use of com.checkmarx.sdk.dto.sca.Summary in project cx-flow by checkmarx-ltd.
the class AnalyticsSteps method createFakeSCAScanResults.
private static ScanResults createFakeSCAScanResults(Map<FindingSeverity, Integer> findingsPerSeverity, int scanId) {
Map<Filter.Severity, Integer> findingCounts = new HashMap<>();
SCAResults scaResults = new SCAResults();
scaResults.setScanId("" + scanId);
List<Finding> findings = new LinkedList<>();
addFinding(findingsPerSeverity.get(FindingSeverity.HIGH), findingCounts, findings, Severity.HIGH, Filter.Severity.HIGH);
addFinding(findingsPerSeverity.get(FindingSeverity.MEDIUM), findingCounts, findings, Severity.MEDIUM, Filter.Severity.MEDIUM);
addFinding(findingsPerSeverity.get(FindingSeverity.LOW), findingCounts, findings, Severity.LOW, Filter.Severity.LOW);
Summary summary = new Summary();
summary.setFindingCounts(findingCounts);
scaResults.setFindings(findings);
scaResults.setSummary(summary);
scaResults.setPackages(new LinkedList<>());
return ScanResults.builder().scaResults(scaResults).xIssues(new ArrayList<>()).build();
}
use of com.checkmarx.sdk.dto.sca.Summary in project cx-flow by checkmarx-ltd.
the class GitHubCommentsASTSteps method createFakeSCAScanResults.
private static ScanResults createFakeSCAScanResults(int high, int medium, int low) {
Map<Filter.Severity, Integer> findingCounts = new HashMap<>();
SCAResults scaResults = new SCAResults();
scaResults.setScanId("" + SCAN_ID);
List<com.checkmarx.sdk.dto.sca.report.Finding> findings = new LinkedList<>();
addFinding(high, findingCounts, findings, Severity.HIGH, Filter.Severity.HIGH);
addFinding(medium, findingCounts, findings, Severity.MEDIUM, Filter.Severity.MEDIUM);
addFinding(low, findingCounts, findings, Severity.LOW, Filter.Severity.LOW);
Summary summary = new Summary();
summary.setFindingCounts(findingCounts);
scaResults.setFindings(findings);
scaResults.setSummary(summary);
scaResults.setPackages(new LinkedList<>());
return ScanResults.builder().scaResults(scaResults).xIssues(new ArrayList<>()).build();
}
use of com.checkmarx.sdk.dto.sca.Summary in project cx-flow by checkmarx-ltd.
the class ScaThresholdsSteps method max_findings_score_threshold_score.
@When("max findings score is {word} threshold-score")
public void max_findings_score_threshold_score(String scoreType) {
Double findingsScore = generateScoreThresholds(scoreType);
scaResults = new SCAResults();
scaResults.setScanId("2");
Summary summary = new Summary();
summary.setRiskScore(findingsScore);
List<Finding> findings = new ArrayList<>();
Stream<com.checkmarx.sdk.dto.sast.Filter.Severity> severityStream = Arrays.stream(Filter.Severity.values());
Arrays.stream(Severity.values()).forEach(severity -> populateFindings(findings, severity, 10));
scaResults.setFindings(findings);
Map<Filter.Severity, Integer> findingCounts = severityStream.collect(Collectors.toMap(Function.identity(), v -> 10));
summary.setFindingCounts(findingCounts);
scaResults.setSummary(summary);
}
use of com.checkmarx.sdk.dto.sca.Summary in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class GoScanner method getReportContentByScanId.
@Override
public ScanResults getReportContentByScanId(Integer scanId, FilterConfiguration filter) throws CheckmarxException {
ScanResults.ScanResultsBuilder results = ScanResults.builder();
Scan scan = getScanDetails(scanId);
Integer projectId = scan.getProjectId();
Integer buId = scan.getBusinessUnitId();
Integer appId = scan.getApplicationId();
GoScanResults resultFromAllEngines = getScanResults(scanId);
List<ScanResults.XIssue> xIssues = new ArrayList<>();
// SAST
List<SASTScanResult> mainResultInfos = Optional.ofNullable(resultFromAllEngines).map(GoScanResults::getSast).orElse(null);
if (mainResultInfos != null) {
Map<String, OdScanResultItem> additionalResultInfos = getScanResultsPage(projectId, scanId);
Map<String, Integer> issuesBySeverity = new HashMap<>();
log.debug("SAST finding count before filtering: {}", mainResultInfos.size());
log.info("Processing SAST results");
mainResultInfos.stream().filter(applySastFilter(additionalResultInfos, filter)).forEach(mainResultInfo -> handleSastIssue(xIssues, mainResultInfo, additionalResultInfos, projectId, scanId, issuesBySeverity));
CxScanSummary scanSummary = getCxScanSummary(scan);
Map<String, Object> flowSummary = new HashMap<>();
flowSummary.put(Constants.SUMMARY_KEY, issuesBySeverity);
flowSummary.put(Constants.SCAN_ID_KEY, scanId);
results.additionalDetails(flowSummary);
results.scanSummary(scanSummary);
}
// SCA
List<SCAScanResult> rawScanResults = Optional.ofNullable(resultFromAllEngines).map(GoScanResults::getSca).orElse(null);
if (rawScanResults != null) {
logRawScaScanResults(rawScanResults);
List<Finding> findings = new ArrayList<>();
List<Package> packages = new ArrayList<>();
log.info("Processing SCA results");
rawScanResults.stream().filter(rawScanResult -> !rawScanResult.isIgnored()).filter(applyScaFilter(filter)).forEach(rawScanResult -> handleScaIssue(xIssues, findings, packages, rawScanResult));
logFindings(findings);
logPackages(packages);
SCAResults scaResults = new SCAResults();
scaResults.setFindings(findings);
scaResults.setPackages(packages);
if (!rawScanResults.isEmpty()) {
scaResults.setScanId(rawScanResults.get(0).getScanId().toString());
}
Summary summary = getScaScanSummary(scan);
scaResults.setSummary(summary);
String urlTemplate = cxGoProperties.getPortalUrl().concat(SCA_DEEP_LINK);
String scaDeepLink = String.format(urlTemplate, buId, appId, projectId, scanId);
scaResults.setWebReportLink(scaDeepLink);
results.scaResults(scaResults);
}
results.xIssues(xIssues);
results.projectId(projectId.toString());
String urlTemplate = cxGoProperties.getPortalUrl().concat(DEEP_LINK);
String deepLink = String.format(urlTemplate, buId, appId, projectId, scanId);
results.link(deepLink);
return results.build();
}
use of com.checkmarx.sdk.dto.sca.Summary in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class GoScanner method getScaScanSummary.
private static Summary getScaScanSummary(Scan scanDetails) {
Map<String, Object> scaScanDetails = (Map<String, Object>) scanDetails.getEngines().get("sca");
Summary summary = new Summary();
Map<Filter.Severity, Integer> severityMap = new EnumMap<>(Filter.Severity.class);
if (scaScanDetails != null) {
int high = (int) scaScanDetails.get("high_severities_count");
int med = (int) scaScanDetails.get("medium_severities_count");
int low = (int) scaScanDetails.get("low_severities_count");
severityMap.put(Filter.Severity.HIGH, high);
severityMap.put(Filter.Severity.MEDIUM, med);
severityMap.put(Filter.Severity.LOW, low);
severityMap.put(Filter.Severity.INFO, 0);
}
summary.setFindingCounts(severityMap);
return summary;
}
Aggregations