use of com.checkmarx.flow.dto.ScanRequest in project cx-flow by checkmarx-ltd.
the class ScanUtilsTest method testCxConfigFlowOverride.
@Test
public void testCxConfigFlowOverride() {
ScanRequest request = ScanRequest.builder().application("abc").product(ScanRequest.Product.CX).project("test").team("\\CxServer\\SP\\Checkmarx").namespace("Custodela").repoName("Riches").repoUrl("https://github.com/Custodela/Riches.git").repoType(ScanRequest.Repository.GITHUB).branch("master").refs(Constants.CX_BRANCH_PREFIX.concat("master")).email(null).incremental(true).scanPreset(Constants.CX_DEFAULT_PRESET).build();
File file = new File(getClass().getClassLoader().getResource("CxConfig-flow.json").getFile());
CxConfig cxConfig = ScanUtils.getConfigAsCode(file);
assertNotNull(cxConfig);
configOverrider.overrideScanRequestProperties(cxConfig, request);
assertEquals("/a/b/c", request.getTeam());
assertEquals("XYZ-Riches-master", request.getProject());
assertEquals("test app", request.getApplication());
assertEquals(2, request.getActiveBranches().size());
assertNotNull(request.getFilter());
assertNotNull(request.getFilter().getSastFilters().getSimpleFilters());
assertFalse(request.getFilter().getSastFilters().getSimpleFilters().isEmpty());
}
use of com.checkmarx.flow.dto.ScanRequest in project cx-flow by checkmarx-ltd.
the class BitbucketCloudController method pushRequest.
/**
* Receive Push event submitted from Bitbucket
*/
@PostMapping(value = { "/{product}", "/" }, headers = PUSH)
public ResponseEntity<EventResponse> pushRequest(@RequestBody PushEvent body, @PathVariable(value = "product", required = false) String product, ControllerRequest controllerRequest, @RequestParam(value = "token") String token) {
log.debug("Push Request body contents are {}", body.toString());
String uid = helperService.getShortUid();
MDC.put(FlowConstants.MAIN_MDC_ENTRY, uid);
validateBitBucketRequest(token);
controllerRequest = ensureNotNull(controllerRequest);
try {
Repository repository = body.getRepository();
String app = repository.getName();
if (!ScanUtils.empty(controllerRequest.getApplication())) {
app = controllerRequest.getApplication();
}
// set the default bug tracker as per yml
setBugTracker(flowProperties, controllerRequest);
BugTracker.Type bugType = ScanUtils.getBugTypeEnum(controllerRequest.getBug(), flowProperties.getBugTrackerImpl());
if (controllerRequest.getAppOnly() != null) {
flowProperties.setTrackApplicationOnly(controllerRequest.getAppOnly());
}
if (ScanUtils.empty(product)) {
product = ScanRequest.Product.CX.getProduct();
}
ScanRequest.Product p = ScanRequest.Product.valueOf(product.toUpperCase(Locale.ROOT));
List<Change> changeList = body.getPush().getChanges();
String currentBranch = null;
if (changeList != null) {
currentBranch = changeList.get(0).getNew().getName();
}
List<String> branches = getBranches(controllerRequest, flowProperties);
String hash = null;
if (changeList != null) {
hash = changeList.get(0).getNew().getTarget().getHash();
}
BugTracker bt = ScanUtils.getBugTracker(controllerRequest.getAssignee(), bugType, jiraProperties, controllerRequest.getBug());
FilterConfiguration filter = filterFactory.getFilter(controllerRequest, flowProperties);
/*Determine emails*/
List<String> emails = new ArrayList<>();
if (changeList != null) {
for (Change ch : changeList) {
for (Commit c : ch.getCommits()) {
String author = c.getAuthor().getRaw();
if (!ScanUtils.empty(author)) {
emails.add(author);
}
}
}
}
String gitUrl = repository.getLinks().getHtml().getHref().concat(".git");
String configToken = scmConfigOverrider.determineConfigToken(properties, controllerRequest.getScmInstance());
String gitAuthUrl = gitAuthUrlGenerator.addCredToUrl(ScanRequest.Repository.BITBUCKET, gitUrl, configToken);
ScanRequest request = ScanRequest.builder().application(app).product(p).project(controllerRequest.getProject()).team(controllerRequest.getTeam()).namespace(getProjectNamespace(repository)).repoName(repository.getName()).repoUrl(gitUrl).repoUrlWithAuth(gitAuthUrl).repoType(ScanRequest.Repository.BITBUCKET).branch(currentBranch).refs(Constants.CX_BRANCH_PREFIX.concat(currentBranch)).email(emails).scanPreset(controllerRequest.getPreset()).incremental(controllerRequest.getIncremental()).excludeFolders(controllerRequest.getExcludeFolders()).excludeFiles(controllerRequest.getExcludeFiles()).bugTracker(bt).filter(filter).hash(hash).organizationId(getOrganizationid(repository)).gitUrl(gitUrl).build();
setScmInstance(controllerRequest, request);
fillRequestWithAdditionalData(request, repository, body.toString());
checkForConfigAsCode(request);
request.setId(uid);
if (helperService.isBranch2Scan(request, branches)) {
flowService.initiateAutomation(request);
}
} catch (IllegalArgumentException e) {
return getBadRequestMessage(e, controllerRequest, product);
}
return getSuccessMessage();
}
use of com.checkmarx.flow.dto.ScanRequest in project cx-flow by checkmarx-ltd.
the class BitbucketCloudController method handleMergeEvent.
public ResponseEntity<EventResponse> handleMergeEvent(MergeEvent body, String product, ControllerRequest controllerRequest, String token) {
log.debug("Merge Request body contents are {}", body.toString());
String uid = helperService.getShortUid();
MDC.put(FlowConstants.MAIN_MDC_ENTRY, uid);
validateBitBucketRequest(token);
log.info("Processing BitBucket MERGE request");
controllerRequest = ensureNotNull(controllerRequest);
try {
Repository repository = body.getRepository();
String app = repository.getName();
if (!ScanUtils.empty(controllerRequest.getApplication())) {
app = controllerRequest.getApplication();
}
BugTracker.Type bugType = BugTracker.Type.BITBUCKETPULL;
if (!ScanUtils.empty(controllerRequest.getBug())) {
bugType = ScanUtils.getBugTypeEnum(controllerRequest.getBug(), flowProperties.getBugTrackerImpl());
}
if (controllerRequest.getAppOnly() != null) {
flowProperties.setTrackApplicationOnly(controllerRequest.getAppOnly());
}
if (ScanUtils.empty(product)) {
product = ScanRequest.Product.CX.getProduct();
}
ScanRequest.Product p = ScanRequest.Product.valueOf(product.toUpperCase(Locale.ROOT));
Pullrequest pullRequest = body.getPullrequest();
String currentBranch = pullRequest.getSource().getBranch().getName();
String targetBranch = pullRequest.getDestination().getBranch().getName();
List<String> branches = getBranches(controllerRequest, flowProperties);
String hash = pullRequest.getSource().getCommit().getHash();
BugTracker bt = ScanUtils.getBugTracker(controllerRequest.getAssignee(), bugType, jiraProperties, controllerRequest.getBug());
FilterConfiguration filter = filterFactory.getFilter(controllerRequest, flowProperties);
String gitUrl = repository.getLinks().getHtml().getHref().concat(".git");
String configToken = scmConfigOverrider.determineConfigToken(properties, controllerRequest.getScmInstance());
String gitAuthUrl = gitAuthUrlGenerator.addCredToUrl(ScanRequest.Repository.BITBUCKET, gitUrl, configToken);
String mergeEndpoint = pullRequest.getLinks().getComments().getHref();
ScanRequest request = ScanRequest.builder().application(app).product(p).project(controllerRequest.getProject()).team(controllerRequest.getTeam()).namespace(getProjectNamespace(repository)).repoName(repository.getName()).repoUrl(gitUrl).repoUrlWithAuth(gitAuthUrl).repoType(ScanRequest.Repository.BITBUCKET).branch(currentBranch).mergeTargetBranch(targetBranch).mergeNoteUri(mergeEndpoint).refs(Constants.CX_BRANCH_PREFIX.concat(currentBranch)).email(null).scanPreset(controllerRequest.getPreset()).incremental(controllerRequest.getIncremental()).excludeFolders(controllerRequest.getExcludeFolders()).excludeFiles(controllerRequest.getExcludeFiles()).bugTracker(bt).filter(filter).hash(hash).organizationId(getOrganizationid(repository)).gitUrl(gitUrl).build();
setScmInstance(controllerRequest, request);
fillRequestWithAdditionalData(request, repository, body.toString());
checkForConfigAsCode(request);
request.setId(uid);
if (helperService.isBranch2Scan(request, branches)) {
flowService.initiateAutomation(request);
}
} catch (IllegalArgumentException e) {
return getBadRequestMessage(e, controllerRequest, product);
}
return getSuccessMessage();
}
use of com.checkmarx.flow.dto.ScanRequest in project cx-flow by checkmarx-ltd.
the class ServiceNowTracker method getIssues.
/**
* Get Incidents/Issues from Service Now.
* @param request
* @return issues collection of data.
* @throws MachinaException
*/
@Override
public List<Issue> getIssues(ScanRequest request) throws MachinaException {
log.debug("Executing getIssues Service Now API call");
try {
String apiRequest = createServiceNowRequest(request);
URI apiRequestUri = URI.create(apiRequest);
Optional<Result> res = Optional.ofNullable(restOperations.getForObject(apiRequestUri, Result.class));
if (res.isPresent()) {
List results = res.get().getIncidents().stream().map(i -> mapToIssue(i)).collect(Collectors.toList());
log.debug("Found {} issues in ServiceNow for this project.", results != null ? results.size() : 0);
return results;
}
} catch (RestClientException e) {
log.error("Error occurred while fetching ServiceNow Issues");
log.error(ExceptionUtils.getStackTrace(e));
throw new MachinaRuntimeException();
}
return Lists.newArrayList();
}
use of com.checkmarx.flow.dto.ScanRequest in project cx-flow by checkmarx-ltd.
the class GitHubController method pullRequest.
/**
* Pull Request event submitted (JSON)
*/
@PostMapping(value = { "/{product}", "/" }, headers = PULL)
public ResponseEntity<EventResponse> pullRequest(@RequestBody String body, @RequestHeader(value = SIGNATURE) String signature, @PathVariable(value = "product", required = false) String product, ControllerRequest controllerRequest) {
String uid = helperService.getShortUid();
MDC.put(FlowConstants.MAIN_MDC_ENTRY, uid);
log.info("Processing GitHub PULL request");
PullEvent event;
ObjectMapper mapper = new ObjectMapper();
Integer installationId = null;
controllerRequest = ensureNotNull(controllerRequest);
try {
event = mapper.readValue(body, PullEvent.class);
} catch (IOException e) {
throw new MachinaRuntimeException(e);
}
gitHubService.initConfigProviderOnPullEvent(uid, event);
// verify message signature
verifyHmacSignature(body, signature, controllerRequest);
try {
String action = event.getAction();
// synchronize - happens when user pushes code into a branch for which a pull request exists
if (!action.equalsIgnoreCase("opened") && !action.equalsIgnoreCase("reopened") && !action.equalsIgnoreCase("synchronize")) {
log.info("Pull requested not processed. Status was not opened ({})", action);
return ResponseEntity.status(HttpStatus.OK).body(EventResponse.builder().message("No processing occurred for updates to Pull Request").success(true).build());
}
Repository repository = event.getRepository();
String app = repository.getName();
if (!ScanUtils.empty(controllerRequest.getApplication())) {
app = controllerRequest.getApplication();
}
// By default, when a pull request is opened, use the current source control provider as a bug tracker
// (GitHub in this case). Bug tracker from the config is not used, because we only want to notify the user
// that their code has some issues. I.e. we don't want to open real issues in the "official" bug tracker yet.
BugTracker.Type bugType = BugTracker.Type.GITHUBPULL;
// However, if the bug tracker is overridden in the query string, use the override value.
if (!ScanUtils.empty(controllerRequest.getBug())) {
bugType = ScanUtils.getBugTypeEnum(controllerRequest.getBug(), flowProperties.getBugTrackerImpl());
}
if (controllerRequest.getAppOnly() != null) {
flowProperties.setTrackApplicationOnly(controllerRequest.getAppOnly());
}
if (ScanUtils.empty(product)) {
product = ScanRequest.Product.CX.getProduct();
}
ScanRequest.Product p = ScanRequest.Product.valueOf(product.toUpperCase(Locale.ROOT));
PullRequest pullRequest = event.getPullRequest();
String currentBranch = pullRequest.getHead().getRef();
String targetBranch = pullRequest.getBase().getRef();
List<String> branches = getBranches(controllerRequest, flowProperties);
BugTracker bt = ScanUtils.getBugTracker(controllerRequest.getAssignee(), bugType, jiraProperties, controllerRequest.getBug());
FilterConfiguration filter = filterFactory.getFilter(controllerRequest, flowProperties);
Map<FindingSeverity, Integer> thresholdMap = getThresholds(controllerRequest);
// build request object
String gitUrl = Optional.ofNullable(pullRequest.getHead().getRepo()).map(Repo::getCloneUrl).orElse(repository.getCloneUrl());
String token;
String gitAuthUrl;
log.info("Using url: {}", gitUrl);
if (event.getInstallation() != null && event.getInstallation().getId() != null) {
installationId = event.getInstallation().getId();
token = gitHubAppAuthService.getInstallationToken(installationId);
token = FlowConstants.GITHUB_APP_CLONE_USER.concat(":").concat(token);
} else {
token = scmConfigOverrider.determineConfigToken(properties, controllerRequest.getScmInstance());
}
gitAuthUrl = gitAuthUrlGenerator.addCredToUrl(ScanRequest.Repository.GITHUB, gitUrl, token);
ScanRequest request = ScanRequest.builder().application(app).product(p).project(controllerRequest.getProject()).team(controllerRequest.getTeam()).namespace(pullRequest.getHead().getRepo().getOwner().getLogin().replace(" ", "_")).repoName(repository.getName()).repoUrl(repository.getCloneUrl()).repoUrlWithAuth(gitAuthUrl).repoType(ScanRequest.Repository.GITHUB).branch(currentBranch).defaultBranch(repository.getDefaultBranch()).refs(Constants.CX_BRANCH_PREFIX.concat(currentBranch)).mergeNoteUri(pullRequest.getIssueUrl().concat("/comments")).mergeTargetBranch(targetBranch).email(null).scanPreset(controllerRequest.getPreset()).incremental(controllerRequest.getIncremental()).excludeFolders(controllerRequest.getExcludeFolders()).excludeFiles(controllerRequest.getExcludeFiles()).bugTracker(bt).filter(filter).thresholds(thresholdMap).organizationId(getOrganizationid(repository)).gitUrl(gitUrl).hash(pullRequest.getHead().getSha()).build();
setScmInstance(controllerRequest, request);
// Check if an installation Id is provided and store it for later use
if (installationId != null) {
request.putAdditionalMetadata(FlowConstants.GITHUB_APP_INSTALLATION_ID, installationId.toString());
}
/*Check for Config as code (cx.config) and override*/
CxConfig cxConfig = gitHubService.getCxConfigOverride(request);
request = configOverrider.overrideScanRequestProperties(cxConfig, request);
request.putAdditionalMetadata(HTMLHelper.WEB_HOOK_PAYLOAD, body);
request.putAdditionalMetadata("statuses_url", pullRequest.getStatusesUrl());
request.setId(uid);
// only initiate scan/automation if target branch is applicable
if (helperService.isBranch2Scan(request, branches)) {
flowService.initiateAutomation(request);
}
} catch (IllegalArgumentException e) {
return getBadRequestMessage(e, controllerRequest, product);
}
return getSuccessMessage();
}
Aggregations