Sonatype would like to begin more widely dog fooding the new callflow feature as well as allow customers to try it out. It is already available and dcoumented as an experimental feature in the IQ CLI, but has not yet been made available via the Jenkins Plugin.
This exposes callflow as a new experimental feature in the jenkins plugin. It can be enabled through optional arguments passed to nexusPolicyEvaluation.
callflowConfiguration is optional. When not provided callflow will be invoked using the scanTargets that are produced from the iqScanPatterns.
Each of the parameters under callflowConfiguration are optional. callflowScanPatterns lets you set an alternative set of patterns to match on for callflow. callflowNamespaces let's you send a list of name spaces for callflow to use when limiting how it does it's analysis. additionalConfiguration is a map of String to Object which allows for passing in undocumented experimental configuration to callflow. This will primarily be used internally or when troubleshooting.
I have built the plugin on local alongside the new version of the nexus-java-api. I have deployed the plugin to a locally running jenkins docker container and tested against my changes in several scenarios:
with callflow disabled
with callflow enabled and all default options
with callflow enabled and various combinations of callflowConfiguration options
### Submitter checklist
- [X] Make sure you are opening from a **topic/feature/bugfix branch** (right side) and not your main branch!
- [X] Ensure that the pull request title represents the desired changelog entry
- [X] Please describe what you did
- [X] Link to relevant issues in GitHub or Jira
- [X] Link to relevant pull requests, esp. upstream and downstream changes (Downstream changes needed are merged)
- [X] Ensure you have provided tests - that demonstrates feature works or fixes the issue
Sonatype would like to begin more widely dog fooding the new callflow feature as well as allow customers to try it out. It is already available and dcoumented as an experimental feature in the IQ CLI, but has not yet been made available via the Jenkins Plugin.
This exposes callflow as a new experimental feature in the jenkins plugin. It can be enabled through optional arguments passed to nexusPolicyEvaluation.
for example:
runCallflow
defaults to falsecallflowConfiguration
is optional. When not provided callflow will be invoked using the scanTargets that are produced from the iqScanPatterns.Each of the parameters under callflowConfiguration are optional.
callflowScanPatterns
lets you set an alternative set of patterns to match on for callflow.callflowNamespaces
let's you send a list of name spaces for callflow to use when limiting how it does it's analysis.additionalConfiguration
is a map of String to Object which allows for passing in undocumented experimental configuration to callflow. This will primarily be used internally or when troubleshooting.Passing Build: https://jenkins.ci.sonatype.dev/job/integrations/job/jenkins/job/feature-snapshots/job/SDEV-941-Enable-Callflow-For-Jenkins-Plugin/6/
Jira Ticket: https://sonatype.atlassian.net/browse/SDEV-940
Testing done
I have built the plugin on local alongside the new version of the nexus-java-api. I have deployed the plugin to a locally running jenkins docker container and tested against my changes in several scenarios: