Example 1 with PullRequestReport
use of com.checkmarx.flow.dto.report.PullRequestReport in project cx-flow by checkmarx-ltd.
the class GitHubService method logPullRequestWithScaResults.
private void logPullRequestWithScaResults(ScanRequest request, ScanResults results) {
if (results.getScaResults() != null) {
PullRequestReport report = new PullRequestReport(results.getScaResults().getScanId(), request, AnalyticsReport.SCA);
report.setFindingsPerSeveritySca(results);
report.setPullRequestResult(OperationResult.successful());
report.log();
}
}
Also used :
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
Example 2 with PullRequestReport
use of com.checkmarx.flow.dto.report.PullRequestReport in project cx-flow by checkmarx-ltd.
the class GitHubService method endBlockMerge.
void endBlockMerge(ScanRequest request, ScanResults results, ScanDetails scanDetails) {
logPullRequestWithScaResults(request, results);
if (properties.isBlockMerge()) {
String statusApiUrl = request.getAdditionalMetadata(STATUSES_URL_KEY);
if (ScanUtils.empty(statusApiUrl)) {
log.error(STATUSES_URL_NOT_PROVIDED);
return;
}
PullRequestReport report = new PullRequestReport(scanDetails, request);
HttpEntity<String> httpEntity = getStatusRequestEntity(results, report, request);
logPullRequestWithSastOsa(results, report);
log.debug("Updating pull request status: {}", statusApiUrl);
statusExchange(request, httpEntity, statusApiUrl, "failed to update merge status for completed scan");
} else {
log.debug("Pull request blocking is disabled in configuration, no need to unblock.");
logPullRequestWithSastOsa(request, results, scanDetails);
}
}
Also used :
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
Example 3 with PullRequestReport
use of com.checkmarx.flow.dto.report.PullRequestReport in project cx-flow by checkmarx-ltd.
the class ADOService method endBlockMerge.
void endBlockMerge(ScanRequest request, ScanResults results, ScanDetails scanDetails) {
if (properties.isBlockMerge()) {
Integer projectId = Integer.parseInt(results.getProjectId());
String url = request.getAdditionalMetadata("statuses_url");
String statusId = request.getAdditionalMetadata("status_id");
String threadUrl = null;
if (request.getAdditionalMetadata("ado_thread_id") != null) {
threadUrl = request.getMergeNoteUri().concat("/").concat(request.getAdditionalMetadata("ado_thread_id"));
}
if (statusId == null) {
log.warn("No status Id found, skipping status update");
return;
}
CreateWorkItemAttr item = new CreateWorkItemAttr();
item.setOp("remove");
item.setPath("/".concat(statusId));
List<CreateWorkItemAttr> list = new ArrayList<>();
list.add(item);
HttpEntity<List<CreateWorkItemAttr>> httpEntity = new HttpEntity<>(list, ADOUtils.createPatchAuthHeaders(scmConfigOverrider.determineConfigToken(properties, request.getScmInstance())));
if (ScanUtils.empty(url)) {
log.error("statuses_url was not provided within the request object, which is required for blocking / unblocking pull requests");
return;
}
// TODO remove preview once applicable
log.info("Removing pending status from pull {}", url);
restTemplate.exchange(getFullAdoApiUrl(url).concat("-preview"), HttpMethod.PATCH, httpEntity, Void.class);
/*
if the SAST server fails to scan a project it generates a result with ProjectId = -1
This if statement adds a status of failed to the ADO PR, and sets the status of thread to
CLOSED.
*/
if (projectId == -1) {
log.debug("SAST scan could not be processed due to some error. Creating status of failed to {}", url);
createStatus("failed", "Checkmarx Scan could not be processed.", url, results.getLink(), request);
if (threadUrl != null) {
createThreadStatus(CLOSED, threadUrl, request);
}
return;
}
boolean isMergeAllowed = thresholdValidator.isMergeAllowed(results, properties, new PullRequestReport(scanDetails, request));
if (!isMergeAllowed) {
log.debug("Creating status of failed to {}", url);
createStatus("failed", "Checkmarx Scan Completed", url, results.getLink(), request);
if (threadUrl != null) {
createThreadStatus(CLOSED, threadUrl, request);
}
} else {
log.debug("Creating status of succeeded to {}", url);
createStatus("succeeded", "Checkmarx Scan Completed", url, results.getLink(), request);
if (threadUrl != null) {
createThreadStatus(RESOLVED, threadUrl, request);
}
}
}
}
Also used :
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
HttpEntity(org.springframework.http.HttpEntity)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
CreateWorkItemAttr(com.checkmarx.flow.dto.azure.CreateWorkItemAttr)
Example 4 with PullRequestReport
use of com.checkmarx.flow.dto.report.PullRequestReport in project cx-flow by checkmarx-ltd.
the class ScaThresholdsSteps method pull_request_should_fail.
@Then("pull request should {word}")
public void pull_request_should_fail(String expected) {
RepoProperties repoProperties = new RepoProperties();
repoProperties.setErrorMerge(true);
ScanResults scanResults = new ScanResults();
scanResults.setScaResults(scaResults);
PullRequestReport pullRequestReport = new PullRequestReport();
boolean actual = thresholdValidatorImpl.isMergeAllowed(scanResults, repoProperties, pullRequestReport);
log.info("is merged allowed = {} (expecting: {})", actual, expected);
assertEquals(expected.equals("pass"), actual, "is merged allowed = " + actual + ", but was expecting: " + expected);
}
Also used :
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
RepoProperties(com.checkmarx.flow.config.RepoProperties)
Then(io.cucumber.java.en.Then)
Example 5 with PullRequestReport
use of com.checkmarx.flow.dto.report.PullRequestReport in project cx-flow by checkmarx-ltd.
the class GitHubService method logPullRequestWithSastOsa.
private void logPullRequestWithSastOsa(ScanRequest request, ScanResults results, ScanDetails scanDetails) {
// Otherwise it would be only SCA
if (hasSastOsaScan(results)) {
PullRequestReport report = new PullRequestReport(scanDetails, request);
Map<FindingSeverity, Integer> findings = ThresholdValidatorImpl.getSastFindingCountPerSeverity(results);
report.setFindingsPerSeverity(findings);
report.setPullRequestResult(OperationResult.successful());
report.log();
}
}
Also used :
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
FindingSeverity(com.checkmarx.flow.config.FindingSeverity)
Aggregations
PullRequestReport (com.checkmarx.flow.dto.report.PullRequestReport)7
FindingSeverity (com.checkmarx.flow.config.FindingSeverity)1
RepoProperties (com.checkmarx.flow.config.RepoProperties)1
CreateWorkItemAttr (com.checkmarx.flow.dto.azure.CreateWorkItemAttr)1
BitBucketClientException (com.checkmarx.flow.exception.BitBucketClientException)1
ScanResults (com.checkmarx.sdk.dto.ScanResults)1
Then (io.cucumber.java.en.Then)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
JSONObject (org.json.JSONObject)1
HttpEntity (org.springframework.http.HttpEntity)1
HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)1
