PDS-Solutions shall work with reduced visibility of variables

[de-jcup]

Situation

With

• 3142

• 3220

we reduced the visiblity/ stopped full inheritance for process environment variables.

But some PDS solutions need additional enviroment variables from the deployment side. E.g. pds solution for gosec needs the TOOL_FOLDER variable to find gosec - but crashes now

Wanted

All PDS solutions shall work again

Solution

Inside the solutions pds base image we have following environment entries:

DOWNLOAD_FOLDER
HELPER_FOLDER
MOCK_FOLDER
PDS_VERSION
PDS_FOLDER
SCRIPT_FOLDER
SHARED_VOLUMES
SHARED_VOLUME_UPLOAD_DIR
TOOL_FOLDER
WORKSPACE

• Check which of them must be available inside the dedicated solution
• where necessary add the variable to the product configuration in pds config

[de-jcup]

• DOWNLOAD_FOLDER (not necessary)
• HELPER_FOLDER only used by findsecuritybugs(prod), pds-base (mock), scancode (prod + mock), tern (mock)
• MOCK_FOLDER has every product mock but no real product
• PDS_VERSION only used by scancode for output
• PDS_FOLDER not used by any shell script
• SCRIPT_FOLDER used by pmd and gitleaks
• SHARED_VOLUMES not used by any shell script
• SHARED_VOLUME_UPLOAD_DIRonly used by base script for storage calculation but not necessary for dedicated solution
• TOOL_FOLDER added to all real products
• WORKSPACE is only used internally by pds base to setup PDS parameter