[DO-1528] update svacer and svace (!69)
Co-authored-by: aleksandr.vodyanov <aleksandr.vodyanov@avroid.tech> Reviewed-on: https://git.avroid.tech/DevOps/jenkins-pipelines/pulls/69 Reviewed-by: Andrey Danin <andrey.danin@avroid.team>
This commit is contained in:
Aleksandr Vodyanov
@@ -4,9 +4,6 @@ import tech.avroid.api.Nexus
|
|||||||
import tech.avroid.scm.Git
|
import tech.avroid.scm.Git
|
||||||
|
|
||||||
String buildThreads = '28'
|
String buildThreads = '28'
|
||||||
String svacerVersion = '9-0-2'
|
|
||||||
String svaceCmd = "/data/opt/svace-${env.JENKINS_SVACE_VERSION}-x64-linux/bin/svace"
|
|
||||||
String svacerCmd = "/data/opt/svacer-${svacerVersion}/bin/svacer"
|
|
||||||
String svaceBuildResults = ''
|
String svaceBuildResults = ''
|
||||||
String commitShortSha = ''
|
String commitShortSha = ''
|
||||||
String ldapServer = 'FreeIPA'
|
String ldapServer = 'FreeIPA'
|
||||||
@@ -81,8 +78,8 @@ node('svace') {
|
|||||||
stage('Svace analyze') {
|
stage('Svace analyze') {
|
||||||
sh """
|
sh """
|
||||||
tar -xf ${svaceBuildResults}
|
tar -xf ${svaceBuildResults}
|
||||||
${svaceCmd} config --svace-dir ./${env.JENKINS_SVACE_BUILD_DIR} THREAD_NUMBER ${buildThreads}
|
svace config --svace-dir ./${env.JENKINS_SVACE_BUILD_DIR} THREAD_NUMBER ${buildThreads}
|
||||||
${svaceCmd} analyze --log-level brief --svace-dir ./${env.JENKINS_SVACE_BUILD_DIR}
|
svace analyze --log-level brief --svace-dir ./${env.JENKINS_SVACE_BUILD_DIR}
|
||||||
"""
|
"""
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -100,20 +97,20 @@ node('svace') {
|
|||||||
}
|
}
|
||||||
|
|
||||||
sh """
|
sh """
|
||||||
${svaceCmd} svres2sarif \
|
svace svres2sarif \
|
||||||
${env.JENKINS_SVACE_BUILD_DIR}/.svace-dir/analyze-res/svace_analysis.svres \
|
${env.JENKINS_SVACE_BUILD_DIR}/.svace-dir/analyze-res/svace_analysis.svres \
|
||||||
-o ${env.JENKINS_SVACE_SARIF_FILE}
|
-o ${env.JENKINS_SVACE_SARIF_FILE}
|
||||||
|
|
||||||
cd ${env.JENKINS_SVACE_BUILD_DIR}
|
cd ${env.JENKINS_SVACE_BUILD_DIR}
|
||||||
|
|
||||||
${svacerCmd} import --svace ${svaceCmd} \
|
svacer import --svace svace \
|
||||||
--project ${params.GIT_PROJECT} \
|
--project ${params.GIT_PROJECT} \
|
||||||
--branch ${branch} \
|
--branch ${branch} \
|
||||||
--snapshot "${commitShortSha} - `date -R`" \
|
--snapshot "${commitShortSha} - `date -R`" \
|
||||||
--source-tree ${env.WORKSPACE}/${params.GIT_PROJECT} \
|
--source-tree ${env.WORKSPACE}/${params.GIT_PROJECT} \
|
||||||
--if-no-branch clone-${mainBranch}
|
--if-no-branch clone-${mainBranch}
|
||||||
|
|
||||||
${svacerCmd} upload --ssl \
|
svacer upload --ssl \
|
||||||
--user ${VAULT_SVACER_LOGIN} \
|
--user ${VAULT_SVACER_LOGIN} \
|
||||||
--password ${VAULT_SVACER_PASS} \
|
--password ${VAULT_SVACER_PASS} \
|
||||||
--ldap_server ${ldapServer}
|
--ldap_server ${ldapServer}
|
||||||
|
|||||||
Reference in New Issue
Block a user