Example 11 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class ScaFilterFactory method initScaFilter.
public void initScaFilter(ScanRequest request) {
log.info("Initializing SCA filters.");
List<Filter> severityFilters = getSeverityFilters(scaProperties.getFilterSeverity());
Filter scoreFilter = getScoreFilter(scaProperties.getFilterScore());
List<Filter> allFilters = combine(severityFilters, scoreFilter);
writeToLog(allFilters);
setScaFilters(allFilters, request);
}
Also used :
Filter(com.checkmarx.sdk.dto.sast.Filter)
Example 12 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class OsaScannerService method cxOsaParseResults.
public void cxOsaParseResults(ScanRequest request, File file, File libs) throws ExitThrowable {
try {
List<Filter> simpleFilters = Optional.ofNullable(request).map(ScanRequest::getFilter).map(FilterConfiguration::getSastFilters).map(EngineFilterConfiguration::getSimpleFilters).orElse(null);
ScanResults results = cxService.getOsaReportContent(file, libs, simpleFilters);
resultsService.processResults(request, results, scanDetails);
if (flowProperties.isBreakBuild() && results != null && results.getXIssues() != null && !results.getXIssues().isEmpty()) {
log.error(ERROR_BREAK_MSG);
exit(ExitCode.BUILD_INTERRUPTED);
}
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred while processing results file(s)", e);
exit(3);
}
}
Also used :
Filter(com.checkmarx.sdk.dto.sast.Filter)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
MachinaException(com.checkmarx.flow.exception.MachinaException)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
EngineFilterConfiguration(com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration)
FilterConfiguration(com.checkmarx.sdk.dto.filtering.FilterConfiguration)
Example 13 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class ResultsService method getOSAScan.
ScanResults getOSAScan(ScanRequest request, Integer projectId, String osaScanId, FilterConfiguration filter, ScanResults results) throws CheckmarxException {
if (Boolean.TRUE.equals(cxScannerService.getProperties().getEnableOsa()) && !ScanUtils.empty(osaScanId)) {
log.info("Waiting for OSA Scan results for scan id {}", osaScanId);
List<Filter> filters = Optional.ofNullable(filter.getScaFilters()).map(EngineFilterConfiguration::getSimpleFilters).orElse(null);
results = osaService.waitForOsaScan(osaScanId, projectId, results, filters);
new ScanResultsReport(osaScanId, request, results).log();
}
return results;
}
Also used :
ScanResultsReport(com.checkmarx.flow.dto.report.ScanResultsReport)
Filter(com.checkmarx.sdk.dto.sast.Filter)
Example 14 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class ScaThresholdsSteps method getFakeSCAResults.
private SCAResults getFakeSCAResults(String findingsName) {
SCAResults scaResults = new SCAResults();
scaResults.setScanId("1");
Summary summary = new Summary();
Map<Filter.Severity, Integer> summaryMap = new EnumMap<>(Filter.Severity.class);
List<Finding> findings = new LinkedList<>();
Map<String, String> specMap = findingsDefs.stream().filter(findingsDef -> findingsDef.get("name").equals(findingsName)).findAny().get();
EnumSet.allOf(Severity.class).forEach(severity -> {
String spec = specMap.get(severity.name().toLowerCase());
log.info("{}-spec: {}", severity, spec);
/* create findings */
Integer count = Arrays.stream(spec.split("-than-")).mapToInt(v -> "more".equals(v) ? 3 : "less".equals(v) ? -3 : Integer.parseInt(v)).reduce(0, Integer::sum);
log.info("going to generate {} issues with {} severity", count, severity);
summaryMap.put(Filter.Severity.valueOf(severity.name()), count);
populateFindings(findings, severity, count);
});
summary.setFindingCounts(summaryMap);
scaResults.setFindings(findings);
scaResults.setSummary(summary);
return scaResults;
}
Also used :
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
TestUtils(com.checkmarx.flow.cucumber.common.utils.TestUtils)
java.util(java.util)
Then(io.cucumber.java.en.Then)
ScanResults(com.checkmarx.sdk.dto.ScanResults)
FlowProperties(com.checkmarx.flow.config.FlowProperties)
Function(java.util.function.Function)
ThresholdValidator(com.checkmarx.flow.service.ThresholdValidator)
And(io.cucumber.java.en.And)
BugTracker(com.checkmarx.flow.dto.BugTracker)
CxFlowApplication(com.checkmarx.flow.CxFlowApplication)
Given(io.cucumber.java.en.Given)
PullRequestReport(com.checkmarx.flow.dto.report.PullRequestReport)
Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals)
ScaScanner(com.checkmarx.sdk.service.scanner.ScaScanner)
ThresholdValidatorImpl(com.checkmarx.flow.service.ThresholdValidatorImpl)
RepoProperties(com.checkmarx.flow.config.RepoProperties)
Filter(com.checkmarx.sdk.dto.sast.Filter)
When(io.cucumber.java.en.When)
ScaProperties(com.checkmarx.sdk.config.ScaProperties)
CxFlowMocksConfig(com.checkmarx.test.flow.config.CxFlowMocksConfig)
Mockito.when(org.mockito.Mockito.when)
IntegrationTestContext(com.checkmarx.flow.cucumber.integration.cli.IntegrationTestContext)
Summary(com.checkmarx.sdk.dto.sca.Summary)
Collectors(java.util.stream.Collectors)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
SCAResults(com.checkmarx.sdk.dto.sca.SCAResults)
Slf4j(lombok.extern.slf4j.Slf4j)
Stream(java.util.stream.Stream)
ExitThrowable(com.checkmarx.flow.exception.ExitThrowable)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Severity(com.checkmarx.sdk.dto.scansummary.Severity)
Finding(com.checkmarx.sdk.dto.sca.report.Finding)
Before(io.cucumber.java.Before)
AstScaResults(com.checkmarx.sdk.dto.AstScaResults)
Assert(org.junit.Assert)
Severity(com.checkmarx.sdk.dto.scansummary.Severity)
SCAResults(com.checkmarx.sdk.dto.sca.SCAResults)
Filter(com.checkmarx.sdk.dto.sast.Filter)
Finding(com.checkmarx.sdk.dto.sca.report.Finding)
Summary(com.checkmarx.sdk.dto.sca.Summary)
Example 15 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class CxConfigSteps method getFilter.
private List<String> getFilter(List<Filter> filters, Filter.Type type) {
List<String> filterByType = new ArrayList<>();
if (filters == null || filters.isEmpty()) {
return filterByType;
}
for (Filter filter : filters) {
if (filter.getType().equals(type)) {
String value = filter.getValue();
filterByType.add(value.toUpperCase(Locale.ROOT));
}
}
return filterByType;
}
Also used :
Filter(com.checkmarx.sdk.dto.sast.Filter)
Aggregations
Filter (com.checkmarx.sdk.dto.sast.Filter)19
FilterConfiguration (com.checkmarx.sdk.dto.filtering.FilterConfiguration)6
ScanResults (com.checkmarx.sdk.dto.ScanResults)5
Test (org.junit.Test)4
EngineFilterConfiguration (com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3
CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)2
CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)2
Given (io.cucumber.java.en.Given)2
Then (io.cucumber.java.en.Then)2
ArrayList (java.util.ArrayList)2
Function (java.util.function.Function)2
Collectors (java.util.stream.Collectors)2
Slf4j (lombok.extern.slf4j.Slf4j)2
Ignore (org.junit.Ignore)2
Issue (com.atlassian.jira.rest.client.api.domain.Issue)1
SearchResult (com.atlassian.jira.rest.client.api.domain.SearchResult)1
CxFlowApplication (com.checkmarx.flow.CxFlowApplication)1
FlowProperties (com.checkmarx.flow.config.FlowProperties)1
RepoProperties (com.checkmarx.flow.config.RepoProperties)1
