Search in sources :

Example 6 with CxScanSummary

use of com.checkmarx.sdk.dto.cx.CxScanSummary in project cx-flow by checkmarx-ltd.

the class ScanResultsBuilder method getScanSummary.

private static CxScanSummary getScanSummary() {
    CxScanSummary result = new CxScanSummary();
    result.setHighSeverity(1);
    result.setMediumSeverity(0);
    result.setLowSeverity(0);
    result.setInfoSeverity(0);
    result.setStatisticsCalculationDate("2020-01-19");
    return result;
}
Also used : CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary)

Example 7 with CxScanSummary

use of com.checkmarx.sdk.dto.cx.CxScanSummary in project cx-flow by checkmarx-ltd.

the class CxConfigBugTrackerSteps method createFakeScanResults.

private static ScanResults createFakeScanResults() {
    ScanResults result = new ScanResults();
    result.setScanSummary(new CxScanSummary());
    Map<String, Object> details = new HashMap<>();
    details.put(Constants.SUMMARY_KEY, new HashMap<>());
    result.setAdditionalDetails(details);
    result.setXIssues(new ArrayList<>());
    return result;
}
Also used : ScanResults(com.checkmarx.sdk.dto.ScanResults) CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary)

Example 8 with CxScanSummary

use of com.checkmarx.sdk.dto.cx.CxScanSummary in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class GoScanner method getReportContentByScanId.

@Override
public ScanResults getReportContentByScanId(Integer scanId, FilterConfiguration filter) throws CheckmarxException {
    ScanResults.ScanResultsBuilder results = ScanResults.builder();
    Scan scan = getScanDetails(scanId);
    Integer projectId = scan.getProjectId();
    Integer buId = scan.getBusinessUnitId();
    Integer appId = scan.getApplicationId();
    GoScanResults resultFromAllEngines = getScanResults(scanId);
    List<ScanResults.XIssue> xIssues = new ArrayList<>();
    // SAST
    List<SASTScanResult> mainResultInfos = Optional.ofNullable(resultFromAllEngines).map(GoScanResults::getSast).orElse(null);
    if (mainResultInfos != null) {
        Map<String, OdScanResultItem> additionalResultInfos = getScanResultsPage(projectId, scanId);
        Map<String, Integer> issuesBySeverity = new HashMap<>();
        log.debug("SAST finding count before filtering: {}", mainResultInfos.size());
        log.info("Processing SAST results");
        mainResultInfos.stream().filter(applySastFilter(additionalResultInfos, filter)).forEach(mainResultInfo -> handleSastIssue(xIssues, mainResultInfo, additionalResultInfos, projectId, scanId, issuesBySeverity));
        CxScanSummary scanSummary = getCxScanSummary(scan);
        Map<String, Object> flowSummary = new HashMap<>();
        flowSummary.put(Constants.SUMMARY_KEY, issuesBySeverity);
        flowSummary.put(Constants.SCAN_ID_KEY, scanId);
        results.additionalDetails(flowSummary);
        results.scanSummary(scanSummary);
    }
    // SCA
    List<SCAScanResult> rawScanResults = Optional.ofNullable(resultFromAllEngines).map(GoScanResults::getSca).orElse(null);
    if (rawScanResults != null) {
        logRawScaScanResults(rawScanResults);
        List<Finding> findings = new ArrayList<>();
        List<Package> packages = new ArrayList<>();
        log.info("Processing SCA results");
        rawScanResults.stream().filter(rawScanResult -> !rawScanResult.isIgnored()).filter(applyScaFilter(filter)).forEach(rawScanResult -> handleScaIssue(xIssues, findings, packages, rawScanResult));
        logFindings(findings);
        logPackages(packages);
        SCAResults scaResults = new SCAResults();
        scaResults.setFindings(findings);
        scaResults.setPackages(packages);
        if (!rawScanResults.isEmpty()) {
            scaResults.setScanId(rawScanResults.get(0).getScanId().toString());
        }
        Summary summary = getScaScanSummary(scan);
        scaResults.setSummary(summary);
        String urlTemplate = cxGoProperties.getPortalUrl().concat(SCA_DEEP_LINK);
        String scaDeepLink = String.format(urlTemplate, buId, appId, projectId, scanId);
        scaResults.setWebReportLink(scaDeepLink);
        results.scaResults(scaResults);
    }
    results.xIssues(xIssues);
    results.projectId(projectId.toString());
    String urlTemplate = cxGoProperties.getPortalUrl().concat(DEEP_LINK);
    String deepLink = String.format(urlTemplate, buId, appId, projectId, scanId);
    results.link(deepLink);
    return results.build();
}
Also used : ScanResults(com.checkmarx.sdk.dto.ScanResults) SCAResults(com.checkmarx.sdk.dto.sca.SCAResults) CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary) Finding(com.checkmarx.sdk.dto.sca.report.Finding) Summary(com.checkmarx.sdk.dto.sca.Summary) CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary) JSONObject(org.json.JSONObject) Package(com.checkmarx.sdk.dto.sca.report.Package)

Example 9 with CxScanSummary

use of com.checkmarx.sdk.dto.cx.CxScanSummary in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class GoScanner method getCxScanSummary.

private static CxScanSummary getCxScanSummary(Scan scanDetails) {
    CxScanSummary scanSummary = new CxScanSummary();
    Map<String, Object> sastScanDetails = (Map<String, Object>) scanDetails.getEngines().get("sast");
    if (sastScanDetails != null) {
        int high = (int) sastScanDetails.get("high_severities_count");
        int med = (int) sastScanDetails.get("medium_severities_count");
        int low = (int) sastScanDetails.get("low_severities_count");
        scanSummary.setHighSeverity(high);
        scanSummary.setMediumSeverity(med);
        scanSummary.setLowSeverity(low);
        // Does not exist
        scanSummary.setInfoSeverity(0);
    }
    return scanSummary;
}
Also used : JSONObject(org.json.JSONObject) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary)

Example 10 with CxScanSummary

use of com.checkmarx.sdk.dto.cx.CxScanSummary in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class CxServiceIT method getScanSummary.

@Test
public void getScanSummary() {
    try {
        String teamId = service.getTeamId(properties.getTeam());
        Integer projectId = service.getProjectId(teamId, "Riches");
        CxScanSummary summary = service.getScanSummary(projectId);
        assertNotNull(summary);
        assertNotNull(summary.getStatisticsCalculationDate());
    } catch (CheckmarxException e) {
        fail("Unexpected CheckmarxException");
    }
}
Also used : CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) CxScanSummary(com.checkmarx.sdk.dto.cx.CxScanSummary) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Aggregations

CxScanSummary (com.checkmarx.sdk.dto.cx.CxScanSummary)15 ScanResults (com.checkmarx.sdk.dto.ScanResults)6 JSONObject (org.json.JSONObject)2 ASTResults (com.checkmarx.sdk.dto.ast.ASTResults)1 AstSummaryResults (com.checkmarx.sdk.dto.ast.report.AstSummaryResults)1 Finding (com.checkmarx.sdk.dto.ast.report.Finding)1 SCAResults (com.checkmarx.sdk.dto.sca.SCAResults)1 Summary (com.checkmarx.sdk.dto.sca.Summary)1 Finding (com.checkmarx.sdk.dto.sca.report.Finding)1 Package (com.checkmarx.sdk.dto.sca.report.Package)1 CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)1 CxClient (com.checkmarx.sdk.service.scanner.CxClient)1 HashMap (java.util.HashMap)1 Test (org.junit.Test)1 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)1 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)1 MultiValueMap (org.springframework.util.MultiValueMap)1