New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide posiblity to define if sources and/or binaries data type is supported by PDS #1172
Comments
de-jcup
changed the title
Provide posiblity to define if
Provide posiblity to define if Apr 11, 2022
sourcecode.zip
and/or binary.tar
shall be fetched from storagesourcecode.zip
and/or binaries.tar
shall be fetched from storage
Some of the parts were already done inside other issues (these are crossed out in the comment) - but the configuration if a PDS does need sourcecode and/or binaries is still missing. |
de-jcup
changed the title
Provide posiblity to define if
Provide posiblity to define if sources and/or binaries data type is supported by PDS
Nov 14, 2022
sourcecode.zip
and/or binaries.tar
shall be fetched from storage
de-jcup
added a commit
that referenced
this issue
Nov 14, 2022
- introduced 'pds.config.supported.datatypes' as job parameter - introduced NONE in SecHubDataConfigurationType - introduced SecHUbDataConfigurationTypeListParser - introduced configuration autofix on PDS start - added tests - changed integration test setup - fixed typos - renamed some methods
de-jcup
added a commit
that referenced
this issue
Nov 22, 2022
- introduced 'pds.config.supported.datatypes' as job parameter - introduced NONE in SecHubDataConfigurationType - introduced SecHUbDataConfigurationTypeListParser - introduced configuration autofix on PDS start - added tests - changed integration test setup - fixed typos - renamed some methods
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Situation
This is a kind of sub issue of #729, #1098 but mainly of #1166
At the moment, every code scan will insist on fetching
SOURCE.zip
from s3.Because we introduce
BINARY.tar
for binary uploads, we must have a possibility to define which one shall be handledWanted
We introduce new configuration entries
Solution
Introduce new enumStorageType
with SOURCE and BINARY insideIntroduceStorageSupport
class which will provide logic to fetch streams automatically and also tohandle missing mandatory storages (depending on type)
PDS shall use the the runtime product executor configuration to determine the supported data storage types
At PDS configuration we introduce
pds.config.supported.datatype=$typedefinition
.The type definition can be either
binary
,source
or 'none'. Also a combination as comma separated entries - e.g.binary,source
is possible . It can be either optional or mandatory - it does not matter. PDS solutions should have a default value here. If nothing is defined (neither in executor configuration or by a default value inside the PDS configuration) there will be a fallback to the current situation (binary AND source are downloaded + a WARNING will be logged about a missing configuration, but only one time at PDS instance start)We will reuse
SecHubDataConfigurationType
enum hereWhen a data type is NOT supported, than we do NOT extract or download those files
When a data type is supported we try to extract and download the file
The text was updated successfully, but these errors were encountered: