Package io.jenkins.plugins.google.analyze.code.security

Class CodeScanBuildStep

java.lang.Object

hudson.tasks.BuildStepCompatibilityLayer

hudson.tasks.Builder

io.jenkins.plugins.google.analyze.code.security.CodeScanBuildStep

All Implemented Interfaces:

ExtensionPoint, Describable<Builder>, BuildStep, SimpleBuildStep

public class CodeScanBuildStep
extends Builder
implements SimpleBuildStep

CodeScanBuildStep scans code file and reports vulnerabilities based on the security posture configured with GCP and plugin configuration.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	CodeScanBuildStep.BuildStepDescriptorImpl

Nested classes/interfaces inherited from interface hudson.tasks.BuildStep

BuildStep.PublisherList

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Nested classes/interfaces inherited from interface jenkins.tasks.SimpleBuildStep

SimpleBuildStep.LastBuildAction, SimpleBuildStep.LastBuildActionFactory

Field Summary

Fields inherited from interface hudson.tasks.BuildStep

BUILDERS, PUBLISHERS

Constructor Summary

Constructors

Constructor	Description
CodeScanBuildStep(String orgID, String scanFileName, String filePath, Integer scanTimeOut, Boolean failSilentlyOnPluginFailure, Boolean ignoreAssetViolation, List<AssetViolationConfig> assetViolationConfigs, ConfigAggregator configAggregator)

Method Summary

Modifier and Type	Method	Description
CodeScanBuildStep.BuildStepDescriptorImpl	getDescriptor()	Returns descriptor for CodeScanBuildStep.
Action	getProjectAction(AbstractProject<?,?> project)	No-op
@NonNull Collection<? extends Action>	getProjectActions(AbstractProject<?,?> project)	No-op hence returning empty collection.
Boolean	isConfigAggregatorAND()	Invoked by Jenkins UX to determine state of this.configAggregator.
Boolean	isIgnoreAssetViolation()	Invoked by Jenkins UX to determine state of this.ignoreAssetViolation.
boolean	perform(AbstractBuild<?,?> build, Launcher launcher, BuildListener listener)	Invoked at build step when CodeScanBuildStep is configured at build step.
boolean	prebuild(AbstractBuild<?,?> build, BuildListener listener)	No-op hence returning build status as success for all scenarios.

Methods inherited from class hudson.tasks.Builder

all, getRequiredMonitorService, prebuild

Methods inherited from class hudson.tasks.BuildStepCompatibilityLayer

getProjectAction, perform

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface hudson.tasks.BuildStep

getRequiredMonitorService

Methods inherited from interface jenkins.tasks.SimpleBuildStep

perform, perform, perform, requiresWorkspace

Constructor Detail

CodeScanBuildStep

@DataBoundConstructor
public CodeScanBuildStep(String orgID,
                         String scanFileName,
                         String filePath,
                         Integer scanTimeOut,
                         Boolean failSilentlyOnPluginFailure,
                         Boolean ignoreAssetViolation,
                         List<AssetViolationConfig> assetViolationConfigs,
                         ConfigAggregator configAggregator)

Method Detail

getDescriptor

public CodeScanBuildStep.BuildStepDescriptorImpl getDescriptor()

Returns descriptor for CodeScanBuildStep.

Specified by:

getDescriptor in interface Describable<Builder>

Overrides:

getDescriptor in class Builder

prebuild

public boolean prebuild(AbstractBuild<?,?> build,
                        BuildListener listener)

No-op hence returning build status as success for all scenarios.

Specified by:

prebuild in interface BuildStep

Overrides:

prebuild in class BuildStepCompatibilityLayer

getProjectActions

@NonNull
public @NonNull Collection<? extends Action> getProjectActions(AbstractProject<?,?> project)

No-op hence returning empty collection.

Specified by:

getProjectActions in interface BuildStep

Overrides:

getProjectActions in class BuildStepCompatibilityLayer

perform

public boolean perform(AbstractBuild<?,?> build,
                       Launcher launcher,
                       BuildListener listener)

Invoked at build step when CodeScanBuildStep is configured at build step. Scans code for vulnerabilities and publishes violation summary.

Specified by:

perform in interface BuildStep

Overrides:

perform in class BuildStepCompatibilityLayer

Returns:

build status to the build orchestrator.

getProjectAction

public Action getProjectAction(AbstractProject<?,?> project)

No-op

Specified by:

getProjectAction in interface BuildStep

Overrides:

getProjectAction in class BuildStepCompatibilityLayer

isIgnoreAssetViolation

public Boolean isIgnoreAssetViolation()

Invoked by Jenkins UX to determine state of this.ignoreAssetViolation. Defaults to `true` if found to be null.

isConfigAggregatorAND

public Boolean isConfigAggregatorAND()

Invoked by Jenkins UX to determine state of this.configAggregator. Defaults to ConfigAggregator.OR.