use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ADOController method checkForConfigAsCode.
private void checkForConfigAsCode(ScanRequest request, String branch) {
CxConfig cxConfig = adoService.getCxConfigOverride(request, branch);
configOverrider.overrideScanRequestProperties(cxConfig, request);
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class BitBucketService method loadCxConfigFromBitbucket.
private CxConfig loadCxConfigFromBitbucket(ScanRequest request) {
CxConfig cxConfig;
HttpHeaders headers = createAuthHeaders(request.getScmInstance());
String repoSelfUrl = request.getAdditionalMetadata(REPO_SELF_URL);
String urlTemplate;
if (request.getRepoType().equals(ScanRequest.Repository.BITBUCKETSERVER)) {
urlTemplate = repoSelfUrl.concat(FILE_CONTENT_FOR_BB_SERVER);
} else {
urlTemplate = repoSelfUrl.concat(FILE_CONTENT_FOR_BB_CLOUD);
}
Map<String, String> uriVariables = new HashMap<>();
uriVariables.put("hash", request.getHash());
uriVariables.put("config", properties.getConfigAsCode());
ResponseEntity<String> response = restTemplate.exchange(urlTemplate, HttpMethod.GET, new HttpEntity<>(headers), String.class, uriVariables);
if (response.getBody() == null) {
log.warn(HTTP_BODY_IS_NULL);
cxConfig = null;
} else {
JSONObject json = new JSONObject(response.getBody());
if (ScanUtils.empty(json.toString())) {
log.warn(CONTENT_NOT_FOUND_IN_RESPONSE);
cxConfig = null;
} else {
cxConfig = com.checkmarx.sdk.utils.ScanUtils.getConfigAsCode(json.toString());
}
}
return cxConfig;
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class AstRemoteRepoScanSteps method startScan.
public void startScan(List<VulnerabilityScanner> scanners, String branch, String repo, boolean isPublicRepo, String projectName) {
CxProperties cxProperties = new CxProperties();
ExternalScriptService scriptService = new ExternalScriptService();
CxScannerService cxScannerService = new CxScannerService(cxProperties, null, null, null, null);
HelperService helperService = new HelperService(flowProperties, cxScannerService, jiraProperties, scriptService);
ProjectNameGenerator projectNameGenerator = new ProjectNameGenerator(helperService, cxScannerService, flowProperties);
FlowService flowService = new FlowService(new ArrayList<>(), projectNameGenerator, resultsServiceMock);
ScanRequest scanRequest = getBasicScanRequest(branch, repo, isPublicRepo, projectName);
scanRequest = configOverrider.overrideScanRequestProperties(new CxConfig(), scanRequest);
scanRequest.setVulnerabilityScanners(scanners);
BugTracker bt = BugTracker.builder().type(BugTracker.Type.JIRA).customBean("JIRA").build();
scanRequest.setBugTracker(bt);
flowService.initiateAutomation(scanRequest);
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ScanUtilsTest method testCxConfigOverride.
@Test
public void testCxConfigOverride() {
ScanRequest request = ScanRequest.builder().application("abc").product(ScanRequest.Product.CX).project("test").team("\\CxServer\\SP\\Checkmarx").namespace("Custodela").repoName("Riches").repoUrl("https://github.com/Custodela/Riches.git").repoType(ScanRequest.Repository.GITHUB).branch("master").refs(Constants.CX_BRANCH_PREFIX.concat("master")).email(null).incremental(true).scanPreset(Constants.CX_DEFAULT_PRESET).build();
File file = new File(getClass().getClassLoader().getResource("CxConfig.json").getFile());
CxConfig cxConfig = ScanUtils.getConfigAsCode(file);
assertNotNull(cxConfig);
configOverrider.overrideScanRequestProperties(cxConfig, request);
assertEquals("/a/b/c", request.getTeam());
assertEquals("XYZ-Riches-master", request.getProject());
assertFalse(request.isIncremental());
assertEquals("All", request.getScanPreset());
}
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class GitHubServiceTest method getCxConfig.
@IfProfileValue(name = "testprofile", value = "integration")
@Test
public void getCxConfig() {
ScanRequest request = ScanRequest.builder().namespace("Custodela").repoName("Riches").branch("master").build();
CxConfig cxConfig = service.getCxConfigOverride(request);
assertNotNull(cxConfig);
}
Aggregations