Merge pull request #216 from aquasecurity/pr_comments_jenkins_ci

Pr comments jenkins ci
aquasecurity · Sep 1, 2022 · beeb93c · beeb93c
2 parents 328d79e + 8c6a85e
commit beeb93c
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 9 deletions.
diff --git a/go.mod b/go.mod
@@ -5,7 +5,7 @@ go 1.18
 require (
 	github.com/aquasecurity/defsec v0.71.9
 	github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86
-	github.com/aquasecurity/go-git-pr-commenter v0.5.0
+	github.com/aquasecurity/go-git-pr-commenter v0.6.0
 	github.com/aquasecurity/trivy v0.31.2
 	github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63
 	github.com/argonsecurity/pipeline-parser v0.1.15

diff --git a/go.sum b/go.sum
@@ -206,8 +206,8 @@ github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86 h1:sc8h
 github.com/aquasecurity/go-dep-parser v0.0.0-20220815163410-fcf26eb92b86/go.mod h1:wwxn1SyOEY8W5hy8aDQDoExX+ybVsi+xfIllXz93+Fk=
 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM=
 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s=
-github.com/aquasecurity/go-git-pr-commenter v0.5.0 h1:rdyjAUyxZAQUK8zNJiHHzm2rnP3dSJH+i+58g9keZmc=
-github.com/aquasecurity/go-git-pr-commenter v0.5.0/go.mod h1:cHPlBrSN+KFsiZEetv3cckCTpCC01GQ/I5D8UPIEokY=
+github.com/aquasecurity/go-git-pr-commenter v0.6.0 h1:yUGwosfb1KXdLoZ2I2+0jxN0S4BL9eLNaj56co2QvKY=
+github.com/aquasecurity/go-git-pr-commenter v0.6.0/go.mod h1:cHPlBrSN+KFsiZEetv3cckCTpCC01GQ/I5D8UPIEokY=
 github.com/aquasecurity/go-mock-aws v0.0.0-20220726154943-99847deb62b0 h1:tihCUjLWkF0b1SAjAKcFltUs3SpsqGrLtI+Frye0D10=
 github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 h1:eveqE9ivrt30CJ7dOajOfBavhZ4zPqHcZe/4tKp0alc=
 github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798/go.mod h1:hxbJZtKlO4P8sZ9nztizR6XLoE33O+BkPmuYQ4ACyz0=

diff --git a/pkg/buildClient/comments.go b/pkg/buildClient/comments.go
@@ -14,6 +14,7 @@ import (
 	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/bitbucket"
 	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/github"
 	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/gitlab"
+	"github.com/aquasecurity/go-git-pr-commenter/pkg/commenter/jenkins"
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/metadata"
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/proto/buildsecurity"
 )
@@ -59,6 +60,12 @@ func prComments(buildSystem string, result []*buildsecurity.Result, avdUrlMap Re
 			return err
 		}
 		c = commenter.Repository(r)
+	case metadata.Jenkins:
+		r, err := jenkins.NewJenkins()
+		if err != nil {
+			return err
+		}
+		c = commenter.Repository(r)
 	default:
 		return nil
 	}

diff --git a/pkg/metadata/pr.go b/pkg/metadata/pr.go
@@ -20,7 +20,11 @@ func GetBaseRef() (r string) {
 	case Gitlab:
 		return os.Getenv("CI_MERGE_REQUEST_DIFF_BASE_SHA")
 	case Jenkins:
-		return fmt.Sprintf("origin/%s", os.Getenv("CHANGE_TARGET"))
+		bitbucketTargetBranch := os.Getenv("BITBUCKET_TARGET_BRANCH")
+		if bitbucketTargetBranch != "" {
+			return fmt.Sprintf("origin/%s", os.Getenv("BITBUCKET_TARGET_BRANCH"))
+		}
+		return "origin/master"
 	default:
 		return "origin/master"
 	}

diff --git a/pkg/runenv/consts.go b/pkg/runenv/consts.go
@@ -10,13 +10,14 @@ const (
 	gitlabCi = "GITLAB_CI"
 	gitlabPr = "CI_MERGE_REQUEST_IID"
 
-	jenkinsCi = "BUILD_TAG"
-	jenkinsPr = "CHANGE_TARGET"
+	jenkinsCi          = "BUILD_TAG"
+	jenkinsPr          = "CHANGE_TARGET"
+	jenkinsPrBitbucket = "BITBUCKET_TARGET_BRANCH"
 
 	azureCi = "BUILD_BUILDID"
 	azurePr = "SYSTEM_PULLREQUEST_PULLREQUESTID"
 )
 
 var ciEnvs = []string{githubCi, bitbucketCi, gitlabCi, jenkinsCi, azureCi}
 
-var prEnvs = []string{githubPr, bitbucketPr, gitlabPr, jenkinsPr, azurePr}
+var prEnvs = []string{githubPr, bitbucketPr, gitlabPr, jenkinsPr, azurePr, jenkinsPrBitbucket}
diff --git a/pkg/scanner/diff.go b/pkg/scanner/diff.go
@@ -7,8 +7,10 @@ import (
 	"strings"
 
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/git"
+	"github.com/aquasecurity/trivy-plugin-aqua/pkg/log"
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/metadata"
 	"github.com/pkg/errors"
+	"github.com/samber/lo"
 )
 
 const (
@@ -60,17 +62,22 @@ func createDiffScanFs() error {
 	}
 
 	if out != "" {
-		diffFiles := strings.Split(out, "\n")
+		diffFiles := lo.Filter(strings.Split(out, "\n"), func(diffFile string, _ int) bool {
+			return diffFile != ""
+		})
 		for _, v := range diffFiles {
 			var status, name, newName, dirName string
-			diffFile := strings.SplitAfter(v, "\t")
+			diffFile := strings.Fields(v)
 			status = strings.TrimSpace(diffFile[0])
 			switch len(diffFile) {
 			case 2:
 				name = strings.TrimSpace(diffFile[1])
 			case 3:
 				name = strings.TrimSpace(diffFile[1])
 				newName = strings.TrimSpace(diffFile[2])
+			default:
+				log.Logger.Debugf("Unknown git diff file format: %s", v)
+				continue
 			}
 
 			dirName = filepath.Dir(name)