CONTRAST-21810

jenkinsci · Mar 30, 2018 · cfa4b7e · cfa4b7e
1 parent 929079a
commit cfa4b7e
Show file tree

Hide file tree

Showing 6 changed files with 46 additions and 15 deletions.
diff --git a/src/main/java/com/aspectsecurity/contrast/contrastjenkins/ContrastPluginConfig.java b/src/main/java/com/aspectsecurity/contrast/contrastjenkins/ContrastPluginConfig.java
@@ -7,8 +7,10 @@
 import hudson.model.AbstractProject;
 import hudson.model.JobProperty;
 import hudson.model.JobPropertyDescriptor;
+import hudson.model.Result;
 import hudson.util.CopyOnWriteList;
 import hudson.util.FormValidation;
+import hudson.util.ListBoxModel;
 import jenkins.model.Jenkins;
 import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
@@ -247,5 +249,18 @@ public FormValidation doCheckApplicationName(@QueryParameter String value) {
         public String getDisplayName() {
             return "Contrast Plugin Configuration";
         }
+
+
+        public ListBoxModel doFillVulnerableBuildResultItems() {
+            ListBoxModel items = new ListBoxModel();
+
+            items.add(Result.FAILURE.toString());
+            items.add(Result.SUCCESS.toString());
+            items.add(Result.UNSTABLE.toString());
+            items.add(Result.NOT_BUILT.toString());
+            items.add(Result.ABORTED.toString());
+
+            return items;
+        }
     }
 }
diff --git a/src/main/java/com/aspectsecurity/contrast/contrastjenkins/TeamServerProfile.java b/src/main/java/com/aspectsecurity/contrast/contrastjenkins/TeamServerProfile.java
@@ -28,9 +28,11 @@ public class TeamServerProfile {
 
     private boolean failOnWrongApplicationName;
 
+    private String vulnerableBuildResult;
+
     @DataBoundConstructor
     public TeamServerProfile(String name, String username, String apiKey, String serviceKey,
-                             String teamServerUrl, String orgUuid, String applicationName, boolean failOnWrongApplicationName) {
+                             String teamServerUrl, String orgUuid, String applicationName, boolean failOnWrongApplicationName, String vulnerableBuildResult) {
         this.name = name;
         this.username = username;
         this.apiKey = apiKey;
@@ -39,5 +41,6 @@ public TeamServerProfile(String name, String username, String apiKey, String ser
         this.orgUuid = orgUuid;
         this.applicationName = applicationName;
         this.failOnWrongApplicationName = failOnWrongApplicationName;
+        this.vulnerableBuildResult = vulnerableBuildResult;
     }
 }
diff --git a/src/main/java/com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendRecorder.java b/src/main/java/com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendRecorder.java
@@ -10,10 +10,7 @@
 import hudson.AbortException;
 import hudson.Extension;
 import hudson.Launcher;
-import hudson.model.AbstractBuild;
-import hudson.model.AbstractProject;
-import hudson.model.Action;
-import hudson.model.BuildListener;
+import hudson.model.*;
 import hudson.tasks.BuildStepDescriptor;
 import hudson.tasks.BuildStepMonitor;
 import hudson.tasks.Publisher;
@@ -27,13 +24,7 @@
 import org.kohsuke.stapler.StaplerRequest;
 
 import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
+import java.util.*;
 
 
 /**
@@ -111,7 +102,13 @@ public boolean perform(AbstractBuild<?, ?> build, Launcher launcher, final Build
                 // save results before failing build
                 buildResult(resultTraces, build);
 
-                throw new AbortException("Failed on the threshold condition where " + condition.toString());
+                Result buildResult = Result.fromString(profile.getVulnerableBuildResult());
+                if (buildResult.toString().equals(Result.FAILURE.toString())) {
+                    throw new AbortException("Failed on the threshold condition where " + condition.toString());
+                } else {
+                    build.setResult(buildResult);
+                    return true;
+                }
             }
         }
 
@@ -256,7 +253,7 @@ private String getApplicationId(ContrastSDK sdk, String organizationUuid, String
             return "";
         }
 
-        for(Application application: applications.getApplications()) {
+        for (Application application : applications.getApplications()) {
             if (applicationName.equals(application.getName())) {
                 return application.getId();
             }

diff --git a/src/main/java/com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendStep.java b/src/main/java/com/aspectsecurity/contrast/contrastjenkins/VulnerabilityTrendStep.java
@@ -9,6 +9,7 @@
 import com.google.inject.Inject;
 import hudson.AbortException;
 import hudson.Extension;
+import hudson.model.Result;
 import hudson.model.Run;
 import hudson.model.TaskListener;
 import hudson.util.ListBoxModel;
@@ -213,7 +214,15 @@ public Void run() throws AbortException {
             }
 
             if (traces.getCount() > step.getCount()) {
-                throw new AbortException("Failed on the condition where " + stepString);
+                Result buildResult = Result.fromString(teamServerProfile.getVulnerableBuildResult());
+                if (buildResult.toString().equals(Result.FAILURE.toString())) {
+                    throw new AbortException("Failed on the condition where " + stepString);
+                } else {
+                    VulnerabilityTrendHelper.logMessage(taskListener, "Failed on the condition where " + stepString);
+                    build.setResult(buildResult);
+                    return null;
+                }
+
             }
 
             VulnerabilityTrendHelper.logMessage(taskListener, "This step has passed successfully");

diff --git a/...n/resources/com/aspectsecurity/contrast/contrastjenkins/ContrastPluginConfig/global.jelly b/...n/resources/com/aspectsecurity/contrast/contrastjenkins/ContrastPluginConfig/global.jelly
@@ -30,6 +30,10 @@
                         <f:checkbox name="failOnWrongApplicationName" field="failOnWrongApplicationName" value="${profile.failOnWrongApplicationName}" checked="${profile.failOnWrongApplicationName}" />
                     </f:entry>
 
+                    <f:entry title="Result of a vulnerable build" help="/plugin/contrast-continuous-application-security/help-vulnerableBuildResult.html">
+                        <f:select field="vulnerableBuildResult" default="${profile.vulnerableBuildResult}" />
+                    </f:entry>
+
                     <f:entry title="">
                         <f:validateButton title="${%Test TeamServer Connection}" progress="${%Testing Connection...}"
                                 method="testTeamServerConnection" with="username,apiKey,serviceKey,teamServerUrl" />

diff --git a/src/main/webapp/help-vulnerableBuildResult.html b/src/main/webapp/help-vulnerableBuildResult.html
@@ -0,0 +1,3 @@
+<div>
+    This option allows you to select the result of the build that violates the Vulnerability Threshold Conditions.
+</div>