Example 41 with ScanResults
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class FilterScriptSteps method generateIssues.
private void generateIssues(CxClient cxClientSpy) {
// Avoid additional API calls that we don't care about.
cxProperties.setOffline(true);
try {
FilterConfiguration filter = getFilterConfiguration();
ScanResults report = cxClientSpy.getReportContent(333333, filter);
findingNumbersAfterFiltering = report.getXIssues().stream().map(xIssue -> findingFilenameToNumber.get(xIssue.getFilename())).collect(Collectors.toSet());
} catch (Exception e) {
reportGenerationException = e;
}
}
Also used :
ScanResults(com.checkmarx.sdk.dto.ScanResults)
FilterConfiguration(com.checkmarx.sdk.dto.filtering.FilterConfiguration)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
IOException(java.io.IOException)
CheckmarxRuntimeException(com.checkmarx.sdk.exception.CheckmarxRuntimeException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
SAXException(org.xml.sax.SAXException)
Example 42 with ScanResults
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class ScanUtils method getScaSummaryIssueKey.
/**
* @param request The scanRequest object
* @param issue The scanResults issue
* @param extraTags Extra tags array. Jira issue prefix/postfix are on the [0], [1] positions
* @return Issue key according to the bug type parameter
*/
public static String getScaSummaryIssueKey(ScanRequest request, ScanResults.XIssue issue, String... extraTags) {
ScanResults.ScaDetails scaDetails = issue.getScaDetails().get(0);
String bugType = request.getBugTracker().getType().getType();
switch(bugType) {
case "JIRA":
String issuePrefix = extraTags[0];
String issuePostfix = extraTags[1];
Finding detailsFindings = scaDetails.getFinding();
Package vulnerabilityPackage = scaDetails.getVulnerabilityPackage();
return anyEmpty(request.getNamespace(), request.getRepoName(), request.getBranch()) ? getJiraScaSummaryIssueKeyWithoutBranch(request, issuePrefix, issuePostfix, detailsFindings, vulnerabilityPackage) : getJiraScaSummaryIssueKey(request, issuePrefix, issuePostfix, detailsFindings, vulnerabilityPackage);
case "CUSTOM":
return anyEmpty(request.getBranch(), request.getNamespace(), request.getRepoName()) ? getCustomScaSummaryIssueKeyWithoutBranch(request, scaDetails) : getCustomScaSummaryIssueKey(request, scaDetails);
default:
throw new NotImplementedException("Summary issue key wasn't implemented yet for bug type: {}", bugType);
}
}
Also used :
ScanResults(com.checkmarx.sdk.dto.ScanResults)
Finding(com.checkmarx.sdk.dto.sca.report.Finding)
NotImplementedException(org.apache.commons.lang3.NotImplementedException)
Package(com.checkmarx.sdk.dto.sca.report.Package)
Example 43 with ScanResults
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class FlowControllerTest method testSSuccessfulScanResult.
@ParameterizedTest
@MethodSource("generateDataForSuccessfulScanResults")
public void testSSuccessfulScanResult(String severity, String cwe, String category, String status, String assignee, String override, String bug) {
ScanResults results = new ScanResults();
CompletableFuture<ScanResults> cf = CompletableFuture.completedFuture(results);
when(sastScanner.getLatestScanResultsAsync(any(ScanRequest.class), isNull())).thenReturn(cf);
ArgumentCaptor<ScanRequest> captor = ArgumentCaptor.forClass(ScanRequest.class);
List<String> severityFilters = TestsParseUtils.parseCsvToList(severity);
List<String> cweFilters = TestsParseUtils.parseCsvToList(cwe);
List<String> categoryFilters = TestsParseUtils.parseCsvToList(category);
List<String> statusFilters = TestsParseUtils.parseCsvToList(status);
ScanResults scanResults = flowController.latestScanResults(testProps.getProject(), flowProperties.getToken(), ScanFixture.TEAM_ID, testProps.getApplication(), severityFilters, cweFilters, categoryFilters, statusFilters, assignee, override, bug);
verify(sastScanner, times(1)).getLatestScanResultsAsync(captor.capture(), isNull());
ScanRequest actual = captor.getValue();
assertScanResultsRequest(actual, testProps.getApplication(), ScanFixture.TEAM_ID, severityFilters, cweFilters, categoryFilters, statusFilters);
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 44 with ScanResults
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class GetResultsAnalyticsTestSteps method getSCAResults.
@When("doing get results operation on SCA scan with {int} {int} {int} results")
public void getSCAResults(int high, int medium, int low) throws InterruptedException {
try {
scanResultsToInject = createFakeSCAScanResults(high, medium, low);
ScanRequest scanRequest = createScanRequest();
// addAdditionalInfoToResults();
// addFlowSummaryToResults(high, medium, low, info);
CompletableFuture<ScanResults> task = resultsService.processScanResultsAsync(scanRequest, PROJECT_ID, SCAN_ID, null, null);
task.get(1, TimeUnit.MINUTES);
} catch (MachinaException | ExecutionException | TimeoutException e) {
String message = "Error processing scan results.";
log.error(message, e);
Assert.fail(message);
}
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
MachinaException(com.checkmarx.flow.exception.MachinaException)
ExecutionException(java.util.concurrent.ExecutionException)
TimeoutException(java.util.concurrent.TimeoutException)
When(io.cucumber.java.en.When)
Example 45 with ScanResults
use of com.checkmarx.sdk.dto.ScanResults in project cx-flow by checkmarx-ltd.
the class GetResultsAnalyticsTestSteps method getSASTResults.
@When("doing get results operation on SAST scan with {int} {int} {int} {int} results")
public void getSASTResults(int high, int medium, int low, int info) throws InterruptedException {
try {
scanResultsToInject = createFakeSASTScanResults();
ScanRequest scanRequest = createScanRequest();
setFindingsSummary(high, medium, low, info);
addAdditionalInfoToResults();
addFlowSummaryToResults(high, medium, low, info);
CompletableFuture<ScanResults> task = resultsService.processScanResultsAsync(scanRequest, PROJECT_ID, SCAN_ID, null, null);
task.get(1, TimeUnit.MINUTES);
} catch (MachinaException | ExecutionException | TimeoutException e) {
String message = "Error processing scan results.";
log.error(message, e);
Assert.fail(message);
}
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
MachinaException(com.checkmarx.flow.exception.MachinaException)
ExecutionException(java.util.concurrent.ExecutionException)
TimeoutException(java.util.concurrent.TimeoutException)
When(io.cucumber.java.en.When)
Aggregations
ScanResults (com.checkmarx.sdk.dto.ScanResults)58
MachinaException (com.checkmarx.flow.exception.MachinaException)17
ScanRequest (com.checkmarx.flow.dto.ScanRequest)16
CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)14
When (io.cucumber.java.en.When)9
MachinaRuntimeException (com.checkmarx.flow.exception.MachinaRuntimeException)6
CxScanSummary (com.checkmarx.sdk.dto.cx.CxScanSummary)6
FilterConfiguration (com.checkmarx.sdk.dto.filtering.FilterConfiguration)6
ExecutionException (java.util.concurrent.ExecutionException)5
TimeoutException (java.util.concurrent.TimeoutException)5
BugTracker (com.checkmarx.flow.dto.BugTracker)4
ScanParams (com.checkmarx.sdk.dto.ast.ScanParams)4
Filter (com.checkmarx.sdk.dto.sast.Filter)4
Test (org.junit.Test)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
JiraClientException (com.checkmarx.flow.exception.JiraClientException)3
CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)3
Finding (com.checkmarx.sdk.dto.sca.report.Finding)3
Package (com.checkmarx.sdk.dto.sca.report.Package)3
IOException (java.io.IOException)3
