Project Sierra (#1)

* feat: SIGINT-2132 project sierra initial version

* feat: SIGINT-2132 detect varible fix

* feat: SIGINT-2132 handle info warn messages

* SIGINT-2132 refactor

* SIGINT-2132 refactor

* SIGINT-2132 update README.md

* fix: SIGINT-2132 address review comments

* fix: SIGINT-2132 update check-dist.yml

* fix: SIGINT-2132 update check-dist.yml

* fix: SIGINT-2132 update check-dist.yml

Author: lokeshbd

.blackduck-ci-templates.json

@@ -1,7 +1,7 @@
 {
   "modules": [
     {
-      "at": "./synopsys-task",
+      "at": "./blackduck-security-task",
       "templates": ["dependencies"]
     }
   ]

.github/workflows/check-coverage.yml

@@ -25,13 +25,13 @@ jobs:
           node-version: 20.x
 
       - name: Install dependencies
-        run: cd synopsys-task && npm ci
+        run: cd blackduck-security-task && npm ci
 
       - name: Unit Test Cases
         id: unit-test-cases
         shell: bash
         run: |
-          cd synopsys-task && npm run test
+          cd blackduck-security-task && npm run test
           coverageFile="coverage/index.html"
           
           ### fetching line coverage from coverage/index.html file

.github/workflows/check-dist.yml

@@ -25,20 +25,20 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Set Node.js 20.x
+      - name: Set Node.js 16.x
         uses: actions/setup-node@v4
         with:
-          node-version: 20.x
+          node-version: 16.x
 
       - name: Install dependencies
-        run: cd synopsys-task && npm ci
+        run: cd blackduck-security-task && npm ci
 
       - name: Rebuild the dist/ directory
-        run: cd synopsys-task && npm run build && npm run package
+        run: cd blackduck-security-task && npm run build && npm run package
 
       - name: Compare the expected and actual dist/ directories
         run: |
-          cd synopsys-task
+          cd blackduck-security-task
           if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
             echo "Detected uncommitted changes after build.  See status below:"
             git diff
@@ -51,4 +51,4 @@ jobs:
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist
-          path: synopsys-task/dist/
+          path: blackduck-security-task/dist/

.gitignore

@@ -1,16 +1,16 @@
 /.idea/
-/synopsys-task/node_modules/
-/synopsys-task/lib/
-/synopsys-task/TEMP
-/synopsys-task/.bridge/
-/synopsys-task/.taskkey
-/synopsys-task/coverity_input.json
-/synopsys-task/bd_input.json
-/synopsys-task/polaris_input.json
-/synopsys-task/srm_input.json
-/synopsys-task/.nyc_output/
-/synopsys-task/coverage//
+/blackduck-security-task/node_modules/
+/blackduck-security-task/lib/
+/blackduck-security-task/TEMP
+/blackduck-security-task/.bridge/
+/blackduck-security-task/.taskkey
+/blackduck-security-task/coverity_input.json
+/blackduck-security-task/bd_input.json
+/blackduck-security-task/polaris_input.json
+/blackduck-security-task/srm_input.json
+/blackduck-security-task/.nyc_output/
+/blackduck-security-task/coverage//
 .DS_Store
-*.synopsys-extension-*.vsix
-/synopsys-task/coverage/
-/synopsys-task/test/unit/synopsys-task/synopsys-bridge.zip
+*.blackduck-security-scan-*.vsix
+/blackduck-security-task/coverage/
+/blackduck-security-task/test/unit/blackduck-security-task/bridge-cli.zip

.gitlab-ci-template.yml

@@ -32,14 +32,14 @@
     paths:
       - .m2/
   script:
-    - cd synopsys-task
+    - cd blackduck-task
     - npm ci
     - npm run format && npm run lint && npm run build && npm run package
 
 .unit_test_and_coverage:
   image: gcr.io/snps-polaris-ops-prod/ember_cli:3.28.5-node_16.14
   script:
-    - cd synopsys-task
+    - cd blackduck-security-task
     - npm ci
     - npm test
   coverage: /All files[^|]*\|[^|]*\s+([\d\.]+)/

README.md

@@ -1,16 +1,16 @@
-# Synopsys Security Scan for Azure DevOps
+# Black Duck Security Scan for Azure DevOps
 
-Synopsys Security Scan Extension for Azure DevOps enables you to configure your Azure pipeline to run Synopsys security testing and take action on the results.
-Synopsys Security Scan leverages Synopsys Bridge, allowing you to run tests for several Synopsys products from the command line.
+Black Duck Security Scan Extension for Azure DevOps enables you to configure your Azure pipeline to run Black Duck security testing and take action on the results.
+Black Duck Security Scan leverages Bridge CLI, allowing you to run tests for several Black Duck products from the command line.
 
-To use Synopsys Security Scan, please follow the steps below:
+To use Black Duck Security Scan, please follow the steps below:
 
 1. Configure Azure DevOps as described in the [Azure Prerequisites](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_azure-prerequisites.html) page.
-2. Install and configure Synopsys Security Scan for the Synopsys product you are using. <br/>
+2. Install and configure Black Duck Security Scan for the Black Duck product you are using. <br/>
 [Polaris](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_azure-with-polaris.html) <br/>
 [Black Duck](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_azure-with-blackduck.html)  <br/>
 [Coverity](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_azure-with-coverity.html) <br/>
 3. For additional configuration options, visit the [Additional Azure Configuration](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_additional-azure-parameters.html) page.
 
-As an alternative to Synopsys Action, you also have the option to use Synopsys Bridge CLI. <br/>
-Detailed documentation for Synopsys Bridge CLI can be found [here](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_overview.html).
+As an alternative to Black Duck Security Scan, you also have the option to use Bridge CLI. <br/>
+Detailed documentation for Bridge CLI can be found [here](https://sig-product-docs.synopsys.com/bundle/bridge/page/documentation/c_overview.html).

synopsys-task/.eslintrc blackduck-security-task/.eslintrc

@@ -1,14 +1,14 @@
-{
-    "messages": {
-        "TOOL_LIB_CachingTool": "Caching tool: %s %s %s",
-        "_TOOL_LIB_CachingTool.comment": "This informational log message indicates that a tool, that was just downloaded, is being copied into the cache directory. %s %s %s represent the tool name, version information, and processor architecture.",
-        "TOOL_LIB_Downloading": "Downloading: %s",
-        "_TOOL_LIB_Downloading.comment": "This information log message indicates that a file is being downloaded. %s represents the URL being downloaded.",
-        "TOOL_LIB_ExtractingArchive": "Extracting archive",
-        "_TOOL_LIB_ExtractingArchive.comment": "This informational log message indicates that an archive file is being extracted. For example, a .zip file, .7z file, or .tar.gz file.",
-        "TOOL_LIB_FoundInCache": "Found tool in cache: %s %s %s",
-        "_TOOL_LIB_FoundInCache.comment": "This informational log message indicates that the request tool is already cached, and does not need to be downloaded again. %s %s %s represent the tool name, version information, and processor architecture.",
-        "TOOL_LIB_PrependPath": "Prepending PATH environment variable with directory: %s",
-        "_TOOL_LIB_PrependPath.comment": "This informational log message indicates that a directory is being prepended to the front of the PATH environment variable. The directories specified by the PATH environment variable are used to resolve the location of command line tools."
-    }
+{
+    "messages": {
+        "TOOL_LIB_CachingTool": "Caching tool: %s %s %s",
+        "_TOOL_LIB_CachingTool.comment": "This informational log message indicates that a tool, that was just downloaded, is being copied into the cache directory. %s %s %s represent the tool name, version information, and processor architecture.",
+        "TOOL_LIB_Downloading": "Downloading: %s",
+        "_TOOL_LIB_Downloading.comment": "This information log message indicates that a file is being downloaded. %s represents the URL being downloaded.",
+        "TOOL_LIB_ExtractingArchive": "Extracting archive",
+        "_TOOL_LIB_ExtractingArchive.comment": "This informational log message indicates that an archive file is being extracted. For example, a .zip file, .7z file, or .tar.gz file.",
+        "TOOL_LIB_FoundInCache": "Found tool in cache: %s %s %s",
+        "_TOOL_LIB_FoundInCache.comment": "This informational log message indicates that the request tool is already cached, and does not need to be downloaded again. %s %s %s represent the tool name, version information, and processor architecture.",
+        "TOOL_LIB_PrependPath": "Prepending PATH environment variable with directory: %s",
+        "_TOOL_LIB_PrependPath.comment": "This informational log message indicates that a directory is being prepended to the front of the PATH environment variable. The directories specified by the PATH environment variable are used to resolve the location of command line tools."
+    }
 }

synopsys-task/dist/exec-child.js blackduck-security-task/dist/exec-child.js

@@ -1,5 +1,5 @@
 {
-  "name": "synopsys-task",
+  "name": "blackduck-security-scan",
   "version": "1.10.0",
   "main": "lib/main.js",
   "scripts": {