Search in sources :

Example 1 with GitHubRepoUnavailableException

use of com.checkmarx.flow.exception.GitHubRepoUnavailableException in project cx-flow by checkmarx-ltd.

the class AbstractVulnerabilityScanner method executeCxScan.

public ScanDetails executeCxScan(ScanRequest request, File cxFile) throws MachinaException {
    String osaScanId;
    Integer scanId = null;
    Integer projectId;
    try {
        /*Check if team is provided*/
        String ownerId = getScanRequestConverter().determineTeamAndOwnerID(request);
        log.debug("Auto profiling is enabled");
        projectId = getScanRequestConverter().determinePresetAndProjectId(request, ownerId);
        CxScanParams params = getScanRequestConverter().prepareScanParamsObject(request, cxFile, ownerId, projectId);
        scanId = getScannerClient().createScan(params, getComment(request));
        osaScanId = createOsaScan(request, projectId);
        if (osaScanId != null) {
            logRequest(request, osaScanId, cxFile, OperationResult.successful());
        }
    } catch (GitHubRepoUnavailableException e) {
        // an error stack trace in the log.
        return new ScanDetails(UNKNOWN_INT, UNKNOWN_INT, new CompletableFuture<>(), false);
    } catch (CheckmarxException | GitAPIException e) {
        String extendedMessage = treatFailure(request, cxFile, scanId, e);
        throw new MachinaException("Checkmarx Error Occurred: " + extendedMessage);
    }
    logRequest(request, scanId, cxFile, OperationResult.successful());
    this.scanDetails = new ScanDetails(projectId, scanId, osaScanId);
    return scanDetails;
}
Also used : CxScanParams(com.checkmarx.sdk.dto.cx.CxScanParams) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) CompletableFuture(java.util.concurrent.CompletableFuture) MachinaException(com.checkmarx.flow.exception.MachinaException) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) GitHubRepoUnavailableException(com.checkmarx.flow.exception.GitHubRepoUnavailableException)

Example 2 with GitHubRepoUnavailableException

use of com.checkmarx.flow.exception.GitHubRepoUnavailableException in project cx-flow by checkmarx-ltd.

the class AbstractVulnerabilityScanner method scan.

@Override
public ScanResults scan(ScanRequest scanRequest) {
    log.info("--------------------- Initiating new {} scan ---------------------", SCAN_TYPE);
    setRequestParamsByProperties(scanRequest);
    checkScanSubmitEmailDelivery(scanRequest);
    try {
        Integer scanId;
        CxScanParams cxScanParams = getScanRequestConverter().toScanParams(scanRequest);
        Integer projectId = cxScanParams.getProjectId();
        log.info("Checking if there is any existing scan for Project: {}", projectId);
        Integer existingScanId = getScannerClient().getScanIdOfExistingScanIfExists(projectId);
        String scanComment = getScanComment(scanRequest);
        if (existingScanId != UNKNOWN_INT) {
            if (!getCxPropertiesBase().getScanQueuing()) {
                Boolean scanResubmit = false;
                if (scanRequest.getScanResubmit() != null) {
                    scanResubmit = Boolean.parseBoolean(scanRequest.getScanResubmit());
                } else if (flowProperties.getScanResubmit()) {
                    scanResubmit = flowProperties.getScanResubmit();
                }
                if (scanResubmit) {
                    log.info("Existing ongoing scan with id {} found for Project : {}", existingScanId, projectId);
                    log.info("Aborting the ongoing scan with id {} for Project: {}", existingScanId, projectId);
                    getScannerClient().cancelScan(existingScanId);
                    log.info("Resubmitting the scan for Project: {}", projectId);
                    scanId = getScannerClient().createScan(cxScanParams, scanComment);
                } else {
                    log.warn("Property scan-resubmit set to {} : New scan not submitted, due to existing ongoing scan for the same Project id {}", flowProperties.getScanResubmit(), projectId);
                    bugTrackers.getBugTrackerEventTrigger().triggerScanNotSubmittedBugTrackerEvent(scanRequest, getEmptyScanResults());
                    throw new CheckmarxException(String.format("Active Scan with Id %d already exists for Project: %d", existingScanId, projectId));
                }
            } else {
                scanId = getScannerClient().createScan(cxScanParams, scanComment);
            }
        } else {
            scanId = getScannerClient().createScan(cxScanParams, scanComment);
        }
        return getScanResults(scanRequest, projectId, scanId);
    } catch (GitHubRepoUnavailableException e) {
        // an error stack trace in the log
        return getEmptyScanResults();
    } catch (Exception e) {
        log.error("SAST scan failed", e);
        OperationResult scanCreationFailure = new OperationResult(OperationStatus.FAILURE, e.getMessage());
        ScanReport report = new ScanReport(-1, scanRequest, scanRequest.getRepoUrl(), scanCreationFailure);
        report.log();
        return getEmptyScanResults();
    }
}
Also used : CxScanParams(com.checkmarx.sdk.dto.cx.CxScanParams) ScanReport(com.checkmarx.flow.dto.report.ScanReport) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) GitHubRepoUnavailableException(com.checkmarx.flow.exception.GitHubRepoUnavailableException) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) GitHubRepoUnavailableException(com.checkmarx.flow.exception.GitHubRepoUnavailableException) IOException(java.io.IOException) MachinaRuntimeException(com.checkmarx.flow.exception.MachinaRuntimeException) MachinaException(com.checkmarx.flow.exception.MachinaException)

Aggregations

GitHubRepoUnavailableException (com.checkmarx.flow.exception.GitHubRepoUnavailableException)2 MachinaException (com.checkmarx.flow.exception.MachinaException)2 CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)2 CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)2 GitAPIException (org.eclipse.jgit.api.errors.GitAPIException)2 ScanReport (com.checkmarx.flow.dto.report.ScanReport)1 MachinaRuntimeException (com.checkmarx.flow.exception.MachinaRuntimeException)1 IOException (java.io.IOException)1 CompletableFuture (java.util.concurrent.CompletableFuture)1