use of com.checkmarx.sdk.dto.ScanResults in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxServiceIT method getReportContent.
@Test
public void getReportContent() {
try {
List<Filter> filters = new ArrayList<>();
filters.add(new Filter(Filter.Type.SEVERITY, "High"));
FilterConfiguration filterConfiguration = FilterConfiguration.fromSimpleFilters(filters);
ScanResults results = service.getLatestScanResults(properties.getTeam(), "Riches", filterConfiguration);
assertNotNull(results);
} catch (CheckmarxException e) {
fail("Unexpected CheckmarxException");
}
}
use of com.checkmarx.sdk.dto.ScanResults in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxServiceIT method completeScanFlow.
@Test
@Ignore("Stable environment required")
public void completeScanFlow() throws CheckmarxException {
final String PROJECT_NAME = "my-project-name";
final String GIT_REPO_URL = "https://github.com/my-organization/my-repo.git";
final String BRANCH_NAME = "refs/heads/develop";
String teamId = service.getTeamId(properties.getTeam());
Integer projectId = service.getProjectId(teamId, PROJECT_NAME);
CxScanParams params = new CxScanParams();
params.setProjectName(PROJECT_NAME);
params.setTeamId(teamId);
params.setProjectId(projectId);
params.setGitUrl(GIT_REPO_URL);
params.setBranch(BRANCH_NAME);
params.setSourceType(CxScanParams.Type.GIT);
// run the scan and wait for it to finish
Integer x = service.createScan(params, "CxSDK Scan");
service.waitForScanCompletion(x);
List<Filter> highSeverityOnly = Collections.singletonList(new Filter(Filter.Type.SEVERITY, "High"));
FilterConfiguration filterConfiguration = FilterConfiguration.fromSimpleFilters(highSeverityOnly);
// generate the results
ScanResults results = service.getReportContentByScanId(x, filterConfiguration);
assertNotNull(results);
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class CxFlowRunner method scanRemoteRepo.
private void scanRemoteRepo(ScanRequest request, String gitUrl, String gitAuthUrl, String branch, ScanRequest.Repository repoType, ApplicationArguments args) throws ExitThrowable {
log.info("Initiating scan using Checkmarx git clone");
request.setRepoType(repoType);
log.info("Git url: {}", gitUrl);
request.setBranch(branch);
request.setRepoUrl(gitUrl);
request.setRepoUrlWithAuth(gitAuthUrl);
request.setRefs(Constants.CX_BRANCH_PREFIX.concat(branch));
if (!args.containsOption(IAST_OPTION)) {
ScanResults scanResults = runOnActiveScanners(scanner -> scanner.scanCli(request, "Scan-git-clone"));
processResults(request, scanResults);
}
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class CxFlowRunner method scanLocalPath.
private void scanLocalPath(ScanRequest request, String path) throws ExitThrowable {
if (ScanUtils.empty(request.getProject())) {
log.error("Please provide --cx-project to define the project in Checkmarx");
exit(ExitCode.ARGUMENT_NOT_PROVIDED);
}
CxConfig cxConfig = getCxConfigOverride(path, "cx.config");
request = configOverrider.overrideScanRequestProperties(cxConfig, request);
// A lambda rquires a final or effectively final parameter
ScanRequest finalRequest = request;
ScanResults scanResults = runOnActiveScanners(scanner -> scanner.scanCli(finalRequest, "cxFullScan", new File(path)));
processResults(request, scanResults);
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class PostRequestData method latestScanResults.
@GetMapping(value = "/scanresults", produces = "application/json")
public ScanResults latestScanResults(// Mandatory parameters
@RequestParam(value = "project") String project, @RequestHeader(value = TOKEN_HEADER) String token, // Optional parameters
@RequestParam(value = "team", required = false) String team, @RequestParam(value = "application", required = false) String application, @RequestParam(value = "severity", required = false) List<String> severity, @RequestParam(value = "cwe", required = false) List<String> cwe, @RequestParam(value = "category", required = false) List<String> category, @RequestParam(value = "status", required = false) List<String> status, @RequestParam(value = "assignee", required = false) String assignee, @RequestParam(value = "override", required = false) String override, @RequestParam(value = "bug", required = false) String bug) {
String uid = helperService.getShortUid();
MDC.put(FlowConstants.MAIN_MDC_ENTRY, uid);
// Validate shared API token from header
validateToken(token);
// This primes the shard when Shard Manager is turned on
if (cxProperties.getEnableShardManager()) {
ShardSession shard = sessionTracker.getShardSession();
// ensures this gets fixed like this: /CxServer/CHECKMARX
if (team.charAt(0) != '/') {
team = ("/" + team);
}
shard.setTeam(team);
shard.setProject(project);
}
// Create bug tracker
BugTracker bugTracker = getBugTracker(assignee, bug);
// Create filters if available
ControllerRequest request = new ControllerRequest(severity, cwe, category, status, null);
FilterConfiguration filter = filterFactory.getFilter(request, properties);
// Create the scan request
ScanRequest scanRequest = ScanRequest.builder().application(ScanUtils.empty(application) ? project : application).product(// Default product: CX
ScanRequest.Product.CX).project(project).team(team).bugTracker(bugTracker).filter(filter).build();
scanRequest.setId(uid);
// If an override blob/file is provided, substitute these values
if (!ScanUtils.empty(override)) {
FlowOverride ovr = ScanUtils.getMachinaOverride(override);
scanRequest = configOverrider.overrideScanRequestProperties(ovr, scanRequest);
}
// Fetch the Checkmarx Scan Results based on given ScanRequest.
// The cxProject parameter is null because the required project metadata
// is already contained in the scanRequest parameter.
ScanResults scanResults = CxScannerService.getScanner(cxgoScanner, sastScanner).getLatestScanResults(scanRequest);
log.debug("ScanResults {}", scanResults);
return scanResults;
}
Aggregations