Example 16 with CxConfig
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ADOController method checkForConfigAsCode.
private void checkForConfigAsCode(ScanRequest request, String branch) {
CxConfig cxConfig = adoService.getCxConfigOverride(request, branch);
configOverrider.overrideScanRequestProperties(cxConfig, request);
}
Also used :
CxConfig(com.checkmarx.sdk.dto.sast.CxConfig)
Example 17 with CxConfig
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class BitBucketService method loadCxConfigFromBitbucket.
private CxConfig loadCxConfigFromBitbucket(ScanRequest request) {
CxConfig cxConfig;
HttpHeaders headers = createAuthHeaders(request.getScmInstance());
String repoSelfUrl = request.getAdditionalMetadata(REPO_SELF_URL);
String urlTemplate;
if (request.getRepoType().equals(ScanRequest.Repository.BITBUCKETSERVER)) {
urlTemplate = repoSelfUrl.concat(FILE_CONTENT_FOR_BB_SERVER);
} else {
urlTemplate = repoSelfUrl.concat(FILE_CONTENT_FOR_BB_CLOUD);
}
Map<String, String> uriVariables = new HashMap<>();
uriVariables.put("hash", request.getHash());
uriVariables.put("config", properties.getConfigAsCode());
ResponseEntity<String> response = restTemplate.exchange(urlTemplate, HttpMethod.GET, new HttpEntity<>(headers), String.class, uriVariables);
if (response.getBody() == null) {
log.warn(HTTP_BODY_IS_NULL);
cxConfig = null;
} else {
JSONObject json = new JSONObject(response.getBody());
if (ScanUtils.empty(json.toString())) {
log.warn(CONTENT_NOT_FOUND_IN_RESPONSE);
cxConfig = null;
} else {
cxConfig = com.checkmarx.sdk.utils.ScanUtils.getConfigAsCode(json.toString());
}
}
return cxConfig;
}
Also used :
JSONObject(org.json.JSONObject)
CxConfig(com.checkmarx.sdk.dto.sast.CxConfig)
Example 18 with CxConfig
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class AstRemoteRepoScanSteps method startScan.
public void startScan(List<VulnerabilityScanner> scanners, String branch, String repo, boolean isPublicRepo, String projectName) {
CxProperties cxProperties = new CxProperties();
ExternalScriptService scriptService = new ExternalScriptService();
CxScannerService cxScannerService = new CxScannerService(cxProperties, null, null, null, null);
HelperService helperService = new HelperService(flowProperties, cxScannerService, jiraProperties, scriptService);
ProjectNameGenerator projectNameGenerator = new ProjectNameGenerator(helperService, cxScannerService, flowProperties);
FlowService flowService = new FlowService(new ArrayList<>(), projectNameGenerator, resultsServiceMock);
ScanRequest scanRequest = getBasicScanRequest(branch, repo, isPublicRepo, projectName);
scanRequest = configOverrider.overrideScanRequestProperties(new CxConfig(), scanRequest);
scanRequest.setVulnerabilityScanners(scanners);
BugTracker bt = BugTracker.builder().type(BugTracker.Type.JIRA).customBean("JIRA").build();
scanRequest.setBugTracker(bt);
flowService.initiateAutomation(scanRequest);
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
CxProperties(com.checkmarx.sdk.config.CxProperties)
CxConfig(com.checkmarx.sdk.dto.sast.CxConfig)
BugTracker(com.checkmarx.flow.dto.BugTracker)
Example 19 with CxConfig
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class ScanUtilsTest method testCxConfigOverride.
@Test
public void testCxConfigOverride() {
ScanRequest request = ScanRequest.builder().application("abc").product(ScanRequest.Product.CX).project("test").team("\\CxServer\\SP\\Checkmarx").namespace("Custodela").repoName("Riches").repoUrl("https://github.com/Custodela/Riches.git").repoType(ScanRequest.Repository.GITHUB).branch("master").refs(Constants.CX_BRANCH_PREFIX.concat("master")).email(null).incremental(true).scanPreset(Constants.CX_DEFAULT_PRESET).build();
File file = new File(getClass().getClassLoader().getResource("CxConfig.json").getFile());
CxConfig cxConfig = ScanUtils.getConfigAsCode(file);
assertNotNull(cxConfig);
configOverrider.overrideScanRequestProperties(cxConfig, request);
assertEquals("/a/b/c", request.getTeam());
assertEquals("XYZ-Riches-master", request.getProject());
assertFalse(request.isIncremental());
assertEquals("All", request.getScanPreset());
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
CxConfig(com.checkmarx.sdk.dto.sast.CxConfig)
File(java.io.File)
Test(org.junit.Test)
Example 20 with CxConfig
use of com.checkmarx.sdk.dto.sast.CxConfig in project cx-flow by checkmarx-ltd.
the class GitHubServiceTest method getCxConfig.
@IfProfileValue(name = "testprofile", value = "integration")
@Test
public void getCxConfig() {
ScanRequest request = ScanRequest.builder().namespace("Custodela").repoName("Riches").branch("master").build();
CxConfig cxConfig = service.getCxConfigOverride(request);
assertNotNull(cxConfig);
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
CxConfig(com.checkmarx.sdk.dto.sast.CxConfig)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
IfProfileValue(org.springframework.test.annotation.IfProfileValue)
Aggregations
CxConfig (com.checkmarx.sdk.dto.sast.CxConfig)22
ScanRequest (com.checkmarx.flow.dto.ScanRequest)11
BugTracker (com.checkmarx.flow.dto.BugTracker)6
File (java.io.File)6
Test (org.junit.Test)6
FilterConfiguration (com.checkmarx.sdk.dto.filtering.FilterConfiguration)4
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)4
IOException (java.io.IOException)4
MachinaRuntimeException (com.checkmarx.flow.exception.MachinaRuntimeException)3
JSONObject (org.json.JSONObject)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
IfProfileValue (org.springframework.test.annotation.IfProfileValue)2
CxProperties (com.checkmarx.sdk.config.CxProperties)1
ScanResults (com.checkmarx.sdk.dto.ScanResults)1
When (io.cucumber.java.en.When)1
ArrayList (java.util.ArrayList)1
HttpHeaders (org.springframework.http.HttpHeaders)1
