Merge pull request #22 from pavel-github/feat/configure-step-fail-con…

…ditions

feat: configure step fail conditions

docker-compose.yml

@@ -8,7 +8,7 @@ services:
     volumes:
       - "./distribution/docker/server:/data/teamcity_server/datadir"
     environment:
-      - TEAMCITY_SERVER_MEM_OPTS="-Xmx2048m"
+      - TEAMCITY_SERVER_MEM_OPTS=-Xmx4096m
 
   agent:
     image: "jetbrains/teamcity-agent:2018.2.3"

teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java

@@ -6,19 +6,20 @@
 import java.nio.file.Path;
 import java.util.List;
 
+import io.snyk.plugins.teamcity.agent.commands.SnykBuildServiceAdapter;
 import io.snyk.plugins.teamcity.common.ObjectMapperHelper;
 import jetbrains.buildServer.BuildProblemData;
 import jetbrains.buildServer.RunBuildException;
 import jetbrains.buildServer.TeamCityRuntimeException;
 import jetbrains.buildServer.agent.BuildFinishedStatus;
 import jetbrains.buildServer.agent.runner.CommandExecution;
-import jetbrains.buildServer.agent.runner.CommandLineBuildService;
 import jetbrains.buildServer.agent.runner.ProcessListener;
 import jetbrains.buildServer.agent.runner.ProgramCommandLine;
 import jetbrains.buildServer.agent.runner.TerminationAction;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 
+import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.RUNNER_DISPLAY_NAME;
 import static java.lang.String.format;
 import static java.lang.String.valueOf;
@@ -27,18 +28,19 @@
 import static java.nio.file.StandardOpenOption.CREATE;
 import static java.util.Objects.requireNonNull;
 import static jetbrains.buildServer.BuildProblemTypes.TC_ERROR_MESSAGE_TYPE;
+import static jetbrains.buildServer.util.PropertiesUtil.getBoolean;
 import static jetbrains.buildServer.util.StringUtil.nullIfEmpty;
 
 public class CommandExecutionAdapter implements CommandExecution {
 
   private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class);
 
-  private final CommandLineBuildService buildService;
+  private final SnykBuildServiceAdapter buildService;
   private final Path commandOutputPath;
   private List<ProcessListener> listeners;
   private BuildFinishedStatus result;
 
-  CommandExecutionAdapter(@NotNull CommandLineBuildService buildService, @NotNull Path commandOutputPath) {
+  CommandExecutionAdapter(@NotNull SnykBuildServiceAdapter buildService, @NotNull Path commandOutputPath) {
     this.buildService = requireNonNull(buildService);
     this.commandOutputPath = requireNonNull(commandOutputPath);
     listeners = buildService.getListeners();
@@ -115,8 +117,19 @@ public void processFinished(int exitCode) {
 
           if (!snykApiResponse.success && nullIfEmpty(snykApiResponse.summary) != null) {
             String problem = format("%s known issues | %s", snykApiResponse.uniqueCount, snykApiResponse.summary);
-            BuildProblemData buildProblem = createBuildProblem(problem);
-            buildService.getLogger().logBuildProblem(buildProblem);
+
+            /*
+             * we check whether 'failOnIssues' runner parameter exists in case of old configurations.
+             * if 'failOnIssues' was not found, then treat it as 'true' so fail behavior of the plugin is unchanged.
+             */
+            boolean containsFailOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().containsKey(FAIL_ON_ISSUES);
+            String failOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().get(FAIL_ON_ISSUES);
+            if (getBoolean(failOnIssues) || !containsFailOnIssues) {
+              BuildProblemData buildProblem = createBuildProblem(problem);
+              buildService.getLogger().logBuildProblem(buildProblem);
+            } else {
+              buildService.getLogger().error(problem);
+            }
           }
         });
       }

teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/SnykCommandBuildSession.java

@@ -6,6 +6,7 @@
 import java.util.Iterator;
 import java.util.List;
 
+import io.snyk.plugins.teamcity.agent.commands.SnykBuildServiceAdapter;
 import io.snyk.plugins.teamcity.agent.commands.SnykMonitorCommand;
 import io.snyk.plugins.teamcity.agent.commands.SnykReportCommand;
 import io.snyk.plugins.teamcity.agent.commands.SnykTestCommand;
@@ -15,7 +16,6 @@
 import jetbrains.buildServer.agent.BuildRunnerContext;
 import jetbrains.buildServer.agent.artifacts.ArtifactsWatcher;
 import jetbrains.buildServer.agent.runner.CommandExecution;
-import jetbrains.buildServer.agent.runner.CommandLineBuildService;
 import jetbrains.buildServer.agent.runner.MultiCommandBuildSession;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
@@ -72,10 +72,6 @@ private Iterator<CommandExecutionAdapter> getBuildSteps() {
     List<CommandExecutionAdapter> steps = new ArrayList<>(3);
     String buildTempDirectory = buildRunnerContext.getBuild().getBuildTempDirectory().getAbsolutePath();
 
-    // Disable for development process
-    // SnykVersionCommand snykVersionCommand = new SnykVersionCommand();
-    // steps.add(addCommand(snykVersionCommand, Paths.get(buildTempDirectory, "version.txt")));
-
     SnykTestCommand snykTestCommand = new SnykTestCommand();
     steps.add(addCommand(snykTestCommand, Paths.get(buildTempDirectory, SNYK_REPORT_JSON_FILE)));
 
@@ -91,7 +87,7 @@ private Iterator<CommandExecutionAdapter> getBuildSteps() {
     return steps.iterator();
   }
 
-  private CommandExecutionAdapter addCommand(CommandLineBuildService buildService, Path commandOutputPath) {
+  private <T extends SnykBuildServiceAdapter> CommandExecutionAdapter addCommand(T buildService, Path commandOutputPath) {
     try {
       buildService.initialize(buildRunnerContext.getBuild(), buildRunnerContext);
     } catch (RunBuildException ex) {

teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykBuildServiceAdapter.java

@@ -10,16 +10,22 @@
 import jetbrains.buildServer.TeamCityRuntimeException;
 import jetbrains.buildServer.agent.BuildAgentSystemInfo;
 import jetbrains.buildServer.agent.BuildFinishedStatus;
+import jetbrains.buildServer.agent.BuildRunnerContext;
 import jetbrains.buildServer.agent.runner.BuildServiceAdapter;
 import org.jetbrains.annotations.NotNull;
 
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.VERSION;
 import static java.lang.String.format;
 
-abstract class SnykBuildServiceAdapter extends BuildServiceAdapter {
+public abstract class SnykBuildServiceAdapter extends BuildServiceAdapter {
 
   abstract List<String> getArguments();
 
+  @NotNull
+  public final BuildRunnerContext getBuildRunnerContext() {
+    return getRunnerContext();
+  }
+
   String getSnykToolPath() {
     String version = getRunnerParameters().get(VERSION);
     RunnerVersion runner = Runners.getRunner(version);

teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykMonitorCommand.java

@@ -7,7 +7,6 @@
 import java.util.List;
 import java.util.Map;
 
-import io.snyk.plugins.teamcity.agent.CommandExecutionAdapter;
 import jetbrains.buildServer.RunBuildException;
 import jetbrains.buildServer.agent.runner.ProgramCommandLine;
 import jetbrains.buildServer.agent.runner.SimpleProgramCommandLine;
@@ -31,7 +30,7 @@
 
 public class SnykMonitorCommand extends SnykBuildServiceAdapter {
 
-  private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class);
+  private static final Logger LOG = Logger.getLogger(SnykMonitorCommand.class);
 
   @NotNull
   @Override

teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykTestCommand.java

@@ -7,7 +7,6 @@
 import java.util.List;
 import java.util.Map;
 
-import io.snyk.plugins.teamcity.agent.CommandExecutionAdapter;
 import jetbrains.buildServer.RunBuildException;
 import jetbrains.buildServer.agent.runner.ProgramCommandLine;
 import jetbrains.buildServer.agent.runner.SimpleProgramCommandLine;
@@ -31,7 +30,7 @@
 
 public class SnykTestCommand extends SnykBuildServiceAdapter {
 
-  private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class);
+  private static final Logger LOG = Logger.getLogger(SnykTestCommand.class);
 
   @NotNull
   @Override

teamcity-snyk-security-plugin-common/src/main/java/io/snyk/plugins/teamcity/common/SnykSecurityRunnerConstants.java

@@ -6,6 +6,7 @@ public final class SnykSecurityRunnerConstants {
   public static final String RUNNER_DESCRIPTION = "Runner for finding vulnerabilities in your dependencies";
 
   public static final String SEVERITY_THRESHOLD = "severityThreshold";
+  public static final String FAIL_ON_ISSUES = "failOnIssues";
   public static final String MONITOR_PROJECT_ON_BUILD = "monitorProjectOnBuild";
   public static final String FILE = "file";
   public static final String ORGANISATION = "organisation";
@@ -25,6 +26,10 @@ public String getSeverityThreshold() {
     return SEVERITY_THRESHOLD;
   }
 
+  public String getFailOnIssues() {
+    return FAIL_ON_ISSUES;
+  }
+
   public String getMonitorProjectOnBuild() {
     return MONITOR_PROJECT_ON_BUILD;
   }

teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunType.java

@@ -17,6 +17,7 @@
 
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.API_TOKEN;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.CUSTOM_BUILD_TOOL_PATH;
+import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.MONITOR_PROJECT_ON_BUILD;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.SEVERITY_THRESHOLD;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.USE_CUSTOM_BUILD_TOOL_PATH;
@@ -89,8 +90,9 @@ public String getViewRunnerParamsJspFilePath() {
   @Nullable
   @Override
   public Map<String, String> getDefaultRunnerProperties() {
-    Map<String, String> defaultProperties = new HashMap<>(2);
+    Map<String, String> defaultProperties = new HashMap<>(3);
     defaultProperties.put(SEVERITY_THRESHOLD, "low");
+    defaultProperties.put(FAIL_ON_ISSUES, "true");
     defaultProperties.put(MONITOR_PROJECT_ON_BUILD, "true");
     return defaultProperties;
   }

teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunnerDiscoveryExtension.java

@@ -12,6 +12,7 @@
 import jetbrains.buildServer.util.browser.Element;
 import org.jetbrains.annotations.NotNull;
 
+import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.MONITOR_PROJECT_ON_BUILD;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.RUNNER_TYPE;
 import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.SEVERITY_THRESHOLD;
@@ -41,8 +42,9 @@ protected List<DiscoveredObject> discoverRunnersInDirectory(@NotNull Element dir
     boolean enableSnykSecurityBuildStep = filesAndDirs.stream().anyMatch(element -> element.isLeaf() && SUPPORTED_FILES.contains(element.getName()));
 
     if (enableSnykSecurityBuildStep) {
-      Map<String, String> defaultProperties = new HashMap<>(2);
+      Map<String, String> defaultProperties = new HashMap<>(3);
       defaultProperties.put(SEVERITY_THRESHOLD, "low");
+      defaultProperties.put(FAIL_ON_ISSUES, "true");
       defaultProperties.put(MONITOR_PROJECT_ON_BUILD, "true");
       runners.add(new DiscoveredObject(RUNNER_TYPE, defaultProperties));
     }

teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp

@@ -18,6 +18,20 @@
       <span class="smallNote">Only report vulnerabilities of provided level or higher (low/medium/high).</span>
     </td>
   </tr>
+  <tr class="advancedSetting">
+    <th><label>Fail on issues:</label></th>
+    <td>
+      <c:choose>
+        <c:when test="${propertiesBean.properties.containsKey(constants.failOnIssues)}">
+          <props:checkboxProperty name="${constants.failOnIssues}" uncheckedValue="false"/>
+        </c:when>
+        <c:otherwise>
+          <props:checkboxProperty name="${constants.failOnIssues}" uncheckedValue="false" checked="true"/>
+        </c:otherwise>
+      </c:choose>
+      <span class="smallNote">Fail the build when issues are found.</span>
+    </td>
+  </tr>
   <tr>
     <th><label>Monitor project on build:</label></th>
     <td>

teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/viewSnykSecurityRunnerParameters.jsp

@@ -9,11 +9,12 @@
     <span class="smallNote">Note: running without specifying the threshold has the same effect as 'low' option, i.e. all vulnerabilities will be reported.</span>
   </c:if>
 </div>
-
+<div class="parameter">
+  Fail on issues: <strong><props:displayCheckboxValue name="${constants.failOnIssues}"/></strong>
+</div>
 <div class="parameter">
   Monitor project on build: <strong><props:displayCheckboxValue name="${constants.monitorProjectOnBuild}"/></strong>
 </div>
-
 <div class="parameter">
   File: <strong><props:displayValue name="${constants.file}" emptyValue="not specified"/></strong>
 </div>