Merge pull request #3181 from mercedes-benz/develop

Merge `develop` into `master` for client hotfix release
mercedes-benz · May 31, 2024 · b3994cc · b3994cc
2 parents 0c54b9b + 4409875
commit b3994cc
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 9 deletions.
diff --git a/sechub-cli/src/mercedes-benz.com/sechub/cli/sechubconfig.go b/sechub-cli/src/mercedes-benz.com/sechub/cli/sechubconfig.go
@@ -19,13 +19,14 @@ import (
 // so Webscan, InfraScan are not handled here (but still uploaded)
 // Only code scan is necessary, because determination necessary if there is an upload necessary or not.
 type SecHubConfig struct {
-	APIVersion string                `json:"apiVersion"`
-	User       string                `json:"user"`
-	ProjectID  string                `json:"project"`
-	Server     string                `json:"server"`
-	CodeScan   CodeScanConfig        `json:"codeScan"`
-	SecretScan SecretScanConfig      `json:"secretScan"`
-	Data       DataSectionScanConfig `json:"data"`
+	APIVersion  string                `json:"apiVersion"`
+	User        string                `json:"user"`
+	ProjectID   string                `json:"project"`
+	Server      string                `json:"server"`
+	CodeScan    CodeScanConfig        `json:"codeScan"`
+	LicenseScan LicenseScanConfig     `json:"licenseScan"`
+	SecretScan  SecretScanConfig      `json:"secretScan"`
+	Data        DataSectionScanConfig `json:"data"`
 }
 
 type DataSectionScanConfig struct {
@@ -60,6 +61,11 @@ type CodeScanConfig struct {
 	////////////////////////////////
 }
 
+// SecretScanConfig - definition of a secrets scan
+type LicenseScanConfig struct {
+	Use []string `json:"use"`
+}
+
 // SecretScanConfig - definition of a secrets scan
 type SecretScanConfig struct {
 	Use []string `json:"use"`
@@ -162,10 +168,11 @@ func adjustSourceFilterPatterns(context *Context) {
 	for i, item := range context.sechubConfig.Data.Sources {
 
 		if slices.Contains(context.sechubConfig.SecretScan.Use, item.Name) {
-			// Clear all source code patterns for secrets scans
+			// Clear upload filter for secrets scans
 			context.sechubConfig.Data.Sources[i].SourceCodePatterns =
 				adjustSourceFilterPatternsWhitelistAll(item.SourceCodePatterns, true)
-		} else if slices.Contains(context.sechubConfig.CodeScan.Use, item.Name) {
+		} else if slices.Contains(context.sechubConfig.CodeScan.Use, item.Name) ||
+			slices.Contains(context.sechubConfig.LicenseScan.Use, item.Name) {
 			// Append default source code patterns for code scans
 			context.sechubConfig.Data.Sources[i].SourceCodePatterns =
 				adjustSourceFilterPatternsWhitelistAll(item.SourceCodePatterns, context.config.whitelistAll)

diff --git a/sechub-cli/src/mercedes-benz.com/sechub/cli/sechubconfig_test.go b/sechub-cli/src/mercedes-benz.com/sechub/cli/sechubconfig_test.go
@@ -649,3 +649,42 @@ func Example_adjustSourceFilterPatterns_Secretscan_SCMHistory() {
 	// Output:
 	// [**/src-exclude1/** **/src-exclude2/** **/test/** **/node_modules/** *.a *.so]
 }
+
+func Example_adjustSourceFilterPatterns_licenseScan() {
+	/* prepare */
+	var context Context
+	var config Config
+	context.config = &config
+	config.whitelistAll = false
+
+	// Override global DefaultSourceCodeAllowedFilePatterns to get reproducable results
+	DefaultSourceCodeAllowedFilePatterns = []string{".a", ".b", ".c"}
+
+	sechubJSON := `
+	{
+		"data": {
+			"sources": [
+				{
+					"name": "mysources",
+					"fileSystem": { "folders": [ "." ] }
+				}
+			]
+		},
+		"licenseScan": {	"use": [ "mysources" ] }
+	}
+	`
+	sechubConfig := newSecHubConfigFromBytes([]byte(sechubJSON))
+	context.sechubConfig = &sechubConfig
+
+	/* execute */
+	adjustSourceFilterPatterns(&context)
+
+	/* test */
+	for _, i := range context.sechubConfig.Data.Sources {
+		fmt.Println(i.Name, i.SourceCodePatterns)
+	}
+	// The list must contain DefaultSourceCodeAllowedFilePatterns
+
+	// Output:
+	// mysources [.a .b .c]
+}