Add support for OWASP Dependency-Check Plugin

Supports publisher for Dependency-Check utility that identifies project
dependencies and checks if there are any known, publicly disclosed,
vulnerabilities.
https://wiki.jenkins-ci.org/display/JENKINS/OWASP+Dependency-Check+Plugin

Change-Id: I3dc1ab923c392aac00189c3f852a1138c1f0ab36

jenkins_jobs/modules/helpers.py

@@ -60,6 +60,8 @@ def build_trends_publisher(plugin_name, xml_element, data):
         ('default-encoding', 'defaultEncoding', ''),
         ('can-run-on-failed', 'canRunOnFailed', False),
         ('use-stable-build-as-reference', 'useStableBuildAsReference', False),
+        ('use-previous-build-as-reference',
+         'usePreviousBuildAsReference', False),
         ('use-delta-values', 'useDeltaValues', False),
         ('thresholds', 'thresholds', {}),
         ('should-detect-modules', 'shouldDetectModules', False),
@@ -132,9 +134,8 @@ def config_file_provider_settings(xml_parent, data):
 
         # For cfp versions <2.10.0 we are able to detect cfp via the config
         # settings name.
-        if settings_file.startswith(
-                'org.jenkinsci.plugins.configfiles.maven.'
-                'MavenSettingsConfig'):
+        text = 'org.jenkinsci.plugins.configfiles.maven.MavenSettingsConfig'
+        if settings_file.startswith(text):
             settings_type = 'cfp'
 
         if settings_type == 'file':
@@ -161,9 +162,9 @@ def config_file_provider_settings(xml_parent, data):
 
         # For cfp versions <2.10.0 we are able to detect cfp via the config
         # settings name.
-        if global_settings_file.startswith(
-                'org.jenkinsci.plugins.configfiles.maven.'
-                'GlobalMavenSettingsConfig'):
+        text = ('org.jenkinsci.plugins.configfiles.maven.'
+                'GlobalMavenSettingsConfig')
+        if global_settings_file.startswith(text):
             global_settings_type = 'cfp'
 
         if global_settings_type == 'file':
@@ -242,10 +243,6 @@ def findbugs_settings(xml_parent, data):
     XML.SubElement(xml_parent, 'includePattern').text = include_files
     exclude_files = data.get('exclude-files', '')
     XML.SubElement(xml_parent, 'excludePattern').text = exclude_files
-    use_previous_build = str(data.get('use-previous-build-as-reference',
-                                      False)).lower()
-    XML.SubElement(xml_parent,
-                   'usePreviousBuildAsReference').text = use_previous_build
 
 
 def get_value_from_yaml_or_config_file(key, section, data, parser):

jenkins_jobs/modules/publishers.py

@@ -1489,6 +1489,8 @@ def checkstyle(parser, xml_parent, data):
     :arg bool do-not-resolve-relative-paths: (default false)
     :arg bool dont-compute-new: If set to false, computes new warnings based on
       the reference build (default true)
+    :arg bool use-previous-build-as-reference: determines whether to always
+        use the previous build as the reference build (Default false)
     :arg bool use-stable-build-as-reference: The number of new warnings will be
       calculated based on the last stable build, allowing reverts of unstable
       builds where the number of warnings was decreased. (default false)
@@ -3919,6 +3921,76 @@ def stash(parser, xml_parent, data):
         data.get('include-build-number', False)).lower()
 
 
+def dependency_check(parser, xml_parent, data):
+    """yaml: dependency-check
+    Dependency-Check is an open source utility that identifies project
+    dependencies and checks if there are any known, publicly disclosed,
+    vulnerabilities.
+
+    Requires the Jenkins :jenkins-wiki:`OWASP Dependency-Check Plugin
+    <OWASP+Dependency-Check+Plugin>`.
+
+    :arg str pattern: Report filename pattern (optional)
+    :arg bool can-run-on-failed: Also runs for failed builds, instead of just
+      stable or unstable builds (default false)
+    :arg bool should-detect-modules: Determines if Ant or Maven modules should
+      be detected for all files that contain warnings (default false)
+    :arg int healthy: Sunny threshold (optional)
+    :arg int unhealthy: Stormy threshold (optional)
+    :arg str health-threshold: Threshold priority for health status
+      ('low', 'normal' or 'high', defaulted to 'low')
+    :arg dict thresholds: Mark build as failed or unstable if the number of
+      errors exceeds a threshold. (optional)
+
+        :thresholds:
+            * **unstable** (`dict`)
+                :unstable: * **total-all** (`int`)
+                           * **total-high** (`int`)
+                           * **total-normal** (`int`)
+                           * **total-low** (`int`)
+                           * **new-all** (`int`)
+                           * **new-high** (`int`)
+                           * **new-normal** (`int`)
+                           * **new-low** (`int`)
+
+            * **failed** (`dict`)
+                :failed: * **total-all** (`int`)
+                         * **total-high** (`int`)
+                         * **total-normal** (`int`)
+                         * **total-low** (`int`)
+                         * **new-all** (`int`)
+                         * **new-high** (`int`)
+                         * **new-normal** (`int`)
+                         * **new-low** (`int`)
+    :arg str default-encoding: Encoding for parsing or showing files (optional)
+    :arg bool do-not-resolve-relative-paths: (default false)
+    :arg bool dont-compute-new: If set to false, computes new warnings based on
+      the reference build (default true)
+    :arg bool use-previous-build-as-reference: determines whether to always
+        use the previous build as the reference build (Default false)
+    :arg bool use-stable-build-as-reference: The number of new warnings will be
+      calculated based on the last stable build, allowing reverts of unstable
+      builds where the number of warnings was decreased. (default false)
+    :arg bool use-delta-values: If set then the number of new warnings is
+      calculated by subtracting the total number of warnings of the current
+      build from the reference build.
+      (default false)
+
+    Example:
+
+    .. literalinclude::
+        /../../tests/publishers/fixtures/dependency-check001.yaml
+       :language: yaml
+    """
+
+    dependency_check = XML.SubElement(
+        xml_parent,
+        'org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher')
+
+    # trends
+    build_trends_publisher('[DEPENDENCYCHECK] ', dependency_check, data)
+
+
 def description_setter(parser, xml_parent, data):
     """yaml: description-setter
     This plugin sets the description for each build,
@@ -4375,6 +4447,8 @@ def pmd(parser, xml_parent, data):
     :arg bool do-not-resolve-relative-paths: (default false)
     :arg bool dont-compute-new: If set to false, computes new warnings based on
       the reference build (default true)
+    :arg bool use-previous-build-as-reference: determines whether to always
+        use the previous build as the reference build (Default false)
     :arg bool use-stable-build-as-reference: The number of new warnings will be
       calculated based on the last stable build, allowing reverts of unstable
       builds where the number of warnings was decreased. (default false)
@@ -4483,6 +4557,8 @@ def dry(parser, xml_parent, data):
     :arg bool do-not-resolve-relative-paths: (default false)
     :arg bool dont-compute-new: If set to false, computes new warnings based on
       the reference build (default true)
+    :arg bool use-previous-build-as-reference: determines whether to always
+        use the previous build as the reference build (Default false)
     :arg bool use-stable-build-as-reference: The number of new warnings will be
       calculated based on the last stable build, allowing reverts of unstable
       builds where the number of warnings was decreased. (default false)

tests/publishers/fixtures/checkstyle001.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/checkstyle002.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/checkstyle003.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/checkstyle004.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/checkstyle005.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/checkstyle006.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>true</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>true</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/dependency-check001.xml

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<project>
+  <publishers>
+    <org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher>
+      <healthy/>
+      <unHealthy/>
+      <thresholdLimit>low</thresholdLimit>
+      <pluginName>[DEPENDENCYCHECK] </pluginName>
+      <defaultEncoding/>
+      <canRunOnFailed>false</canRunOnFailed>
+      <useStableBuildAsReference>true</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
+      <useDeltaValues>false</useDeltaValues>
+      <thresholds>
+        <unstableTotalAll/>
+        <unstableTotalHigh/>
+        <unstableTotalNormal/>
+        <unstableTotalLow/>
+        <failedTotalAll/>
+        <failedTotalHigh/>
+        <failedTotalNormal/>
+        <failedTotalLow/>
+      </thresholds>
+      <shouldDetectModules>false</shouldDetectModules>
+      <dontComputeNew>true</dontComputeNew>
+      <doNotResolveRelativePaths>false</doNotResolveRelativePaths>
+      <pattern>**/dependency-check-report.xml</pattern>
+    </org.jenkinsci.plugins.DependencyCheck.DependencyCheckPublisher>
+  </publishers>
+</project>

tests/publishers/fixtures/dependency-check001.yaml

@@ -0,0 +1,4 @@
+publishers:
+  - dependency-check:
+      pattern: '**/dependency-check-report.xml'
+      use-stable-build-as-reference: true

tests/publishers/fixtures/dry001.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/dry002.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/dry003.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/dry004.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>true</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>true</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/findbugs01.xml

@@ -5,7 +5,6 @@
       <isRankActivated>true</isRankActivated>
       <includePattern>f,d,e,.*</includePattern>
       <excludePattern>a,c,d,.*</excludePattern>
-      <usePreviousBuildAsReference>true</usePreviousBuildAsReference>
       <healthy>80</healthy>
       <unHealthy>10</unHealthy>
       <thresholdLimit>high</thresholdLimit>
@@ -13,6 +12,7 @@
       <defaultEncoding/>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>true</useStableBuildAsReference>
+      <usePreviousBuildAsReference>true</usePreviousBuildAsReference>
       <useDeltaValues>true</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/pmd001.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/publishers/fixtures/pmd002.xml

@@ -9,6 +9,7 @@
       <defaultEncoding>utf-8</defaultEncoding>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>

tests/publishers/fixtures/pmd003.xml

@@ -9,6 +9,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/reporters/fixtures/findbugs-minimal.xml

@@ -5,7 +5,6 @@
       <isRankActivated>false</isRankActivated>
       <includePattern/>
       <excludePattern/>
-      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <healthy/>
       <unHealthy/>
       <thresholdLimit>low</thresholdLimit>
@@ -13,6 +12,7 @@
       <defaultEncoding/>
       <canRunOnFailed>false</canRunOnFailed>
       <useStableBuildAsReference>false</useStableBuildAsReference>
+      <usePreviousBuildAsReference>false</usePreviousBuildAsReference>
       <useDeltaValues>false</useDeltaValues>
       <thresholds>
         <unstableTotalAll/>

tests/reporters/fixtures/findbugs01.xml

@@ -5,7 +5,6 @@
       <isRankActivated>true</isRankActivated>
       <includePattern>f,d,e,.*</includePattern>
       <excludePattern>a,c,d,.*</excludePattern>
-      <usePreviousBuildAsReference>true</usePreviousBuildAsReference>
       <healthy>80</healthy>
       <unHealthy>10</unHealthy>
       <thresholdLimit>high</thresholdLimit>
@@ -13,6 +12,7 @@
       <defaultEncoding/>
       <canRunOnFailed>true</canRunOnFailed>
       <useStableBuildAsReference>true</useStableBuildAsReference>
+      <usePreviousBuildAsReference>true</usePreviousBuildAsReference>
       <useDeltaValues>true</useDeltaValues>
       <thresholds>
         <unstableTotalAll>90</unstableTotalAll>