2023 Dec 26 12:49 PM
Hi Team,
My requirement is to run white source scan on my TEST product for my PR Build and need to run white source scan on actual product for MASTER builds.
in config.yml i have added details for main product but based on my branch (PR/Master) i need to run white source on product passed via jenkin file. But It always get triggered on main product which is declared in config file.
can some please guide me how to to overwrite the product and token given in config file and can trigger white source scan on my interest product (like TEST/MAIN) ?
I have used below jenkins and config files
Jenkins:
if (env.BRANCH_NAME.startsWith('PR')) {
whitesourceExecuteScan script: this, whitesourceProductName: 'SHC - TEST CP REGISTEREDNAMEOFPROJECT', whitesourceProductToken: 'TOKENFORTEST'
}else {
whitesourceExecuteScan script: this, whitesourceProductName: 'SHC - CP REGISTEREDNAMEOFPROJECT', whitesourceProductToken: 'TOKENFORMAIN'
}
config.yml
whitesourceExecuteScan:
buildTool: 'maven'
whitesourceProductToken: TOKENFORMAIN
whitesourceProductName: SHC - CP REGISTEREDNAMEOFPROJECT
buildDescriptorExcludeList: ['pom.xml', 'assembly/pom.xml']
securityVulnerabilities: false
stashContent:
- buildDescriptor
- opensourceConfiguration
- classFiles
- checkmarx
- tests
2023 Dec 29 10:57 AM
Hi,
Have you double checked that this works:
if (env.BRANCH_NAME.startsWith('PR')) {
Do you explicitly call the branch 'PR ...'? Because Jenkins will create a run for you called PR-xyz, but that is not necessarily the branch name.
Otherwise it looks all correct to me. A passed parameter will always rank higher and overwrite any config field, to it should use the 'TOKENFORTEST' when passed as such. You could test this by removing the whitesourceProductToken field entirely from the config.yaml
2023 Dec 29 10:57 AM
Hi,
Have you double checked that this works:
if (env.BRANCH_NAME.startsWith('PR')) {
Do you explicitly call the branch 'PR ...'? Because Jenkins will create a run for you called PR-xyz, but that is not necessarily the branch name.
Otherwise it looks all correct to me. A passed parameter will always rank higher and overwrite any config field, to it should use the 'TOKENFORTEST' when passed as such. You could test this by removing the whitesourceProductToken field entirely from the config.yaml
2024 Jan 02 4:28 AM
Thanks for the suggestion. It worked. I mean,
If I remove whitesourceProductToken and whitesourceProductname entirely from config.yaml, then passed parameters from jenkins is taking in to considerationa and runs scan on the passed product.