Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new parser for Trivy #711

Merged
merged 77 commits into from
Jan 4, 2021
Merged

Add new parser for Trivy #711

merged 77 commits into from
Jan 4, 2021

Conversation

tofuatjava
Copy link
Contributor

be aware that a new analyser-version need to be used

uhafner and others added 30 commits December 9, 2020 15:38
@uhafner
Add ot-docker-lint.
0590985
@uhafner
Update documentation of reference builds.
1515f60 
In the upcoming release the reference build detection of the Forensic Plugin will be used.
@uhafner
Update forensics screen shot.
1e3b9d3
@uhafner
Add @post for all doFill methods.
e36b563
@uhafner
Add permission checks for all list models.
1e3629a
@uhafner
Fix unit test.
3ae6e4e
@uhafner
Update package-lock.json with latest version of fsevents.
afb891e
@uhafner
Simplify test.
69b1027
@uhafner
Add ot-docker-lint.
fb8eb72
@uhafner
Update documentation of reference builds.
628c4f6 
In the upcoming release the reference build detection of the Forensic Plugin will be used.
@uhafner
Update forensics screen shot.
43a34b9
@tofuatjava
parser registration for TrivyParser
fb21dfc
@uhafner
Bump version of plugin-utils to 1.6.0.
0e54ba9 
Use new architecture rule of plugin-utils to check `doFill` methods.
@uhafner
Improve naming of checkboxes. Remove descriptions.
5980537
@uhafner
Merge pull request jenkinsci#712 from jenkinsci/checkbox-names
bf22442 
Improve checkbox names
@uhafner
Ignore warning.
4451095
@ImgBotApp
[ImgBot] Optimize images
170f07a 
*Total -- 369.40kb -> 251.30kb (31.97%)

/doc/images/forensics-view.png -- 182.24kb -> 116.54kb (36.05%)
/doc/images/reference-step.png -- 50.57kb -> 35.43kb (29.93%)
/doc/images/reference-warnings.png -- 135.05kb -> 98.13kb (27.34%)
/plugin/src/main/webapp/icons/ot-docker-linter-48x48.png -- 1.54kb -> 1.20kb (22.57%)

Signed-off-by: ImgBotApp <[email protected]>
@uhafner
Merge pull request jenkinsci#710 from jenkinsci/post-for-doFill
2e203e6 
Security harding for UI model methods
@uhafner
Merge pull request jenkinsci#713 from jenkinsci/imgbot
e1a43dd 
[ImgBot] Optimize images
@dependabot
Bump codecov/codecov-action from v1.0.15 to v1.1.0
a44ec8f 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from v1.0.15 to v1.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](codecov/codecov-action@v1.0.15...7de43a7)

Signed-off-by: dependabot[bot] <[email protected]>
@uhafner
Merge pull request jenkinsci#715 from jenkinsci/dependabot/github_act…
6b55400 
…ions/codecov/codecov-action-v1.1.0

Bump codecov/codecov-action from v1.0.15 to v1.1.0
@uhafner
Improve documentation of forensics part.
aa1ac79
@dependabot
Bump xmlunit-assertj from 2.8.1 to 2.8.2
57f357d 
Bumps [xmlunit-assertj](https://github.com/xmlunit/xmlunit) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/xmlunit/xmlunit/releases)
- [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md)
- [Commits](xmlunit/xmlunit@v2.8.1...v2.8.2)

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump codecov/codecov-action from v1.1.0 to v1.1.1
c345a63 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from v1.1.0 to v1.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](codecov/codecov-action@v1.1.0...1fc7722)

Signed-off-by: dependabot[bot] <[email protected]>
@uhafner
Also check for permissions in check methods.
81d2844 
Downstream PR for jenkinsci/plugin-util-api-plugin#68.
@uhafner
Bump version of plugin-util to 1.6.1.
4d8c8d7
@uhafner
Merge pull request jenkinsci#718 from jenkinsci/dependabot/github_act…
1a649ad 
…ions/codecov/codecov-action-v1.1.1

Bump codecov/codecov-action from v1.1.0 to v1.1.1
@uhafner
Merge pull request jenkinsci#717 from jenkinsci/dependabot/maven/org.…
a9ca6b4 
…xmlunit-xmlunit-assertj-2.8.2

Bump xmlunit-assertj from 2.8.1 to 2.8.2
@uhafner
Fix test due to added security.
9706ae6
@uhafner
Ignore PMD warnings.
be6a9ab
@tofuatjava
Copy link
Contributor Author

how is the correct way to reference to an unreleased dependency of analysis-model?

@uhafner
Copy link
Member

uhafner commented Jan 1, 2021

You need to rebase your analysis-model PR with master, see error at the end of https://ci.jenkins.io/job/Plugins/job/analysis-model/job/PR-542/13/console.

Then we get an incremental version. This version can be used in a PR of the associated https://github.com/jenkinsci/analysis-model-api-plugin.

Then you can use this version in your PR.

@uhafner
Copy link
Member

uhafner commented Jan 3, 2021

You can now use the released version:

https://github.com/jenkinsci/analysis-model/releases/tag/v9.5.0

@codecov
Copy link

codecov bot commented Jan 3, 2021
edited
Loading

Codecov Report

Merging #711 (586a2bd) into master (ceb992f) will decrease coverage by 1.00%.
The diff coverage is 46.63%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #711      +/-   ##
============================================
- Coverage     80.72%   79.71%   -1.01%     
- Complexity     1504     1523      +19     
============================================
  Files           241      242       +1     
  Lines          5415     5570     +155     
  Branches        371      409      +38     
============================================
+ Hits           4371     4440      +69     
- Misses          888      967      +79     
- Partials        156      163       +7
Impacted Files Coverage Δ Complexity Δ
...ugins/analysis/core/columns/IssuesTotalColumn.java 76.04% <0.00%> (-0.81%) 22.00 <0.00> (ø)
...a/io/jenkins/plugins/analysis/core/model/Tool.java 70.27% <0.00%> (-4.02%) 10.00 <0.00> (ø)
...plugins/analysis/warnings/groovy/GroovyParser.java 67.96% <0.00%> (-5.77%) 16.00 <0.00> (ø)
...plugins/analysis/warnings/groovy/GroovyScript.java 55.00% <0.00%> (-6.12%) 5.00 <0.00> (ø)
...ns/analysis/core/steps/AnalysisStepDescriptor.java 10.00% <4.34%> (-8.19%) 2.00 <1.00> (+1.00) ⬇️
...lugins/analysis/warnings/axivion/AxivionSuite.java 4.49% <11.11%> (+1.00%) 0.00 <0.00> (ø)
...lugins/analysis/core/model/ReportScanningTool.java 77.63% <12.50%> (-6.43%) 19.00 <0.00> (ø)
...ins/plugins/analysis/warnings/tasks/OpenTasks.java 38.88% <16.66%> (-1.41%) 10.00 <0.00> (ø)
...lugins/analysis/warnings/DuplicateCodeScanner.java 81.81% <20.00%> (-3.73%) 6.00 <0.00> (ø)
...ns/plugins/analysis/core/steps/IssuesRecorder.java 67.87% <27.27%> (-5.44%) 83.00 <3.00> (+4.00) ⬇️
... and 9 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ceb992f...586a2bd. Read the comment docs.

uhafner
uhafner requested changes Jan 3, 2021
View reviewed changes
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Outdated Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Outdated Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Outdated Show resolved Hide resolved
plugin/src/main/java/io/jenkins/plugins/analysis/warnings/Trivy.java Show resolved Hide resolved
uhafner
uhafner requested changes Jan 4, 2021
View reviewed changes
Copy link
Member

@uhafner uhafner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please add a line to icons\License.txt that adds the license for the icon.

And please rerun the test ToolsLister so that the supported tools file will reflect the new changes.

plugin/src/main/resources/io/jenkins/plugins/analysis/warnings/Messages.properties Outdated Show resolved Hide resolved
@uhafner uhafner changed the title parser registration for TrivyParser Add new parser for Trivy Jan 4, 2021
@uhafner uhafner added the enhancement Enhancement of existing functionality label Jan 4, 2021
@uhafner uhafner mentioned this pull request Jan 4, 2021
Merged
@uhafner uhafner merged commit d2c891f into jenkinsci:master Jan 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uhafner uhafner uhafner approved these changes

Assignees
No one assigned
Labels
enhancement Enhancement of existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tofuatjava @uhafner @ImgBotApp @mrginglymus