use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class FilterScriptSteps method generateIssues.
private void generateIssues(CxClient cxClientSpy) {
// Avoid additional API calls that we don't care about.
cxProperties.setOffline(true);
try {
FilterConfiguration filter = getFilterConfiguration();
ScanResults report = cxClientSpy.getReportContent(333333, filter);
findingNumbersAfterFiltering = report.getXIssues().stream().map(xIssue -> findingFilenameToNumber.get(xIssue.getFilename())).collect(Collectors.toSet());
} catch (Exception e) {
reportGenerationException = e;
}
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class ScanUtils method getScaSummaryIssueKey.
/**
* @param request The scanRequest object
* @param issue The scanResults issue
* @param extraTags Extra tags array. Jira issue prefix/postfix are on the [0], [1] positions
* @return Issue key according to the bug type parameter
*/
public static String getScaSummaryIssueKey(ScanRequest request, ScanResults.XIssue issue, String... extraTags) {
ScanResults.ScaDetails scaDetails = issue.getScaDetails().get(0);
String bugType = request.getBugTracker().getType().getType();
switch(bugType) {
case "JIRA":
String issuePrefix = extraTags[0];
String issuePostfix = extraTags[1];
Finding detailsFindings = scaDetails.getFinding();
Package vulnerabilityPackage = scaDetails.getVulnerabilityPackage();
return anyEmpty(request.getNamespace(), request.getRepoName(), request.getBranch()) ? getJiraScaSummaryIssueKeyWithoutBranch(request, issuePrefix, issuePostfix, detailsFindings, vulnerabilityPackage) : getJiraScaSummaryIssueKey(request, issuePrefix, issuePostfix, detailsFindings, vulnerabilityPackage);
case "CUSTOM":
return anyEmpty(request.getBranch(), request.getNamespace(), request.getRepoName()) ? getCustomScaSummaryIssueKeyWithoutBranch(request, scaDetails) : getCustomScaSummaryIssueKey(request, scaDetails);
default:
throw new NotImplementedException("Summary issue key wasn't implemented yet for bug type: {}", bugType);
}
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class FlowControllerTest method testSSuccessfulScanResult.
@ParameterizedTest
@MethodSource("generateDataForSuccessfulScanResults")
public void testSSuccessfulScanResult(String severity, String cwe, String category, String status, String assignee, String override, String bug) {
ScanResults results = new ScanResults();
CompletableFuture<ScanResults> cf = CompletableFuture.completedFuture(results);
when(sastScanner.getLatestScanResultsAsync(any(ScanRequest.class), isNull())).thenReturn(cf);
ArgumentCaptor<ScanRequest> captor = ArgumentCaptor.forClass(ScanRequest.class);
List<String> severityFilters = TestsParseUtils.parseCsvToList(severity);
List<String> cweFilters = TestsParseUtils.parseCsvToList(cwe);
List<String> categoryFilters = TestsParseUtils.parseCsvToList(category);
List<String> statusFilters = TestsParseUtils.parseCsvToList(status);
ScanResults scanResults = flowController.latestScanResults(testProps.getProject(), flowProperties.getToken(), ScanFixture.TEAM_ID, testProps.getApplication(), severityFilters, cweFilters, categoryFilters, statusFilters, assignee, override, bug);
verify(sastScanner, times(1)).getLatestScanResultsAsync(captor.capture(), isNull());
ScanRequest actual = captor.getValue();
assertScanResultsRequest(actual, testProps.getApplication(), ScanFixture.TEAM_ID, severityFilters, cweFilters, categoryFilters, statusFilters);
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class GetResultsAnalyticsTestSteps method getSCAResults.
@When("doing get results operation on SCA scan with {int} {int} {int} results")
public void getSCAResults(int high, int medium, int low) throws InterruptedException {
try {
scanResultsToInject = createFakeSCAScanResults(high, medium, low);
ScanRequest scanRequest = createScanRequest();
// addAdditionalInfoToResults();
// addFlowSummaryToResults(high, medium, low, info);
CompletableFuture<ScanResults> task = resultsService.processScanResultsAsync(scanRequest, PROJECT_ID, SCAN_ID, null, null);
task.get(1, TimeUnit.MINUTES);
} catch (MachinaException | ExecutionException | TimeoutException e) {
String message = "Error processing scan results.";
log.error(message, e);
Assert.fail(message);
}
}
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class GetResultsAnalyticsTestSteps method getSASTResults.
@When("doing get results operation on SAST scan with {int} {int} {int} {int} results")
public void getSASTResults(int high, int medium, int low, int info) throws InterruptedException {
try {
scanResultsToInject = createFakeSASTScanResults();
ScanRequest scanRequest = createScanRequest();
setFindingsSummary(high, medium, low, info);
addAdditionalInfoToResults();
addFlowSummaryToResults(high, medium, low, info);
CompletableFuture<ScanResults> task = resultsService.processScanResultsAsync(scanRequest, PROJECT_ID, SCAN_ID, null, null);
task.get(1, TimeUnit.MINUTES);
} catch (MachinaException | ExecutionException | TimeoutException e) {
String message = "Error processing scan results.";
log.error(message, e);
Assert.fail(message);
}
}
Aggregations