Examples with Issue com.checkmarx.flow.dto.Issue used on opensource projects

Example 1 with Issue

use of com.checkmarx.flow.dto.Issue in project cx-flow by checkmarx-ltd.

the class IssueService method process.

public void process(ScanResults results, ScanRequest request) throws MachinaException {
    Map<String, ScanResults.XIssue> xMap;
    Map<String, Issue> iMap;
    List<String> newIssues = new ArrayList<>();
    List<String> updatedIssues = new ArrayList<>();
    List<String> closedIssues = new ArrayList<>();
    BugTracker bugTracker = request.getBugTracker();
    String customBean = bugTracker.getCustomBean();
    if (!bugTracker.getType().equals(BugTracker.Type.CUSTOM) && !ScanUtils.empty(customBean)) {
        throw new MachinaException("A valid custom bean must be used here.");
    }
    try {
        IssueTracker tracker = (IssueTracker) context.getBean(customBean);
        tracker.init(request, results);
        String fpLabel = tracker.getFalsePositiveLabel();
        codeBashingService.createLessonsMap();
        log.info("Processing Issues with custom bean {}", customBean);
        List<Issue> issues = tracker.getIssues(request);
        if (issues == null) {
            issues = Collections.emptyList();
        }
        xMap = this.getXIssueMap(tracker, results, request);
        iMap = this.getIssueMap(tracker, issues, request);
        for (Map.Entry<String, ScanResults.XIssue> xIssue : xMap.entrySet()) {
            try {
                String fileUrl;
                ScanResults.XIssue currentIssue = xIssue.getValue();
                codeBashingService.addCodebashingUrlToIssue(currentIssue);
                /*Issue already exists -> update and comment*/
                if (iMap.containsKey(xIssue.getKey())) {
                    Issue i = iMap.get(xIssue.getKey());
                    if (xIssue.getValue().isAllFalsePositive()) {
                        // All issues are false positive, so issue should be closed
                        Issue fpIssue;
                        log.debug("All issues are false positives");
                        if (properties.isListFalsePositives()) {
                            // Update the ticket if flag is set
                            log.debug("Issue is being updated to reflect false positive references.  Updating issue with key {}", xIssue.getKey());
                            tracker.updateIssue(i, currentIssue, request);
                        }
                        if (tracker.isIssueOpened(i, request)) {
                            /*Close the issue if in an open state*/
                            log.info("Closing issue with key {}", i.getId());
                            tracker.closeIssue(i, request);
                            closedIssues.add(i.getId());
                        }
                    } else if (!i.getLabels().contains(fpLabel)) {
                        /*Ignore any with label indicating false positive*/
                        log.info("Issue still exists.  Updating issue with key {}", xIssue.getKey());
                        fileUrl = ScanUtils.getFileUrl(request, currentIssue.getFilename());
                        currentIssue.setGitUrl(fileUrl);
                        Issue updatedIssue = tracker.updateIssue(i, currentIssue, request);
                        if (updatedIssue != null) {
                            updatedIssues.add(updatedIssue.getId());
                            log.debug("Update completed for issue #{}", updatedIssue.getId());
                        }
                    } else {
                        log.info("Skipping issue marked as false positive with key {}", xIssue.getKey());
                    }
                } else {
                    /*Create the new issue*/
                    if (!xIssue.getValue().isAllFalsePositive()) {
                        fileUrl = ScanUtils.getFileUrl(request, currentIssue.getFilename());
                        xIssue.getValue().setGitUrl(fileUrl);
                        log.info("Creating new issue with key {}", xIssue.getKey());
                        Issue newIssue = tracker.createIssue(xIssue.getValue(), request);
                        if (newIssue != null) {
                            newIssues.add(newIssue.getId());
                            log.info("New issue created. #{}", newIssue.getId());
                        }
                    }
                }
            } catch (HttpClientErrorException e) {
                log.error("Error occurred while processing issue with key {}", xIssue.getKey(), e);
            }
        }
        /*Check if an issue exists in GitLab but not within results and close if not*/
        for (Map.Entry<String, Issue> issueMap : iMap.entrySet()) {
            String key = issueMap.getKey();
            Issue issue = issueMap.getValue();
            try {
                if (!xMap.containsKey(key) && tracker.isIssueOpened(issue, request)) {
                    /*Close the issue*/
                    tracker.closeIssue(issue, request);
                    closedIssues.add(issue.getId());
                    log.info("Closing issue #{} with key {}", issue.getId(), key);
                }
            } catch (HttpClientErrorException e) {
                log.error("Error occurred while processing issue with key {}", key, e);
            }
        }
        Map<String, List<String>> issuesMap = new HashMap<>();
        issuesMap.put("new", newIssues);
        issuesMap.put("updated", updatedIssues);
        issuesMap.put("closed", closedIssues);
        tracker.complete(request, results);
    } catch (BeansException e) {
        log.error("Specified bug tracker bean was not found or properly loaded.", e);
        throw new MachinaRuntimeException();
    } catch (ClassCastException e) {
        log.error("Bean must implement the IssueTracker Interface", e);
        throw new MachinaRuntimeException();
    }
}

Example 2 with Issue

use of com.checkmarx.flow.dto.Issue in project cx-flow by checkmarx-ltd.

the class ADOIssueTracker method getIssues.

/**
 * Get all issues for a Azure repository
 *
 * @return List of Azure Issues
 * @ full name (owner/repo format)
 */
@Override
public List<Issue> getIssues(ScanRequest request) throws MachinaException {
    log.info("Executing getIssues Azure API call");
    List<Issue> issues = new ArrayList<>();
    String projectName = calculateProjectName(request);
    URI endpoint = getSearchEndpoint(projectName, request);
    String issueBody = request.getAdditionalMetadata(Constants.ADO_ISSUE_BODY_KEY);
    String wiq;
    // if there are project and namespace in properties on the ado section, they will be used for the URL
    if (!StringUtils.isEmpty(properties.getProjectName())) {
        if (!StringUtils.isEmpty(properties.getNamespace())) {
            wiq = String.format(WIQ_PROJECT_NAME_AND_NAMESPACE, getNamespaceTag(properties.getNamespace()));
        } else {
            wiq = String.format(WIQ_PROJECT_NAME_AND_NAMESPACE, getNamespaceTag(request.getNamespace()));
        }
    } else /*Namespace/Repo/Branch provided*/
    if (!flowProperties.isTrackApplicationOnly() && !ScanUtils.empty(request.getNamespace()) && !ScanUtils.empty(request.getRepoName()) && !ScanUtils.empty(request.getBranch())) {
        wiq = String.format(WIQ_REPO_BRANCH, request.getProduct().getProduct(), properties.getOwnerTagPrefix(), request.getNamespace(), properties.getRepoTagPrefix(), request.getRepoName(), properties.getBranchLabelPrefix(), request.getBranch());
    } else /*Only application provided*/
    if (!ScanUtils.empty(request.getApplication())) {
        wiq = String.format(WIQ_APP, request.getProduct().getProduct(), properties.getAppTagPrefix(), request.getApplication());
    } else {
        log.error("Application must be set at minimum");
        throw new MachinaException("Application must be set at minimum");
    }
    log.debug(wiq);
    JSONObject wiqJson = new JSONObject();
    wiqJson.put("query", wiq);
    HttpEntity<String> httpEntity = new HttpEntity<>(wiqJson.toString(), ADOUtils.createAuthHeaders(scmConfigOverrider.determineConfigToken(properties, request.getScmInstance())));
    ResponseEntity<String> response = restTemplate.exchange(endpoint, HttpMethod.POST, httpEntity, String.class);
    if (response.getBody() == null)
        return issues;
    JSONObject json = new JSONObject(response.getBody());
    JSONArray workItems = json.getJSONArray("workItems");
    if (workItems.length() < 1)
        return issues;
    for (int i = 0; i < workItems.length(); i++) {
        JSONObject workItem = workItems.getJSONObject(i);
        String workItemUri = workItem.getString("url");
        Issue wi = getIssue(workItemUri, issueBody, request);
        if (wi != null) {
            issues.add(wi);
        }
    }
    return issues;
}

Example 3 with Issue

use of com.checkmarx.flow.dto.Issue in project cx-flow by checkmarx-ltd.

the class ServiceNowTracker method getIssues.

/**
 * Get Incidents/Issues from Service Now.
 * @param request
 * @return issues collection of data.
 * @throws MachinaException
 */
@Override
public List<Issue> getIssues(ScanRequest request) throws MachinaException {
    log.debug("Executing getIssues Service Now API call");
    try {
        String apiRequest = createServiceNowRequest(request);
        URI apiRequestUri = URI.create(apiRequest);
        Optional<Result> res = Optional.ofNullable(restOperations.getForObject(apiRequestUri, Result.class));
        if (res.isPresent()) {
            List results = res.get().getIncidents().stream().map(i -> mapToIssue(i)).collect(Collectors.toList());
            log.debug("Found {} issues in ServiceNow for this project.", results != null ? results.size() : 0);
            return results;
        }
    } catch (RestClientException e) {
        log.error("Error occurred while fetching ServiceNow Issues");
        log.error(ExceptionUtils.getStackTrace(e));
        throw new MachinaRuntimeException();
    }
    return Lists.newArrayList();
}

Example 4 with Issue

use of com.checkmarx.flow.dto.Issue in project cx-flow by checkmarx-ltd.

the class GitLabIssueTracker method createIssue.

@Override
public Issue createIssue(ScanResults.XIssue resultIssue, ScanRequest request) throws MachinaException {
    log.debug("Executing createIssue GitLab API call");
    String endpoint = scmConfigOverrider.determineConfigApiUrl(properties, request).concat(NEW_ISSUE_PATH);
    ResponseEntity<com.checkmarx.flow.dto.gitlab.Issue> response;
    try {
        HttpEntity<String> httpEntity = new HttpEntity<>(getJSONCreateIssue(resultIssue, request).toString(), createAuthHeaders(request));
        response = restTemplate.exchange(endpoint, HttpMethod.POST, httpEntity, com.checkmarx.flow.dto.gitlab.Issue.class, request.getRepoProjectId());
    } catch (HttpClientErrorException e) {
        log.error("Error occurred while creating GitLab Issue", e);
        if (e.getStatusCode().equals(HttpStatus.GONE)) {
            throw new MachinaException("Issues are not enabled for this repository");
        } else {
            throw new MachinaException("Error occurred while creating GitLab Issue");
        }
    }
    return mapToIssue(response.getBody());
}

Example 5 with Issue

use of com.checkmarx.flow.dto.Issue in project cx-flow by checkmarx-ltd.

the class RallyIssueTracker method getIssues.

/**
 * Get all issues for a Rally repository
 *
 * @return List of Rally Issues
 * @ full name (owner/repo format)
 */
@Override
public List<Issue> getIssues(ScanRequest request) {
    log.info("Executing getIssues Rally API call");
    List<Issue> issues = new ArrayList<>();
    HttpEntity httpEntity = new HttpEntity(createAuthHeaders());
    try {
        int pageIndex = 0;
        QueryResult rallyQuery;
        ResponseEntity<QueryResult> response;
        // 
        // / Read the first list of defects from Rally, it will contain the totalResultCount we can use
        // / to figure out how many more pages of data needs to be pulled.
        // 
        String query = createRallyTagQuery(request);
        response = restTemplate.exchange(properties.getApiUrl().concat(GET_ISSUES), HttpMethod.GET, httpEntity, QueryResult.class, query, pageIndex, ISSUES_PER_PAGE);
        rallyQuery = response.getBody();
        // 
        // / Now decode the CxFlow defects and continue reading lists of defects until we've found the
        // totalResultCount
        // 
        long totalResultCount = getTotalResultCount(rallyQuery);
        int resultsFound = 0;
        while (resultsFound < totalResultCount) {
            resultsFound += rallyQuery.getQueryResult().getPageSize();
            // Create CxFlow issues from Rally issues
            for (Result issue : rallyQuery.getQueryResult().getResults()) {
                Issue i = mapToIssue(issue);
                issues.add(i);
            }
            // If there are more issues on the server, fetch them
            if (resultsFound < rallyQuery.getQueryResult().getTotalResultCount()) {
                pageIndex++;
                response = restTemplate.exchange(properties.getApiUrl().concat(GET_ISSUES), HttpMethod.GET, httpEntity, QueryResult.class, query, pageIndex, ISSUES_PER_PAGE);
                rallyQuery = response.getBody();
            }
        }
        return issues;
    } catch (RestClientException e) {
        return new ArrayList<>();
    }
}