Pass parameters though to OSH tekton run

* Alter tekton pipeline/task for from source (haven't done brew builds
  yet)
* Propergate scan options (no validation) it be better to cast to the
  paramMapper and also have paramMapper give the re-parsed mockbuild
  command

k8s/stage/osh-client-tekton/pipline/osh-client-from-source-pipeline.yaml

@@ -15,6 +15,10 @@ spec:
     description: The revision or tag
     type: string
 
+  - name: mock-build-params
+    description: The parameters to pass to covscan mock-build
+    type: string
+
   - name: archive-name
     description: The name of the git archive file
     type: string
@@ -77,6 +81,8 @@ spec:
       params:
         - name: targz-file
           value: $(params.archive-name)
+        - name: mock-build-params
+          value: $(params.mock-build-params)
       runAfter:
         - archive
       taskRef:

k8s/stage/osh-client-tekton/task/osh-client-from-source.yaml

@@ -13,15 +13,10 @@ spec:
     default: "source.tar.gz"
     description: The filename of the tar.gz we'll be uploading to covscan
 
-  - name: scan-profile
+  - name: mock-build-params
     type: string
-    description: The scan profile we will use
+    description: Parameters pushed to mock build
-    default: "snyk-only-unstable"
+    default: "-p snyk-only-unstable --tarball-build-script=:"
-
-  - name: tarball-build-script
-    type: string
-    description: Parameters to be passed to tarball-build-script
-    default: ":"
 
   volumes:
     - name: osh-client-kerb-vol
@@ -72,7 +67,6 @@ spec:
 
       script: |
         #!/bin/bash
-        echo $(params.scan-profile)
+        echo $(params.mock-build-params)
-        echo $(params.tarball-build-script)
         echo $(params.targz-file)
-        covscan mock-build -p $(params.scan-profile) --tarball-build-script=$(params.tarball-build-script) /workspace/source-tars/$(params.targz-file)
+        covscan mock-build $(params.mock-build-params) /workspace/source-tars/$(params.targz-file)

src/main/java/com/redhat/pctsec/model/PNCBuild.java

@@ -20,8 +20,10 @@ public class PNCBuild extends BuildType{
 
 
     @Transient
+    @JsonIgnore
     public static final String apiUrl = ConfigProvider.getConfig().getValue("pnc.api-url",String.class);
     @Transient
+    @JsonIgnore
     private static final AltPncService pnc = QuarkusRestClientBuilder.newBuilder().baseUri(URI.create(apiUrl)).build(AltPncService.class);
 
 
@@ -30,6 +32,7 @@ public class PNCBuild extends BuildType{
     PncService pnc;
     */
 
+
     @Transient
     @JsonIgnore
     private Build build;
@@ -40,6 +43,8 @@ public class PNCBuild extends BuildType{
     public PNCBuild() {
         super();
     }
+    @Transient
+    @JsonIgnore
     public Build getBuild() {
         if(build == null)
             build = pnc.getBuild(this.buildRef);

src/main/java/com/redhat/pctsec/model/Scan.java

@@ -119,4 +119,13 @@ public class Scan {
     public void setScanRequests(ScanRequests scanRequests) {
         this.scanRequests = scanRequests;
     }
+
+    @JsonIgnore
+    @Transient
+    public void propergateOptions(){
+        //In future lets export this scan object as YAML
+        getScanRequests().propergateOptions();
+        String covscanArgs = " --email-to " + this.getEmail() + " --comment \"" + this.productName + "\"";
+        getScanRequests().scanRequests.forEach(sr -> sr.setScanProperties(sr.getScanProperties() + covscanArgs));
+    }
 }

src/main/java/com/redhat/pctsec/model/ScanRequest.java

@@ -22,7 +22,7 @@ public class ScanRequest {
     @GeneratedValue
     protected UUID id;
     private String metadata;
-    private String oshScanOptions;
+    //private String oshScanOptions;
 
     public EventBus getBus() {
         return bus;
@@ -58,13 +58,6 @@ public class ScanRequest {
     @JsonInclude(JsonInclude.Include.NON_NULL)
     public Git git;
 
-    public String getOshScanOptions() {
-        return oshScanOptions;
-    }
-
-    public void setOshScanOptions(String oshScanOptions) {
-        this.oshScanOptions = oshScanOptions;
-    }
 
     public String getScanProperties() {
         return scanProperties;
@@ -77,6 +70,7 @@ public class ScanRequest {
     @Column(name="scan_properties")
     public String scanProperties;
     public ScanRequest() {
+
     }
 
     public ScanRequest(BrewBuild brewBuild)

src/main/java/com/redhat/pctsec/model/ScanRequests.java

@@ -128,4 +128,12 @@ public class ScanRequests {
     public Set<ScanRequest> getScanRequests() {
         return this.scanRequests;
     }
+
+    @JsonIgnore
+    @Transient
+    public void propergateOptions(){
+        //In future lets export this scan object as YAML
+        //If its empy overwrite with the global options
+        getScanRequests().stream().filter(eso -> eso.getScanProperties() == null).forEach(sr -> sr.setScanProperties(getGlobalScanProperties()));
+    }
 }

src/main/java/com/redhat/pctsec/model/osh/paramMapper.java

@@ -32,6 +32,12 @@ public class paramMapper {
             "                                 of a local file")
     private String brewBuild;
 
+    @Option(names = {"--email-to"}, description = "Email address for email repots")
+    private String emailTo;
+
+    @Option(names = {"--comment"}, description = "Comments to add to scan request")
+    private String comment;
+
     public paramMapper(){}
 
     public paramMapper(String params){

src/main/java/com/redhat/pctsec/rest/v1alpha1/ScanResource.java

@@ -61,6 +61,7 @@ public class ScanResource {
     public List<ScanTask> createRunPSSAAS(@Valid pssaas scanRequest)
     {
         Scan s = this.createPSSAAS(scanRequest);
+        s.propergateOptions();
         return s.scanRequests.execute(bus);
     }
 
@@ -93,6 +94,7 @@ public class ScanResource {
     public List<ScanTask> createRunScanChain(@Valid scanChain scanRequest)
     {
         Scan s = this.createScanChain(scanRequest);
+        s.propergateOptions();
         return s.scanRequests.execute(bus);
     }
     @GET
@@ -118,6 +120,7 @@ public class ScanResource {
     public List<ScanTask> scanRequestExe(String id)
     {
         Scan s = sr.findById(UUID.fromString(id));
+        s.propergateOptions();
         return s.scanRequests.execute(bus);
     }
 

src/main/java/com/redhat/pctsec/tekton/TaskHandler.java

@@ -46,19 +46,19 @@ public class TaskHandler {
         switch(scanTask.getScanRequest().getType())
         {
         case BREW:
-            scanTask.setTektonRunId(invokeScanTask(scanTask.getScanRequest().brewBuild.buildRef));
+            scanTask.setTektonRunId(invokeScanTask(scanTask.getScanRequest().brewBuild.buildRef, ""));
             scanTask.setState(ScanTaskState.RUNNING);
             break;
 
         case PNC:
             String repo = scanTask.getScanRequest().pncBuild.SCMURL().toString();
             String ref = scanTask.getScanRequest().pncBuild.revision();
-            scanTask.setTektonRunId(invokeOshScmScanPipeline(repo, ref));
+            scanTask.setTektonRunId(invokeOshScmScanPipeline(repo, ref, scanTask.getScanRequest().getScanProperties()));
             scanTask.setState(ScanTaskState.RUNNING);
             break;
 
         case GIT:
-            scanTask.setTektonRunId(invokeOshScmScanPipeline(scanTask.getScanRequest().git.repo.toString(), scanTask.getScanRequest().git.ref));
+            scanTask.setTektonRunId(invokeOshScmScanPipeline(scanTask.getScanRequest().git.repo.toString(), scanTask.getScanRequest().git.ref, scanTask.getScanRequest().getScanProperties()));
             scanTask.setState(ScanTaskState.RUNNING);
             break;
         }
@@ -66,7 +66,7 @@ public class TaskHandler {
         return scanTask;
     }
 
-    public String invokeScanTask(String buildId) {
+    public String invokeScanTask(String buildId, String mockbuildArgs) {
         // String buildId = "xterm-366-8.el9";
         String scanProfile = "snyk-only-unstable";
 
@@ -89,7 +89,7 @@ public class TaskHandler {
         return taskRun.getMetadata().getName();
     }
 
-    public String invokeOshScmScanPipeline(String repo, String ref) {
+    public String invokeOshScmScanPipeline(String repo, String ref, String mockBuildArgs) {
 
         PodSecurityContext securityContext = new PodSecurityContextBuilder()
                 .withRunAsNonRoot(true)
@@ -126,6 +126,7 @@ public class TaskHandler {
                 .withNewPipelineRef().withName(PIPELINE_REFERENCE).endPipelineRef()
                 .addNewParam().withName("repo-url").withNewValue(repo).endParam()
                 .addNewParam().withName("revision").withNewValue(ref).endParam()
+                .addNewParam().withName("mock-build-params").withNewValue(mockBuildArgs).endParam()
                 .withWorkspaces(workspaceBindings)
                 .endSpec()
                 .build();