From 31fcca4eda3fd81016f83b925d7ed31a2f6fc425 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Thu, 15 Aug 2019 18:16:51 +0200 Subject: [PATCH 1/8] Add new config parameter 'failOnIssue' in view/edit modes --- .../teamcity/common/SnykSecurityRunnerConstants.java | 5 +++++ .../snyk/plugins/teamcity/server/SnykSecurityRunType.java | 4 +++- .../server/SnykSecurityRunnerDiscoveryExtension.java | 4 +++- .../editSnykSecurityRunnerParameters.jsp | 7 +++++++ .../viewSnykSecurityRunnerParameters.jsp | 5 +++-- 5 files changed, 21 insertions(+), 4 deletions(-) diff --git a/teamcity-snyk-security-plugin-common/src/main/java/io/snyk/plugins/teamcity/common/SnykSecurityRunnerConstants.java b/teamcity-snyk-security-plugin-common/src/main/java/io/snyk/plugins/teamcity/common/SnykSecurityRunnerConstants.java index cff749c..f539573 100644 --- a/teamcity-snyk-security-plugin-common/src/main/java/io/snyk/plugins/teamcity/common/SnykSecurityRunnerConstants.java +++ b/teamcity-snyk-security-plugin-common/src/main/java/io/snyk/plugins/teamcity/common/SnykSecurityRunnerConstants.java @@ -6,6 +6,7 @@ public final class SnykSecurityRunnerConstants { public static final String RUNNER_DESCRIPTION = "Runner for finding vulnerabilities in your dependencies"; public static final String SEVERITY_THRESHOLD = "severityThreshold"; + public static final String FAIL_ON_ISSUES = "failOnIssues"; public static final String MONITOR_PROJECT_ON_BUILD = "monitorProjectOnBuild"; public static final String FILE = "file"; public static final String ORGANISATION = "organisation"; @@ -25,6 +26,10 @@ public String getSeverityThreshold() { return SEVERITY_THRESHOLD; } + public String getFailOnIssues() { + return FAIL_ON_ISSUES; + } + public String getMonitorProjectOnBuild() { return MONITOR_PROJECT_ON_BUILD; } diff --git a/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunType.java b/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunType.java index 6dc8dc4..baa0c3a 100644 --- a/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunType.java +++ b/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunType.java @@ -17,6 +17,7 @@ import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.API_TOKEN; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.CUSTOM_BUILD_TOOL_PATH; +import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.MONITOR_PROJECT_ON_BUILD; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.SEVERITY_THRESHOLD; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.USE_CUSTOM_BUILD_TOOL_PATH; @@ -89,8 +90,9 @@ public String getViewRunnerParamsJspFilePath() { @Nullable @Override public Map getDefaultRunnerProperties() { - Map defaultProperties = new HashMap<>(2); + Map defaultProperties = new HashMap<>(3); defaultProperties.put(SEVERITY_THRESHOLD, "low"); + defaultProperties.put(FAIL_ON_ISSUES, "true"); defaultProperties.put(MONITOR_PROJECT_ON_BUILD, "true"); return defaultProperties; } diff --git a/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunnerDiscoveryExtension.java b/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunnerDiscoveryExtension.java index dcefa7c..1599562 100644 --- a/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunnerDiscoveryExtension.java +++ b/teamcity-snyk-security-plugin-server/src/main/java/io/snyk/plugins/teamcity/server/SnykSecurityRunnerDiscoveryExtension.java @@ -12,6 +12,7 @@ import jetbrains.buildServer.util.browser.Element; import org.jetbrains.annotations.NotNull; +import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.MONITOR_PROJECT_ON_BUILD; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.RUNNER_TYPE; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.SEVERITY_THRESHOLD; @@ -41,8 +42,9 @@ protected List discoverRunnersInDirectory(@NotNull Element dir boolean enableSnykSecurityBuildStep = filesAndDirs.stream().anyMatch(element -> element.isLeaf() && SUPPORTED_FILES.contains(element.getName())); if (enableSnykSecurityBuildStep) { - Map defaultProperties = new HashMap<>(2); + Map defaultProperties = new HashMap<>(3); defaultProperties.put(SEVERITY_THRESHOLD, "low"); + defaultProperties.put(FAIL_ON_ISSUES, "true"); defaultProperties.put(MONITOR_PROJECT_ON_BUILD, "true"); runners.add(new DiscoveredObject(RUNNER_TYPE, defaultProperties)); } diff --git a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp index a498cda..15664aa 100644 --- a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp +++ b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp @@ -18,6 +18,13 @@ Only report vulnerabilities of provided level or higher (low/medium/high). + + + + + Fail the build when issues are found. + + diff --git a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/viewSnykSecurityRunnerParameters.jsp b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/viewSnykSecurityRunnerParameters.jsp index 23d7389..cc7f4aa 100644 --- a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/viewSnykSecurityRunnerParameters.jsp +++ b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/viewSnykSecurityRunnerParameters.jsp @@ -9,11 +9,12 @@ Note: running without specifying the threshold has the same effect as 'low' option, i.e. all vulnerabilities will be reported. - +
+ Fail on issues: +
Monitor project on build:
-
File:
From 1c623ec8e977c0739287e3f46de64c918494e8a6 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Thu, 15 Aug 2019 20:46:01 +0200 Subject: [PATCH 2/8] Fix minor sonarlint issue (squid:S3416) --- .../plugins/teamcity/agent/commands/SnykMonitorCommand.java | 3 +-- .../snyk/plugins/teamcity/agent/commands/SnykTestCommand.java | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykMonitorCommand.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykMonitorCommand.java index 53c5079..9c7a893 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykMonitorCommand.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykMonitorCommand.java @@ -7,7 +7,6 @@ import java.util.List; import java.util.Map; -import io.snyk.plugins.teamcity.agent.CommandExecutionAdapter; import jetbrains.buildServer.RunBuildException; import jetbrains.buildServer.agent.runner.ProgramCommandLine; import jetbrains.buildServer.agent.runner.SimpleProgramCommandLine; @@ -31,7 +30,7 @@ public class SnykMonitorCommand extends SnykBuildServiceAdapter { - private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class); + private static final Logger LOG = Logger.getLogger(SnykMonitorCommand.class); @NotNull @Override diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykTestCommand.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykTestCommand.java index 590d6a5..21fd75e 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykTestCommand.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykTestCommand.java @@ -7,7 +7,6 @@ import java.util.List; import java.util.Map; -import io.snyk.plugins.teamcity.agent.CommandExecutionAdapter; import jetbrains.buildServer.RunBuildException; import jetbrains.buildServer.agent.runner.ProgramCommandLine; import jetbrains.buildServer.agent.runner.SimpleProgramCommandLine; @@ -31,7 +30,7 @@ public class SnykTestCommand extends SnykBuildServiceAdapter { - private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class); + private static final Logger LOG = Logger.getLogger(SnykTestCommand.class); @NotNull @Override From 7f2ce47804c5171a511ad4041b497c0a0980ef18 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Thu, 15 Aug 2019 20:48:56 +0200 Subject: [PATCH 3/8] Provide build runner context for snyk commands --- .../teamcity/agent/commands/SnykBuildServiceAdapter.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykBuildServiceAdapter.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykBuildServiceAdapter.java index 92dc13e..365d259 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykBuildServiceAdapter.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/commands/SnykBuildServiceAdapter.java @@ -10,16 +10,22 @@ import jetbrains.buildServer.TeamCityRuntimeException; import jetbrains.buildServer.agent.BuildAgentSystemInfo; import jetbrains.buildServer.agent.BuildFinishedStatus; +import jetbrains.buildServer.agent.BuildRunnerContext; import jetbrains.buildServer.agent.runner.BuildServiceAdapter; import org.jetbrains.annotations.NotNull; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.VERSION; import static java.lang.String.format; -abstract class SnykBuildServiceAdapter extends BuildServiceAdapter { +public abstract class SnykBuildServiceAdapter extends BuildServiceAdapter { abstract List getArguments(); + @NotNull + public final BuildRunnerContext getBuildRunnerContext() { + return getRunnerContext(); + } + String getSnykToolPath() { String version = getRunnerParameters().get(VERSION); RunnerVersion runner = Runners.getRunner(version); From 723d656bb369151b3d4c1b189d214e32040c0a4e Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Fri, 16 Aug 2019 00:00:04 +0200 Subject: [PATCH 4/8] Log build problem only when issues are found and 'failOnIssues' is true --- .../agent/CommandExecutionAdapter.java | 18 +++++++++++++----- .../agent/SnykCommandBuildSession.java | 8 ++------ 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java index 83fb443..3d6553a 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java @@ -6,19 +6,20 @@ import java.nio.file.Path; import java.util.List; +import io.snyk.plugins.teamcity.agent.commands.SnykBuildServiceAdapter; import io.snyk.plugins.teamcity.common.ObjectMapperHelper; import jetbrains.buildServer.BuildProblemData; import jetbrains.buildServer.RunBuildException; import jetbrains.buildServer.TeamCityRuntimeException; import jetbrains.buildServer.agent.BuildFinishedStatus; import jetbrains.buildServer.agent.runner.CommandExecution; -import jetbrains.buildServer.agent.runner.CommandLineBuildService; import jetbrains.buildServer.agent.runner.ProcessListener; import jetbrains.buildServer.agent.runner.ProgramCommandLine; import jetbrains.buildServer.agent.runner.TerminationAction; import org.apache.log4j.Logger; import org.jetbrains.annotations.NotNull; +import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.FAIL_ON_ISSUES; import static io.snyk.plugins.teamcity.common.SnykSecurityRunnerConstants.RUNNER_DISPLAY_NAME; import static java.lang.String.format; import static java.lang.String.valueOf; @@ -27,18 +28,19 @@ import static java.nio.file.StandardOpenOption.CREATE; import static java.util.Objects.requireNonNull; import static jetbrains.buildServer.BuildProblemTypes.TC_ERROR_MESSAGE_TYPE; +import static jetbrains.buildServer.util.PropertiesUtil.getBoolean; import static jetbrains.buildServer.util.StringUtil.nullIfEmpty; public class CommandExecutionAdapter implements CommandExecution { private static final Logger LOG = Logger.getLogger(CommandExecutionAdapter.class); - private final CommandLineBuildService buildService; + private final SnykBuildServiceAdapter buildService; private final Path commandOutputPath; private List listeners; private BuildFinishedStatus result; - CommandExecutionAdapter(@NotNull CommandLineBuildService buildService, @NotNull Path commandOutputPath) { + CommandExecutionAdapter(@NotNull SnykBuildServiceAdapter buildService, @NotNull Path commandOutputPath) { this.buildService = requireNonNull(buildService); this.commandOutputPath = requireNonNull(commandOutputPath); listeners = buildService.getListeners(); @@ -115,8 +117,14 @@ public void processFinished(int exitCode) { if (!snykApiResponse.success && nullIfEmpty(snykApiResponse.summary) != null) { String problem = format("%s known issues | %s", snykApiResponse.uniqueCount, snykApiResponse.summary); - BuildProblemData buildProblem = createBuildProblem(problem); - buildService.getLogger().logBuildProblem(buildProblem); + + String failOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().get(FAIL_ON_ISSUES); + if (getBoolean(failOnIssues)) { + BuildProblemData buildProblem = createBuildProblem(problem); + buildService.getLogger().logBuildProblem(buildProblem); + } else { + buildService.getLogger().warning(problem); + } } }); } diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/SnykCommandBuildSession.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/SnykCommandBuildSession.java index 4cae18b..a1bf5be 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/SnykCommandBuildSession.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/SnykCommandBuildSession.java @@ -6,6 +6,7 @@ import java.util.Iterator; import java.util.List; +import io.snyk.plugins.teamcity.agent.commands.SnykBuildServiceAdapter; import io.snyk.plugins.teamcity.agent.commands.SnykMonitorCommand; import io.snyk.plugins.teamcity.agent.commands.SnykReportCommand; import io.snyk.plugins.teamcity.agent.commands.SnykTestCommand; @@ -15,7 +16,6 @@ import jetbrains.buildServer.agent.BuildRunnerContext; import jetbrains.buildServer.agent.artifacts.ArtifactsWatcher; import jetbrains.buildServer.agent.runner.CommandExecution; -import jetbrains.buildServer.agent.runner.CommandLineBuildService; import jetbrains.buildServer.agent.runner.MultiCommandBuildSession; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; @@ -72,10 +72,6 @@ private Iterator getBuildSteps() { List steps = new ArrayList<>(3); String buildTempDirectory = buildRunnerContext.getBuild().getBuildTempDirectory().getAbsolutePath(); - // Disable for development process - // SnykVersionCommand snykVersionCommand = new SnykVersionCommand(); - // steps.add(addCommand(snykVersionCommand, Paths.get(buildTempDirectory, "version.txt"))); - SnykTestCommand snykTestCommand = new SnykTestCommand(); steps.add(addCommand(snykTestCommand, Paths.get(buildTempDirectory, SNYK_REPORT_JSON_FILE))); @@ -91,7 +87,7 @@ private Iterator getBuildSteps() { return steps.iterator(); } - private CommandExecutionAdapter addCommand(CommandLineBuildService buildService, Path commandOutputPath) { + private CommandExecutionAdapter addCommand(T buildService, Path commandOutputPath) { try { buildService.initialize(buildRunnerContext.getBuild(), buildRunnerContext); } catch (RunBuildException ex) { From b887af43b8fd41618119d297f0ae8ade17af26eb Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Fri, 16 Aug 2019 13:18:12 +0200 Subject: [PATCH 5/8] Fix mem_opts parameter for server compose service --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index df87ad6..5d86411 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: volumes: - "./distribution/docker/server:/data/teamcity_server/datadir" environment: - - TEAMCITY_SERVER_MEM_OPTS="-Xmx2048m" + - TEAMCITY_SERVER_MEM_OPTS=-Xmx4096m agent: image: "jetbrains/teamcity-agent:2018.2.3" From e420510f22f536f098e654281a9d11cdbf5425c4 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Sat, 17 Aug 2019 20:06:21 +0200 Subject: [PATCH 6/8] Log vulnerability issues on error level --- .../io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java index 3d6553a..8ab3759 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java @@ -123,7 +123,7 @@ public void processFinished(int exitCode) { BuildProblemData buildProblem = createBuildProblem(problem); buildService.getLogger().logBuildProblem(buildProblem); } else { - buildService.getLogger().warning(problem); + buildService.getLogger().error(problem); } } }); From d15dd31078fde44efa146300f7fe9573d25daf38 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Sat, 17 Aug 2019 20:07:51 +0200 Subject: [PATCH 7/8] Log vulnerability issues as build problem if 'failOnIssues' is not defined --- .../plugins/teamcity/agent/CommandExecutionAdapter.java | 3 ++- .../editSnykSecurityRunnerParameters.jsp | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java index 8ab3759..ddf33f9 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java @@ -118,8 +118,9 @@ public void processFinished(int exitCode) { if (!snykApiResponse.success && nullIfEmpty(snykApiResponse.summary) != null) { String problem = format("%s known issues | %s", snykApiResponse.uniqueCount, snykApiResponse.summary); + boolean containsFailOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().containsKey(FAIL_ON_ISSUES); String failOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().get(FAIL_ON_ISSUES); - if (getBoolean(failOnIssues)) { + if (getBoolean(failOnIssues) || !containsFailOnIssues) { BuildProblemData buildProblem = createBuildProblem(problem); buildService.getLogger().logBuildProblem(buildProblem); } else { diff --git a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp index 15664aa..0da1cf0 100644 --- a/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp +++ b/teamcity-snyk-security-plugin-server/src/main/resources/buildServerResources/editSnykSecurityRunnerParameters.jsp @@ -21,7 +21,14 @@ - + + + + + + + + Fail the build when issues are found. From 46223a749e3d8f0228fb8e3584d5804c5247e418 Mon Sep 17 00:00:00 2001 From: pavel <36902936+pavel-github@users.noreply.github.com> Date: Mon, 19 Aug 2019 11:26:30 +0200 Subject: [PATCH 8/8] Add the comment why we check if runner parameters contain 'failOnIssues' --- .../snyk/plugins/teamcity/agent/CommandExecutionAdapter.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java index ddf33f9..69d60a6 100644 --- a/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java +++ b/teamcity-snyk-security-plugin-agent/src/main/java/io/snyk/plugins/teamcity/agent/CommandExecutionAdapter.java @@ -118,6 +118,10 @@ public void processFinished(int exitCode) { if (!snykApiResponse.success && nullIfEmpty(snykApiResponse.summary) != null) { String problem = format("%s known issues | %s", snykApiResponse.uniqueCount, snykApiResponse.summary); + /* + * we check whether 'failOnIssues' runner parameter exists in case of old configurations. + * if 'failOnIssues' was not found, then treat it as 'true' so fail behavior of the plugin is unchanged. + */ boolean containsFailOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().containsKey(FAIL_ON_ISSUES); String failOnIssues = buildService.getBuildRunnerContext().getRunnerParameters().get(FAIL_ON_ISSUES); if (getBoolean(failOnIssues) || !containsFailOnIssues) {