use of com.checkmarx.sdk.dto.cx.CxProject in project cx-flow by checkmarx-ltd.
the class ResultsService method getCxFields.
private void getCxFields(ScanRequest request, ScanResults results) throws MachinaException {
try {
/*Are cx fields required?*/
if (!requiresCxCustomFields(request.getBugTracker().getFields())) {
return;
}
/*if so, then get them and add them to the request object*/
if (!ScanUtils.empty(results.getProjectId()) && !results.getProjectId().equals(Constants.UNKNOWN)) {
CxProject project = cxScannerService.getScannerClient().getProject(Integer.parseInt(results.getProjectId()));
Map<String, String> fields = new HashMap<>();
for (CxProject.CustomField field : project.getCustomFields()) {
if (!ScanUtils.empty(field.getName()) && !ScanUtils.empty(field.getValue())) {
fields.put(field.getName(), field.getValue());
}
}
if (!fields.isEmpty()) {
request.setCxFields(fields);
if (!ScanUtils.empty(cxScannerService.getProperties().getJiraProjectField())) {
String jiraProject = fields.get(cxScannerService.getProperties().getJiraProjectField());
if (!ScanUtils.empty(jiraProject)) {
request.getBugTracker().setProjectKey(jiraProject);
}
}
if (!ScanUtils.empty(cxScannerService.getProperties().getJiraIssuetypeField())) {
String jiraIssuetype = fields.get(cxScannerService.getProperties().getJiraIssuetypeField());
if (!ScanUtils.empty(jiraIssuetype)) {
request.getBugTracker().setIssueType(jiraIssuetype);
}
}
}
}
} catch (InvalidCredentialsException e) {
log.warn("Error retrieving Checkmarx Project details for {}, no custom fields will be available", results.getProjectId(), e);
throw new MachinaException("Error logging into Checkmarx");
}
}
use of com.checkmarx.sdk.dto.cx.CxProject in project cx-flow by checkmarx-ltd.
the class ThresholdsSteps method initMock.
private void initMock(CxClient cxClientMock) {
try {
CxProject cxProject = CxProject.builder().id(1).name("testproject").isPublic(false).customFields(Collections.EMPTY_LIST).build();
ScanResultsAnswerer answerer = new ScanResultsAnswerer();
when(cxClientMock.getReportContentByScanId(anyInt(), any())).thenAnswer(answerer);
when(cxClientMock.getProject(anyInt())).thenReturn(cxProject);
when(cxClientMock.getTeamId(anyString())).thenReturn("1");
} catch (CheckmarxException e) {
Assert.fail("Error initializing mock." + e);
}
}
use of com.checkmarx.sdk.dto.cx.CxProject in project cx-flow by checkmarx-ltd.
the class AbstractVulnerabilityScanner method getLatestScanResultsAsync.
public CompletableFuture<ScanResults> getLatestScanResultsAsync(ScanRequest request, CxProject cxProject) {
try {
CxProject project;
if (cxProject == null) {
Integer projectId = getProjectId(request);
if (projectId.equals(UNKNOWN_INT)) {
log.warn("No project found for {}", request.getProject());
return CompletableFuture.completedFuture(null);
}
project = getScannerClient().getProject(projectId);
} else {
project = cxProject;
}
Integer scanId = getScannerClient().getLastScanId(project.getId());
if (scanId.equals(UNKNOWN_INT)) {
log.warn("No Scan Results to process for project {}", project.getName());
CompletableFuture<ScanResults> x = new CompletableFuture<>();
x.complete(null);
return x;
}
setCxFields(project, request);
// null is passed for osaScanId as it is not applicable here and will be ignored
return resultsService.processScanResultsAsync(request, project.getId(), scanId, null, request.getFilter());
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred while processing results for {}{}", request.getTeam(), request.getProject(), e);
CompletableFuture<ScanResults> x = new CompletableFuture<>();
x.completeExceptionally(e);
return x;
}
}
use of com.checkmarx.sdk.dto.cx.CxProject in project cx-flow by checkmarx-ltd.
the class GitHubService method startBlockMerge.
public void startBlockMerge(ScanRequest request, String url) {
if (properties.isBlockMerge()) {
final String PULL_REQUEST_STATUS = "pending";
// When Shard Manager is enabled overide the PULL url to link to the correct shard.
if (cxProperties.getEnableShardManager()) {
ShardSession shard = sessionTracker.getShardSession();
try {
String teamId = cxService.getTeamId(request.getTeam());
List<CxProject> projects = cxService.getProjects(teamId);
String projectID = "0";
// String projName = request.getRepoName() + "-" + request.getBranch();
for (CxProject project : projects) {
if (project.getName().equals(request.getProject())) {
projectID = project.getId().toString();
}
}
url = shard.getUrl() + "/cxwebclient/portal#/projectState/" + projectID + "/Summary";
} catch (CheckmarxException e) {
log.error(URL_INVALID);
}
}
HttpEntity<?> httpEntity = new HttpEntity<>(getJSONStatus(PULL_REQUEST_STATUS, url, "Checkmarx Scan Initiated").toString(), createAuthHeaders(request));
String statusApiUrl = request.getAdditionalMetadata(STATUSES_URL_KEY);
if (ScanUtils.empty(statusApiUrl)) {
log.error(STATUSES_URL_NOT_PROVIDED);
return;
}
log.debug("Setting pull request status to '{}': {}", PULL_REQUEST_STATUS, statusApiUrl);
String logErrorMessage = String.format("failed to set pull request status to %s", PULL_REQUEST_STATUS);
statusExchange(request, httpEntity, statusApiUrl, logErrorMessage);
}
}
use of com.checkmarx.sdk.dto.cx.CxProject in project cx-flow by checkmarx-ltd.
the class SastScanner method cxBatch.
/**
* Process Projects in batch mode - JIRA ONLY
*/
public void cxBatch(ScanRequest originalRequest) throws ExitThrowable {
try {
List<CxProject> projects;
List<CompletableFuture<ScanResults>> processes = new ArrayList<>();
// Get all projects
if (ScanUtils.empty(originalRequest.getTeam())) {
projects = cxService.getProjects();
} else {
// Get projects for the provided team
String team = originalRequest.getTeam();
if (!team.startsWith(cxProperties.getTeamPathSeparator())) {
team = cxProperties.getTeamPathSeparator().concat(team);
}
String teamId = cxService.getTeamId(team);
projects = cxService.getProjects(teamId);
}
for (CxProject project : projects) {
ScanRequest request = new ScanRequest(originalRequest);
String name = project.getName().replaceAll("[^a-zA-Z0-9-_]+", "_");
// TODO set team when entire instance batch mode
// update new request object with a unique id for thread log monitoring
projectNameGenerator.getHelperService().getShortUid(request);
request.setProject(name);
request.setApplication(name);
processes.add(getLatestScanResultsAsync(request, project));
}
log.info("Waiting for processing to complete");
processes.forEach(CompletableFuture::join);
} catch (CheckmarxException e) {
log.error("Error occurred while processing projects in batch mode", e);
exit(3);
}
}
Aggregations