- Removed the checkUrl from TokenCredentials jelly form and updated the pom file.

Author: Susenthiran28

pom.xml

@@ -61,7 +61,7 @@
             <dependency>
                 <groupId>io.jenkins.tools.bom</groupId>
                 <artifactId>bom-${jenkins.baseline}.x</artifactId>
-                <version>5750.vec44cb_c78352</version>
+                <version>5774.v5c6d72f56a_61</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -76,6 +76,11 @@
             <artifactId>credentials</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.jenkins-ci.plugins</groupId>
+            <artifactId>plain-credentials</artifactId>
+        </dependency>
+
         <!-- Pipeline Step API -->
         <dependency>
             <groupId>org.jenkins-ci.plugins.workflow</groupId>

src/main/java/io/jenkins/plugins/vigilnz/build/SecurityCheckBuilder.java

@@ -1,6 +1,8 @@
 package io.jenkins.plugins.vigilnz.build;
 
 import com.cloudbees.plugins.credentials.CredentialsProvider;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import hudson.EnvVars;
 import hudson.Extension;
 import hudson.Launcher;
@@ -12,8 +14,6 @@
 import hudson.tasks.Builder;
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import io.jenkins.cli.shaded.org.apache.commons.lang.StringUtils;
 import io.jenkins.plugins.vigilnz.api.ApiService;
 import io.jenkins.plugins.vigilnz.credentials.TokenCredentials;
@@ -142,9 +142,14 @@ public boolean perform(AbstractBuild build, Launcher launcher, BuildListener lis
         String result = "";
 
         try {
+
             result = ApiService.triggerScan(tokenText, targetFile, scanTypes, env, listener);
             // Attach results to build
-            build.addAction(new ScanResultAction(result));
+            if (result != null && !result.isEmpty()) {
+                build.addAction(new ScanResultAction(result));
+            } else {
+                listener.getLogger().println("API call failed, no action added.");
+            }
         } catch (Exception e) {
             listener.error("Scan failed");
             attachResult(build, buildErrorResponse("Scan failed: " + e.getMessage()));
@@ -155,6 +160,24 @@ public boolean perform(AbstractBuild build, Launcher launcher, BuildListener lis
         return true;
     }
 
+    private void attachResult(AbstractBuild build, String json) {
+        try {
+            build.addAction(new ScanResultAction(json));
+        } catch (Exception ignored) {
+            // Swallow to avoid masking original error
+        }
+    }
+
+    private String buildErrorResponse(String message) {
+        ApiResponse resp = new ApiResponse();
+        resp.setMessage(message);
+        try {
+            return new ObjectMapper().writeValueAsString(resp);
+        } catch (JsonProcessingException e) {
+            return "{\"message\":\"" + message.replace("\"", "\\\"") + "\"}";
+        }
+    }
+
     @Extension
     public static class DescriptorImpl extends BuildStepDescriptor<Builder> {
 
@@ -228,22 +251,4 @@ public FormValidation doCheckScanType(@AncestorInPath Item project, @QueryParame
         }
 
     }
-
-    private void attachResult(AbstractBuild build, String json) {
-        try {
-            build.addAction(new ScanResultAction(json));
-        } catch (Exception ignored) {
-            // Swallow to avoid masking original error
-        }
-    }
-
-    private String buildErrorResponse(String message) {
-        ApiResponse resp = new ApiResponse();
-        resp.setMessage(message);
-        try {
-            return new ObjectMapper().writeValueAsString(resp);
-        } catch (JsonProcessingException e) {
-            return "{\"message\":\"" + message.replace("\"", "\\\"") + "\"}";
-        }
-    }
 }

src/main/java/io/jenkins/plugins/vigilnz/credentials/TokenCredentials.java

@@ -3,18 +3,20 @@
 import com.cloudbees.plugins.credentials.CredentialsDescriptor;
 import com.cloudbees.plugins.credentials.CredentialsScope;
 import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials;
+import edu.umd.cs.findbugs.annotations.NonNull;
 import hudson.Extension;
 import hudson.model.Item;
 import hudson.util.FormValidation;
 import hudson.util.Secret;
 import jenkins.model.Jenkins;
 import org.jenkinsci.Symbol;
+import org.jenkinsci.plugins.plaincredentials.StringCredentials;
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.verb.POST;
 
-public class TokenCredentials extends BaseStandardCredentials {
+public class TokenCredentials extends BaseStandardCredentials implements StringCredentials {
 
     private final Secret token;
 
@@ -40,6 +42,12 @@ public Secret getToken() {
         return token;
     }
 
+    @NonNull
+    @Override
+    public Secret getSecret() {
+        return token;
+    }
+
 
     // Descriptor for Jenkins UI
     @Symbol("vigilnzToken")

src/main/java/io/jenkins/plugins/vigilnz/pipeline/PipelineStep.java

@@ -10,6 +10,7 @@
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.DataBoundSetter;
 
+import java.util.Arrays;
 import java.util.List;
 import java.util.Set;
 
@@ -22,9 +23,15 @@ public class PipelineStep extends Step {
     private String targetFile;  // Optional parameter
 
     @DataBoundConstructor
-    public PipelineStep(String credentialsId, List<String> scanTypes) {
+    public PipelineStep(String credentialsId, String scanTypes) {
         this.credentialsId = credentialsId;
-        this.scanTypes = scanTypes != null ? scanTypes : List.of();
+
+        // Split comma-separated string into a list
+        if (scanTypes != null && !scanTypes.trim().isEmpty()) {
+            this.scanTypes = Arrays.asList(scanTypes.split("\\s*,\\s*"));
+        } else {
+            this.scanTypes = List.of();
+        }
     }
 
     public String getCredentialsId() {

src/main/java/io/jenkins/plugins/vigilnz/pipeline/PipelineStepExecution.java

@@ -1,13 +1,13 @@
 package io.jenkins.plugins.vigilnz.pipeline;
 
 import com.cloudbees.plugins.credentials.CredentialsProvider;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import hudson.AbortException;
 import hudson.EnvVars;
 import hudson.FilePath;
 import hudson.model.Run;
 import hudson.model.TaskListener;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import io.jenkins.plugins.vigilnz.api.ApiService;
 import io.jenkins.plugins.vigilnz.credentials.TokenCredentials;
 import io.jenkins.plugins.vigilnz.models.ApiResponse;
@@ -126,7 +126,11 @@ public boolean start() throws Exception {
             String result;
             try {
                 result = ApiService.triggerScan(token, step.getTargetFile(), scanTypes, env, listener);
-                run.addAction(new ScanResultAction(result));
+                if (result != null && !result.isEmpty()) {
+                    run.addAction(new ScanResultAction(result));
+                } else {
+                    listener.getLogger().println("API call failed, no action added.");
+                }
             } catch (Exception e) {
                 listener.error("Scan failed");
                 attachResult(run, buildErrorResponse("Scan failed: " + e.getMessage()));

…redentials/TokenCredentials/config.jelly …tials/TokenCredentials/credentials.jellysrc/main/resources/io/jenkins/plugins/vigilnz/credentials/TokenCredentials/config.jelly renamed to src/main/resources/io/jenkins/plugins/vigilnz/credentials/TokenCredentials/credentials.jelly src/main/resources/io/jenkins/plugins/vigilnz/credentials/TokenCredentials/config.jelly renamed to src/main/resources/io/jenkins/plugins/vigilnz/credentials/TokenCredentials/credentials.jelly

@@ -1,18 +1,9 @@
 <?jelly escape-by-default='true'?>
-<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:st="jelly:stapler">
 
     <f:entry title="Token" field="token">
-        <f:password checkUrl="${descriptor.checkToken}" clazz="passwordClass"/>
-        <script>
-            console.log("The script is calling")
-            const element = document.querySelector(".passwordClass");
-            element.addEventListener("blur", myFunction);
-            function myFunction() {
-                // Manually trigger the onchange event
-                const event = new Event("change", { bubbles: true });
-                element.dispatchEvent(event);
-            }
-        </script>
+        <f:password clazz="passwordClass"/>
+        <st:adjunct includes="js/token.js"/>
     </f:entry>
 
     <f:entry field="id" title="ID">

src/main/resources/io/jenkins/plugins/vigilnz/pipeline/PipelineStep/help.html

@@ -0,0 +1,14 @@
+<div>
+    <p>
+        This step runs a Vigilnz security scan.
+    </p>
+    <p>
+        Example usage:
+    </p>
+    <pre>
+        vigilnzSecurityScan scanTypes: 'cve,sbom,sast'
+    </pre>
+    <p>
+        <b>scanTypes:</b> Comma-separated list of scan types to run.
+    </p>
+</div>

src/main/webapp/js/token.js

@@ -0,0 +1,13 @@
+document.addEventListener("DOMContentLoaded", () => {
+    console.log("The script is calling.")
+    setTimeout(()=>{
+        console.log("CHECKING Its coming or not 222 ")
+    },1000)
+    const element = document.querySelector(".passwordClass");
+    if (element) {
+        element.addEventListener("blur", () => {
+            const event = new Event("change", { bubbles: true });
+            element.dispatchEvent(event);
+        });
+    }
+});