Search in sources :

Example 1 with ScanReport

use of com.checkmarx.flow.dto.report.ScanReport in project cx-flow by checkmarx-ltd.

the class AbstractASTScanner method logRequest.

private void logRequest(ScanRequest request, AstScaResults internalResults, OperationResult scanCreationResult) {
    String scanId = getScanId(internalResults);
    ScanReport report = new ScanReport(scanId, request, request.getRepoUrl(), scanCreationResult, AnalyticsReport.SCA);
    report.log();
}
Also used : ScanReport(com.checkmarx.flow.dto.report.ScanReport)

Example 2 with ScanReport

use of com.checkmarx.flow.dto.report.ScanReport in project cx-flow by checkmarx-ltd.

the class AbstractVulnerabilityScanner method logRequest.

private void logRequest(ScanRequest request, Integer scanId, File cxFile, OperationResult scanCreationResult) {
    ScanReport report = new ScanReport(scanId, request, getRepoUrl(request, cxFile), scanCreationResult);
    report.log();
}
Also used : ScanReport(com.checkmarx.flow.dto.report.ScanReport)

Example 3 with ScanReport

use of com.checkmarx.flow.dto.report.ScanReport in project cx-flow by checkmarx-ltd.

the class SCARemoteRepoScanSteps method getReportObject.

private ScanReport getReportObject() throws CheckmarxException, JsonProcessingException {
    JsonLoggerTestUtils utils = new JsonLoggerTestUtils();
    String lastLine = utils.getLastLine();
    ObjectMapper objectMapper = new ObjectMapper();
    JsonNode jsonNode = objectMapper.readTree(lastLine).get(ScanReport.OPERATION);
    if (jsonNode != null) {
        return (ScanReport) utils.getAnalyticsReport(ScanReport.class, objectMapper, jsonNode);
    } else {
        return null;
    }
}
Also used : ScanReport(com.checkmarx.flow.dto.report.ScanReport) JsonNode(com.fasterxml.jackson.databind.JsonNode) JsonLoggerTestUtils(com.checkmarx.flow.cucumber.common.JsonLoggerTestUtils) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 4 with ScanReport

use of com.checkmarx.flow.dto.report.ScanReport in project cx-flow by checkmarx-ltd.

the class AbstractVulnerabilityScanner method scan.

@Override
public ScanResults scan(ScanRequest scanRequest) {
    log.info("--------------------- Initiating new {} scan ---------------------", SCAN_TYPE);
    setRequestParamsByProperties(scanRequest);
    checkScanSubmitEmailDelivery(scanRequest);
    try {
        Integer scanId;
        CxScanParams cxScanParams = getScanRequestConverter().toScanParams(scanRequest);
        Integer projectId = cxScanParams.getProjectId();
        log.info("Checking if there is any existing scan for Project: {}", projectId);
        Integer existingScanId = getScannerClient().getScanIdOfExistingScanIfExists(projectId);
        String scanComment = getScanComment(scanRequest);
        if (existingScanId != UNKNOWN_INT) {
            if (!getCxPropertiesBase().getScanQueuing()) {
                Boolean scanResubmit = false;
                if (scanRequest.getScanResubmit() != null) {
                    scanResubmit = Boolean.parseBoolean(scanRequest.getScanResubmit());
                } else if (flowProperties.getScanResubmit()) {
                    scanResubmit = flowProperties.getScanResubmit();
                }
                if (scanResubmit) {
                    log.info("Existing ongoing scan with id {} found for Project : {}", existingScanId, projectId);
                    log.info("Aborting the ongoing scan with id {} for Project: {}", existingScanId, projectId);
                    getScannerClient().cancelScan(existingScanId);
                    log.info("Resubmitting the scan for Project: {}", projectId);
                    scanId = getScannerClient().createScan(cxScanParams, scanComment);
                } else {
                    log.warn("Property scan-resubmit set to {} : New scan not submitted, due to existing ongoing scan for the same Project id {}", flowProperties.getScanResubmit(), projectId);
                    bugTrackers.getBugTrackerEventTrigger().triggerScanNotSubmittedBugTrackerEvent(scanRequest, getEmptyScanResults());
                    throw new CheckmarxException(String.format("Active Scan with Id %d already exists for Project: %d", existingScanId, projectId));
                }
            } else {
                scanId = getScannerClient().createScan(cxScanParams, scanComment);
            }
        } else {
            scanId = getScannerClient().createScan(cxScanParams, scanComment);
        }
        return getScanResults(scanRequest, projectId, scanId);
    } catch (GitHubRepoUnavailableException e) {
        // an error stack trace in the log
        return getEmptyScanResults();
    } catch (Exception e) {
        log.error("SAST scan failed", e);
        OperationResult scanCreationFailure = new OperationResult(OperationStatus.FAILURE, e.getMessage());
        ScanReport report = new ScanReport(-1, scanRequest, scanRequest.getRepoUrl(), scanCreationFailure);
        report.log();
        return getEmptyScanResults();
    }
}
Also used : CxScanParams(com.checkmarx.sdk.dto.cx.CxScanParams) ScanReport(com.checkmarx.flow.dto.report.ScanReport) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) GitHubRepoUnavailableException(com.checkmarx.flow.exception.GitHubRepoUnavailableException) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) GitHubRepoUnavailableException(com.checkmarx.flow.exception.GitHubRepoUnavailableException) IOException(java.io.IOException) MachinaRuntimeException(com.checkmarx.flow.exception.MachinaRuntimeException) MachinaException(com.checkmarx.flow.exception.MachinaException)

Example 5 with ScanReport

use of com.checkmarx.flow.dto.report.ScanReport in project cx-flow by checkmarx-ltd.

the class AbstractVulnerabilityScanner method logRequest.

private void logRequest(ScanRequest request, String scanId, File cxFile, OperationResult scanCreationResult) {
    ScanReport report = new ScanReport(scanId, request, getRepoUrl(request, cxFile), scanCreationResult);
    report.log();
}
Also used : ScanReport(com.checkmarx.flow.dto.report.ScanReport)

Aggregations

ScanReport (com.checkmarx.flow.dto.report.ScanReport)6 CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)2 JsonLoggerTestUtils (com.checkmarx.flow.cucumber.common.JsonLoggerTestUtils)1 GitHubRepoUnavailableException (com.checkmarx.flow.exception.GitHubRepoUnavailableException)1 MachinaException (com.checkmarx.flow.exception.MachinaException)1 MachinaRuntimeException (com.checkmarx.flow.exception.MachinaRuntimeException)1 CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)1 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 And (io.cucumber.java.en.And)1 IOException (java.io.IOException)1 GitAPIException (org.eclipse.jgit.api.errors.GitAPIException)1