use of com.checkmarx.flow.custom.IssueTracker in project cx-flow by checkmarx-ltd.
the class IssueService method process.
public void process(ScanResults results, ScanRequest request) throws MachinaException {
Map<String, ScanResults.XIssue> xMap;
Map<String, Issue> iMap;
List<String> newIssues = new ArrayList<>();
List<String> updatedIssues = new ArrayList<>();
List<String> closedIssues = new ArrayList<>();
BugTracker bugTracker = request.getBugTracker();
String customBean = bugTracker.getCustomBean();
if (!bugTracker.getType().equals(BugTracker.Type.CUSTOM) && !ScanUtils.empty(customBean)) {
throw new MachinaException("A valid custom bean must be used here.");
}
try {
IssueTracker tracker = (IssueTracker) context.getBean(customBean);
tracker.init(request, results);
String fpLabel = tracker.getFalsePositiveLabel();
codeBashingService.createLessonsMap();
log.info("Processing Issues with custom bean {}", customBean);
List<Issue> issues = tracker.getIssues(request);
if (issues == null) {
issues = Collections.emptyList();
}
xMap = this.getXIssueMap(tracker, results, request);
iMap = this.getIssueMap(tracker, issues, request);
for (Map.Entry<String, ScanResults.XIssue> xIssue : xMap.entrySet()) {
try {
String fileUrl;
ScanResults.XIssue currentIssue = xIssue.getValue();
codeBashingService.addCodebashingUrlToIssue(currentIssue);
/*Issue already exists -> update and comment*/
if (iMap.containsKey(xIssue.getKey())) {
Issue i = iMap.get(xIssue.getKey());
if (xIssue.getValue().isAllFalsePositive()) {
// All issues are false positive, so issue should be closed
Issue fpIssue;
log.debug("All issues are false positives");
if (properties.isListFalsePositives()) {
// Update the ticket if flag is set
log.debug("Issue is being updated to reflect false positive references. Updating issue with key {}", xIssue.getKey());
tracker.updateIssue(i, currentIssue, request);
}
if (tracker.isIssueOpened(i, request)) {
/*Close the issue if in an open state*/
log.info("Closing issue with key {}", i.getId());
tracker.closeIssue(i, request);
closedIssues.add(i.getId());
}
} else if (!i.getLabels().contains(fpLabel)) {
/*Ignore any with label indicating false positive*/
log.info("Issue still exists. Updating issue with key {}", xIssue.getKey());
fileUrl = ScanUtils.getFileUrl(request, currentIssue.getFilename());
currentIssue.setGitUrl(fileUrl);
Issue updatedIssue = tracker.updateIssue(i, currentIssue, request);
if (updatedIssue != null) {
updatedIssues.add(updatedIssue.getId());
log.debug("Update completed for issue #{}", updatedIssue.getId());
}
} else {
log.info("Skipping issue marked as false positive with key {}", xIssue.getKey());
}
} else {
/*Create the new issue*/
if (!xIssue.getValue().isAllFalsePositive()) {
fileUrl = ScanUtils.getFileUrl(request, currentIssue.getFilename());
xIssue.getValue().setGitUrl(fileUrl);
log.info("Creating new issue with key {}", xIssue.getKey());
Issue newIssue = tracker.createIssue(xIssue.getValue(), request);
if (newIssue != null) {
newIssues.add(newIssue.getId());
log.info("New issue created. #{}", newIssue.getId());
}
}
}
} catch (HttpClientErrorException e) {
log.error("Error occurred while processing issue with key {}", xIssue.getKey(), e);
}
}
/*Check if an issue exists in GitLab but not within results and close if not*/
for (Map.Entry<String, Issue> issueMap : iMap.entrySet()) {
String key = issueMap.getKey();
Issue issue = issueMap.getValue();
try {
if (!xMap.containsKey(key) && tracker.isIssueOpened(issue, request)) {
/*Close the issue*/
tracker.closeIssue(issue, request);
closedIssues.add(issue.getId());
log.info("Closing issue #{} with key {}", issue.getId(), key);
}
} catch (HttpClientErrorException e) {
log.error("Error occurred while processing issue with key {}", key, e);
}
}
Map<String, List<String>> issuesMap = new HashMap<>();
issuesMap.put("new", newIssues);
issuesMap.put("updated", updatedIssues);
issuesMap.put("closed", closedIssues);
tracker.complete(request, results);
} catch (BeansException e) {
log.error("Specified bug tracker bean was not found or properly loaded.", e);
throw new MachinaRuntimeException();
} catch (ClassCastException e) {
log.error("Bean must implement the IssueTracker Interface", e);
throw new MachinaRuntimeException();
}
}
use of com.checkmarx.flow.custom.IssueTracker in project cx-flow by checkmarx-ltd.
the class IastService method createIssue.
private void createIssue(ScanVulnerabilities scanVulnerabilities, ScanRequest request, ResultInfo scansResultQuery, VulnerabilityInfo vulnerability, Scan scan) {
try {
Issue issue;
IssueTracker issueTracker;
boolean htmlDescription = false;
switch(request.getBugTracker().getType()) {
case JIRA:
String jiraIssue = postIssueToJira(scanVulnerabilities, request, scansResultQuery, vulnerability, scan);
if (jiraService.getJiraProperties() != null) {
log.info("Create jira issue: " + jiraService.getJiraProperties().getUrl() + "/browse/" + jiraIssue);
}
// jiraService is not an instance of IssueTracker, because of that the "return" here is a shortcut to stop the execution
return;
case GITHUBCOMMIT:
issueTracker = gitHubIssueTracker;
break;
case GITLABCOMMIT:
issueTracker = gitLabIssueTracker;
break;
case adopull:
case ADOPULL:
issueTracker = azureIssueTracker;
htmlDescription = true;
request.putAdditionalMetadata(Constants.ADO_ISSUE_BODY_KEY, "Description");
request.putAdditionalMetadata(Constants.ADO_ISSUE_KEY, adoProperties.getIssueType());
break;
default:
throw new NotImplementedException(request.getBugTracker().getType().getType() + ". That bug tracker not implemented.");
}
issue = postIssueToTracker(scanVulnerabilities, request, scansResultQuery, vulnerability, scan, issueTracker, htmlDescription);
log.info("Create {} issue: {}", request.getBugTracker().getType().getType(), issue.getUrl());
} catch (MachinaException e) {
log.error("Problem with creating issue.", e);
} catch (RuntimeException e) {
throw new IastBugTrackerClientException("Can't create issue", e);
}
}
use of com.checkmarx.flow.custom.IssueTracker in project cx-flow by checkmarx-ltd.
the class IastCliSteps method checkHowManyCreateIssue.
@SneakyThrows
@Then("check how many create issue {} {}")
public void checkHowManyCreateIssue(String createIssue, String bugTracker) {
int createdIssues = Integer.parseInt(removeQuotes(createIssue));
IssueTracker issueTracker = null;
switch(bugTracker) {
case "jira":
verify(jiraService, times(createdIssues)).createIssue(any(), any());
return;
case "github":
issueTracker = gitHubIssueTracker;
break;
case "gitlab":
issueTracker = gitLabIssueTracker;
break;
case "ado":
issueTracker = adoIssueTracker;
break;
}
if (issueTracker != null) {
verify(issueTracker, times(createdIssues)).createIssue(any(), any());
}
}
Aggregations