reports, scanReports...)

if len(config.CustomCommand) > 0 {
err = runCustomCommand(utils, config.CustomCommand)
if err != nil {
return reports, err
}
}

repoInfo, err := codeql.GetRepoInfo(config.Repository, config.AnalyzedRef, config.CommitID,
config.TargetGithubRepoURL, config.TargetGithubBranchName)
if err != nil {
Expand Down Expand Up @@ -394,6 +402,24 @@ func uploadProjectToGitHub(config *codeqlExecuteScanOptions, repoInfo *codeql.Re
return nil
}

func runCustomCommand(utils codeqlExecuteScanUtils, command string) error {
log.Entry().Infof("custom command will be run: %s", command)
cmd, err := shlex.Split(command)
if err != nil {
log.Entry().WithError(err).Errorf("failed to parse custom command %s", command)
return err
}
log.Entry().Infof("Parsed command '%s' with %d arguments: ['%s']", cmd[0], len(cmd[1:]), strings.Join(cmd[1:], "', '"))

err = utils.RunExecutable(cmd[0], cmd[1:]...)
if err != nil {
log.Entry().WithError(err).Errorf("failed to run command %s", command)
return err
}
log.Entry().Info("Success.")
return nil
}

func checkForCompliance(scanResults []codeql.CodeqlFindings, config *codeqlExecuteScanOptions, repoInfo *codeql.RepoInfo) error {
for _, scanResult := range scanResults {
if scanResult.ClassificationName == codeql.AuditAll {
Expand Down
11 changes: 11 additions & 0 deletions cmd/codeqlExecuteScan_generated.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ require (
github.com/google/btree v1.0.1 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.2 // indirect
github.com/gorilla/mux v1.8.0 // indirect
Expand Down
7 changes: 7 additions & 0 deletions resources/metadata/codeqlExecuteScan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -233,6 +233,13 @@ spec:
- STEPS
- STAGES
- PARAMETERS
- name: customCommand
type: string
description: "A custom user-defined command to run between codeql analysis and results upload."
scope:
- STEPS
- STAGES
- PARAMETERS
containers:
- image: ""
outputs:
Expand Down

0 comments on commit 8924b97

Please sign in to comment.