SAP / jenkins-library

Jenkins shared library for Continuous Delivery pipelines.

https://www.project-piper.io

Apache License 2.0

777 stars 584 forks source link

fix(detectExecuteScan): do not read `imageNameTags` directly from CPE #4833

Closed pbusko closed 6 months ago

pbusko commented 6 months ago

Changes

Leftover from https://github.com/SAP/jenkins-library/pull/4678

This block of code also prevents users from setting imageNameTags directly as a property to the step (CPE will still be empty)

[ ] Tests
[ ] Documentation

pbusko commented 6 months ago

/it-go

sonarcloud[bot] commented 6 months ago

Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

pbusko commented 6 months ago

/it-go

vijayanjay commented 6 months ago

lgtm

@t-vijayan , what your thoughts ? , from a cpe perspective it makes sense

Looks fine from detect scan side too, since ImageNameTags is the resource ref parameter, no issues while performing detect scan for the container images. May be while providing support for custom images, we have need to consider resourceRef for this param.