use of com.checkmarx.sdk.dto.sca.SCAResults in project cx-flow by checkmarx-ltd.
the class AnalyticsSteps method createFakeSCAScanResults.
private static ScanResults createFakeSCAScanResults(Map<FindingSeverity, Integer> findingsPerSeverity, int scanId) {
Map<Filter.Severity, Integer> findingCounts = new HashMap<>();
SCAResults scaResults = new SCAResults();
scaResults.setScanId("" + scanId);
List<Finding> findings = new LinkedList<>();
addFinding(findingsPerSeverity.get(FindingSeverity.HIGH), findingCounts, findings, Severity.HIGH, Filter.Severity.HIGH);
addFinding(findingsPerSeverity.get(FindingSeverity.MEDIUM), findingCounts, findings, Severity.MEDIUM, Filter.Severity.MEDIUM);
addFinding(findingsPerSeverity.get(FindingSeverity.LOW), findingCounts, findings, Severity.LOW, Filter.Severity.LOW);
Summary summary = new Summary();
summary.setFindingCounts(findingCounts);
scaResults.setFindings(findings);
scaResults.setSummary(summary);
scaResults.setPackages(new LinkedList<>());
return ScanResults.builder().scaResults(scaResults).xIssues(new ArrayList<>()).build();
}
use of com.checkmarx.sdk.dto.sca.SCAResults in project cx-flow by checkmarx-ltd.
the class ThresholdValidatorImpl method isAllowedSca.
private boolean isAllowedSca(ScanResults scanResults, ScanRequest request) {
log.debug("Checking if CxSCA pull request merge is allowed.");
Map<Severity, Integer> scaThresholdsSeverity = getScaEffectiveThresholdsSeverity(request);
Double scaThresholdsScore = getScaEffectiveThresholdsScore(request);
boolean isAllowedSca;
// isPolicyViolated flag gets the top priority whether to the break build or not
SCAResults scaResults = scanResults.getScaResults();
if (scaResults.isPolicyViolated()) {
printViolatedPoliciesNames(scaResults.getViolatedPolicies());
isAllowedSca = false;
} else {
writeMapToLog(scaThresholdsSeverity, "Using CxSCA thresholds severity");
writeMapToLog(scaThresholdsScore, "Using CxSCA thresholds score");
isAllowedSca = !isAnyScaThresholdsExceeded(scanResults, scaThresholdsSeverity, scaThresholdsScore);
logIsAllowed(isAllowedSca);
}
return isAllowedSca;
}
use of com.checkmarx.sdk.dto.sca.SCAResults in project cx-flow by checkmarx-ltd.
the class GitHubCommentsASTSteps method createFakeSCAScanResults.
private static ScanResults createFakeSCAScanResults(int high, int medium, int low) {
Map<Filter.Severity, Integer> findingCounts = new HashMap<>();
SCAResults scaResults = new SCAResults();
scaResults.setScanId("" + SCAN_ID);
List<com.checkmarx.sdk.dto.sca.report.Finding> findings = new LinkedList<>();
addFinding(high, findingCounts, findings, Severity.HIGH, Filter.Severity.HIGH);
addFinding(medium, findingCounts, findings, Severity.MEDIUM, Filter.Severity.MEDIUM);
addFinding(low, findingCounts, findings, Severity.LOW, Filter.Severity.LOW);
Summary summary = new Summary();
summary.setFindingCounts(findingCounts);
scaResults.setFindings(findings);
scaResults.setSummary(summary);
scaResults.setPackages(new LinkedList<>());
return ScanResults.builder().scaResults(scaResults).xIssues(new ArrayList<>()).build();
}
use of com.checkmarx.sdk.dto.sca.SCAResults in project cx-flow by checkmarx-ltd.
the class ScaThresholdsSteps method max_findings_score_threshold_score.
@When("max findings score is {word} threshold-score")
public void max_findings_score_threshold_score(String scoreType) {
Double findingsScore = generateScoreThresholds(scoreType);
scaResults = new SCAResults();
scaResults.setScanId("2");
Summary summary = new Summary();
summary.setRiskScore(findingsScore);
List<Finding> findings = new ArrayList<>();
Stream<com.checkmarx.sdk.dto.sast.Filter.Severity> severityStream = Arrays.stream(Filter.Severity.values());
Arrays.stream(Severity.values()).forEach(severity -> populateFindings(findings, severity, 10));
scaResults.setFindings(findings);
Map<Filter.Severity, Integer> findingCounts = severityStream.collect(Collectors.toMap(Function.identity(), v -> 10));
summary.setFindingCounts(findingCounts);
scaResults.setSummary(summary);
}
use of com.checkmarx.sdk.dto.sca.SCAResults in project cx-flow by checkmarx-ltd.
the class ScaThresholdsSteps method initMock.
private void initMock() {
setDefaultFindings();
SCAResults scaResults = getFakeSCAResults(DEFAULT_FINDINGS_CONFIG);
AstScaResults wrapper = new AstScaResults();
wrapper.setScaResults(scaResults);
when(scaClientMock.getLatestScanResults(any())).thenReturn(wrapper);
}
Aggregations