SAP / jenkins-library

Jenkins shared library for Continuous Delivery pipelines.

https://www.project-piper.io

Apache License 2.0

780 stars 593 forks source link

Fix influx counter for whitesource #5133

Open tlefaix opened 1 month ago

tlefaix commented 1 month ago

Changes

In case of several projects scanned (like with mta), collectVulnsAndLibsForProject (and therefore checkProjectSecurityViolations) will be called several times (see : https://github.com/SAP/jenkins-library/blob/master/cmd/whitesourceExecuteScan.go#L657)

Current issue is that in this case, the influx metrics will only contains the results for the latest scanned project.

Change is to accumulate values from each projects instead of replacing the values.

I also amended the existing tests to validate that influx metrics contains the correct value at the end.

[x] Tests
[ ] Documentation

cla-assistant[bot] commented 1 month ago

All committers have signed the CLA.

sonarcloud[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarcloud[bot] commented 2 days ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud