use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class GitHubService method loadConfigAsCode.
private CxConfig loadConfigAsCode(String filename, ScanRequest request) {
CxConfig result = null;
String effectiveBranch = determineConfigAsCodeBranch(request);
String fileContent = downloadFileContent(filename, request, effectiveBranch);
if (fileContent == null) {
log.warn(HTTP_BODY_IS_NULL);
} else {
JSONObject json = new JSONObject(fileContent);
String content = json.getString("content");
if (ScanUtils.empty(content)) {
log.warn(CONTENT_NOT_FOUND_IN_RESPONSE);
} else {
String decodedContent = new String(Base64.decodeBase64(content.trim()));
result = com.checkmarx.sdk.utils.ScanUtils.getConfigAsCode(decodedContent);
}
}
return result;
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ADOService method loadCxConfigFromADO.
private CxConfig loadCxConfigFromADO(ScanRequest request, String branch) {
CxConfig cxConfig;
HttpHeaders headers = ADOUtils.createAuthHeaders(scmConfigOverrider.determineConfigToken(properties, request.getScmInstance()));
String repoSelfUrl = request.getAdditionalMetadata(REPO_SELF_URL);
String url = repoSelfUrl.concat(GET_FILE_CONTENT);
log.info("Trying to load config-as-code from '{}' branch", branch);
ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, new HttpEntity<>(headers), String.class, properties.getConfigAsCode(), branch, properties.getApiVersion());
if (response.getBody() == null) {
log.warn(HTTP_RESPONSE_BODY_IS_NULL);
cxConfig = null;
} else {
JSONObject jsonResponse = new JSONObject(response.getBody());
if (ScanUtils.empty(jsonResponse.toString())) {
log.warn(NO_CONTENT_FOUND_IN_RESPONSE);
cxConfig = null;
} else {
cxConfig = com.checkmarx.sdk.utils.ScanUtils.getConfigAsCode(jsonResponse.toString());
}
}
return cxConfig;
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class BitbucketServerEventHandler method checkForConfigAsCode.
protected void checkForConfigAsCode(ScanRequest request) {
CxConfig cxConfig = configProvider.getBitbucketService().getCxConfigOverride(request);
configProvider.getConfigOverrider().overrideScanRequestProperties(cxConfig, request);
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ScanUtilsTest method testCxConfigBugOverride.
@Test
public void testCxConfigBugOverride() {
BugTracker bt = BugTracker.builder().type(BugTracker.Type.CUSTOM).customBean("GitHub").build();
ScanRequest request = ScanRequest.builder().application("abc").product(ScanRequest.Product.CX).project("test").team("\\CxServer\\SP\\Checkmarx").namespace("Custodela").repoName("Riches").repoUrl("https://github.com/Custodela/Riches.git").repoType(ScanRequest.Repository.GITHUB).branch("master").refs(Constants.CX_BRANCH_PREFIX.concat("master")).email(null).incremental(true).scanPreset(Constants.CX_DEFAULT_PRESET).bugTracker(bt).build();
File file = new File(getClass().getClassLoader().getResource("CxConfig-bug.json").getFile());
CxConfig cxConfig = ScanUtils.getConfigAsCode(file);
assertNotNull(cxConfig);
configOverrider.overrideScanRequestProperties(cxConfig, request);
assertEquals("JIRA", request.getBugTracker().getType().toString());
assertEquals("APPSEC", request.getBugTracker().getProjectKey());
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ScanUtilsTest method testCxConfigFlowOverride.
@Test
public void testCxConfigFlowOverride() {
ScanRequest request = ScanRequest.builder().application("abc").product(ScanRequest.Product.CX).project("test").team("\\CxServer\\SP\\Checkmarx").namespace("Custodela").repoName("Riches").repoUrl("https://github.com/Custodela/Riches.git").repoType(ScanRequest.Repository.GITHUB).branch("master").refs(Constants.CX_BRANCH_PREFIX.concat("master")).email(null).incremental(true).scanPreset(Constants.CX_DEFAULT_PRESET).build();
File file = new File(getClass().getClassLoader().getResource("CxConfig-flow.json").getFile());
CxConfig cxConfig = ScanUtils.getConfigAsCode(file);
assertNotNull(cxConfig);
configOverrider.overrideScanRequestProperties(cxConfig, request);
assertEquals("/a/b/c", request.getTeam());
assertEquals("XYZ-Riches-master", request.getProject());
assertEquals("test app", request.getApplication());
assertEquals(2, request.getActiveBranches().size());
assertNotNull(request.getFilter());
assertNotNull(request.getFilter().getSastFilters().getSimpleFilters());
assertFalse(request.getFilter().getSastFilters().getSimpleFilters().isEmpty());
}
Aggregations