Enabled the possibility to avoid aggregation of NPM projects in WhitesourceExecuteScan (#4956)

dimaste · vstarostin · web-flow · commit 1b728ccd3e6c · 2024-06-20T09:08:24.000+03:00
* Enabled the possibility to avoid aggregation of NPM projects

* renamed-function

---------

Co-authored-by: Vyacheslav Starostin &lt;32613074+vstarostin@users.noreply.github.com&gt;
diff --git a/cmd/whitesourceExecuteScan.go b/cmd/whitesourceExecuteScan.go
@@ -469,34 +469,35 @@ func validateProductVersion(version string) string {
 
 func wsScanOptions(config *ScanOptions) *ws.ScanOptions {
 	return &ws.ScanOptions{
-		BuildTool:                   config.BuildTool,
-		ScanType:                    "", // no longer provided via config
-		OrgToken:                    config.OrgToken,
-		UserToken:                   config.UserToken,
-		ProductName:                 config.ProductName,
-		ProductToken:                config.ProductToken,
-		ProductVersion:              config.Version,
-		ProjectName:                 config.ProjectName,
-		BuildDescriptorFile:         config.BuildDescriptorFile,
-		BuildDescriptorExcludeList:  config.BuildDescriptorExcludeList,
-		PomPath:                     config.BuildDescriptorFile,
-		M2Path:                      config.M2Path,
-		GlobalSettingsFile:          config.GlobalSettingsFile,
-		ProjectSettingsFile:         config.ProjectSettingsFile,
-		InstallArtifacts:            config.InstallArtifacts,
-		DefaultNpmRegistry:          config.DefaultNpmRegistry,
-		AgentDownloadURL:            config.AgentDownloadURL,
-		AgentFileName:               config.AgentFileName,
-		ConfigFilePath:              config.ConfigFilePath,
-		Includes:                    config.Includes,
-		Excludes:                    config.Excludes,
-		JreDownloadURL:              config.JreDownloadURL,
-		AgentURL:                    config.AgentURL,
-		ServiceURL:                  config.ServiceURL,
-		ScanPath:                    config.ScanPath,
-		InstallCommand:              config.InstallCommand,
-		Verbose:                     GeneralConfig.Verbose,
-		SkipParentProjectResolution: config.SkipParentProjectResolution,
+		BuildTool:                       config.BuildTool,
+		ScanType:                        "", // no longer provided via config
+		OrgToken:                        config.OrgToken,
+		UserToken:                       config.UserToken,
+		ProductName:                     config.ProductName,
+		ProductToken:                    config.ProductToken,
+		ProductVersion:                  config.Version,
+		ProjectName:                     config.ProjectName,
+		BuildDescriptorFile:             config.BuildDescriptorFile,
+		BuildDescriptorExcludeList:      config.BuildDescriptorExcludeList,
+		PomPath:                         config.BuildDescriptorFile,
+		M2Path:                          config.M2Path,
+		GlobalSettingsFile:              config.GlobalSettingsFile,
+		ProjectSettingsFile:             config.ProjectSettingsFile,
+		InstallArtifacts:                config.InstallArtifacts,
+		DefaultNpmRegistry:              config.DefaultNpmRegistry,
+		AgentDownloadURL:                config.AgentDownloadURL,
+		AgentFileName:                   config.AgentFileName,
+		ConfigFilePath:                  config.ConfigFilePath,
+		Includes:                        config.Includes,
+		Excludes:                        config.Excludes,
+		JreDownloadURL:                  config.JreDownloadURL,
+		AgentURL:                        config.AgentURL,
+		ServiceURL:                      config.ServiceURL,
+		ScanPath:                        config.ScanPath,
+		InstallCommand:                  config.InstallCommand,
+		Verbose:                         GeneralConfig.Verbose,
+		SkipParentProjectResolution:     config.SkipParentProjectResolution,
+		DisableNpmSubmodulesAggregation: config.DisableNpmSubmodulesAggregation,
 	}
 }
 
diff --git a/cmd/whitesourceExecuteScan_generated.go b/cmd/whitesourceExecuteScan_generated.go
diff --git a/pkg/whitesource/scanOptions.go b/pkg/whitesource/scanOptions.go
@@ -46,7 +46,8 @@ type ScanOptions struct {
 
 	InstallCommand string
 
-	SkipParentProjectResolution bool
+	SkipParentProjectResolution     bool
+	DisableNpmSubmodulesAggregation bool
 
 	Verbose bool
 }
diff --git a/pkg/whitesource/scanUA.go b/pkg/whitesource/scanUA.go
@@ -23,11 +23,26 @@ const projectRegEx = `Project name: ([^,]*), URL: (.*)`
 // ExecuteUAScan executes a scan with the Whitesource Unified Agent.
 func (s *Scan) ExecuteUAScan(config *ScanOptions, utils Utils) error {
 	s.AgentName = "WhiteSource Unified Agent"
-	if config.BuildTool != "mta" {
+
+	switch config.BuildTool {
+	case "mta":
+		return s.ExecuteUAScanForMTA(config, utils)
+	case "npm":
+		if config.DisableNpmSubmodulesAggregation {
+			return s.ExecuteUAScanForMultiModuleNPM(config, utils)
+		} else {
+			return s.ExecuteUAScanInPath(config, utils, config.ScanPath)
+		}
+	default:
 		return s.ExecuteUAScanInPath(config, utils, config.ScanPath)
 	}
 
+}
+
+func (s *Scan) ExecuteUAScanForMTA(config *ScanOptions, utils Utils) error {
 	log.Entry().Infof("Executing WhiteSource UA scan for MTA project")
+
+	log.Entry().Infof("Executing WhiteSource UA scan for Maven part")
 	pomExists, _ := utils.FileExists("pom.xml")
 	if pomExists {
 		mavenConfig := *config
@@ -42,6 +57,13 @@ func (s *Scan) ExecuteUAScan(config *ScanOptions, utils Utils) error {
 		}
 	}
 
+	log.Entry().Infof("Executing WhiteSource UA scan for NPM part")
+	return s.ExecuteUAScanForMultiModuleNPM(config, utils)
+}
+
+func (s *Scan) ExecuteUAScanForMultiModuleNPM(config *ScanOptions, utils Utils) error {
+	log.Entry().Infof("Executing WhiteSource UA scan for multi-module NPM projects")
+
 	packageJSONFiles, err := utils.FindPackageJSONFiles(config)
 	if err != nil {
 		return errors.Wrap(err, "failed to find package.json files")
diff --git a/resources/metadata/whitesourceExecuteScan.yaml b/resources/metadata/whitesourceExecuteScan.yaml
@@ -389,8 +389,7 @@ spec:
           - STEPS
       - name: skipParentProjectResolution
         type: bool
-        description: "Parameter for multi-module, multi-images projects to skip the parent project resolution for reporing purpose
-        Could be used if parent project is set as just a placeholder for scan and doesn't contain any dependencies."
+        description: "Parameter for multi-module, multi-images projects to skip the parent project resolution for reporing purpose. Could be used if parent project is set as just a placeholder for scan and doesn't contain any dependencies."
         scope:
           - PARAMETERS
           - STAGES
@@ -543,6 +542,15 @@ spec:
           - STEPS
         aliases:
           - name: npm/defaultNpmRegistry
+      - name: disableNpmSubmodulesAggregation
+        type: bool
+        description: "The default Mend behavior is to aggregate all submodules of NPM project into one project in Mend. This parameter disables this behavior, thus for each submodule a separate project is created."
+        default: false
+        scope:
+          - PARAMETERS
+          - GENERAL
+          - STAGES
+          - STEPS
       - name: githubToken
         description: "GitHub personal access token as per
           https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line"

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,8 @@ type ScanOptions struct {`
`46`	`46`
`47`	`47`	`InstallCommand string`
`48`	`48`
`49`		`- SkipParentProjectResolution bool`
	`49`	`+ SkipParentProjectResolution bool`
	`50`	`+ DisableNpmSubmodulesAggregation bool`
`50`	`51`
`51`	`52`	`Verbose bool`
`52`	`53`	`}`