search

jenkinsci / ibm-security-appscansource-scanner-plugin

Jenkins plugin for executing AppScan Source
https://plugins.jenkins.io/ibm-security-appscansource-scanner/
GNU General Public License v3.0
5 stars 7 forks source link

Custom scan file location #3

Closed james-hobbs closed 8 years ago

james-hobbs commented 8 years ago

Changes that allow for a custom scan file location.

2 modified - AppScanSourceBuilder.java config.jelly

1 added - help-ASE_URL.html

kevinfealey commented 8 years ago

James,

You've hard-coded the scan workspace on line 130 of AppScanSourceBuilder.java: String workSpace = "C:\\Program Files (x86)\\Jenkins\\jobs\\" + envVars.get("JOB_NAME") + "\\builds\\" + envVars.get("BUILD_NUMBER") + "\\";

You should get the default scan workspace with something like the following:

String jenkinsJobsDir = envVars.get("JENKINS_HOME") + "\\jobs";
String workSpace = jenkinsJobsDir + "\\" + envVars.get("JOB_NAME") + "\\builds\\" + envVars.get("BUILD_NUMBER") + "\\";

The value passed in is not used during scan execution. Instead, you just copy the resulting assessment file to the scan workspace on line 181.

The workspace path should be passed to the CLI script on line 148, and the copy of the assessment file should not be here.

cliScriptContent += "sc " + "\"" + workSpace + "\"" +System.lineSeparator();

I think we talked about simply copying the assessment file as you have done to test the publisher plugin before we had custom scan workspaces defined, but it is not the long-term solution we're looking for here.

kevinfealey commented 8 years ago

I just implemented the custom scan workspace option in: https://github.com/jenkinsci/ibm-security-appscansource-scanner-plugin/commit/f24cd59bb2972b075a10d9506947a87effb618a8

I did not use the optionalblock tag in config.jelly, since it looks a bit complicated. The following shows the probably solution, which is to create a new inner class to pass the optionalblock values: https://groups.google.com/forum/#!topic/jenkinsci-dev/0Nq_qL3P68c

but I didn't want to spend the time to figure it out. The solution I implemented is simpler and will have to be evaluated for the long-run.

You had a few other changes in your pull request, like updated help text for some input fields. I'll be integrating those changes in the next commit (hopefully tonight).

Edit: I added the help file you wrote to the master. I'm closing this pull request since all of its features have now been implemented in the baseline.