use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxService method updateProjectCustomFields.
/**
* Update a project's custom fields
*
* @param cxProject the Checkmarx project
* @throws CheckmarxException
*/
public void updateProjectCustomFields(CxProject cxProject) throws CheckmarxException {
StringBuilder sb = new StringBuilder();
String strJSON = "{'name':'%s','owningTeam':%d,'customFields':[";
strJSON = String.format(strJSON, cxProject.getName(), Integer.parseInt(cxProject.getTeamId()));
sb.append(strJSON);
boolean first = true;
for (CxProject.CustomField customField : cxProject.customFields) {
if (first) {
first = false;
} else {
sb.append(',');
}
String fieldJSON = "{'id':%d,'value':'%s'}";
fieldJSON = String.format(fieldJSON, customField.id, customField.value);
sb.append(fieldJSON);
}
sb.append("]}");
String body = sb.toString();
log.debug("updateProjectCustomFields: request body: {}", body);
HttpEntity requestEntity = new HttpEntity<>(body, authClient.createAuthHeaders());
try {
log.info("Updating custom fields for project {} with id {}", cxProject.getName(), cxProject.getId());
restTemplate.exchange(cxProperties.getUrl().concat(PROJECT), HttpMethod.PUT, requestEntity, String.class, cxProject.getId());
} catch (HttpStatusCodeException e) {
log.debug(ExceptionUtils.getStackTrace(e));
log.error("Error occurred while updating custom fields for project {}.", cxProject.getName());
throw new CheckmarxException("Error occurred while updating custom fields for project: " + e.getLocalizedMessage());
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxService method getLdapTeamMapId.
@Override
public Integer getLdapTeamMapId(Integer ldapServerId, String teamId, String ldapGroupDn) throws CheckmarxException {
if (cxProperties.getVersion() < 9.0) {
throw new CheckmarxException(ONLY_SUPPORTED_IN_90_PLUS);
}
try {
HttpEntity requestEntity = new HttpEntity<>(authClient.createAuthHeaders());
ResponseEntity<String> response = restTemplate.exchange(cxProperties.getUrl().concat(TEAM_LDAP_MAPPINGS), HttpMethod.GET, requestEntity, String.class, ldapServerId);
JSONArray objs = new JSONArray(response.getBody());
for (int i = 0; i < objs.length(); i++) {
JSONObject obj = objs.getJSONObject(i);
String cn = obj.getString("ldapGroupDn");
if (teamId.equals(obj.getString("teamId")) && cn.equals(ldapGroupDn)) {
return obj.getInt("id");
}
}
log.info("No mapping found for {} with Server id {}", ldapGroupDn, ldapServerId);
} catch (HttpStatusCodeException e) {
log.error("Error occurred while retrieving ldap server mappings, http error {}", e.getStatusCode());
log.error(ExceptionUtils.getStackTrace(e));
}
return UNKNOWN_INT;
}
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class AbstractVulnerabilityScanner method scan.
@Override
public ScanResults scan(ScanRequest scanRequest) {
log.info("--------------------- Initiating new {} scan ---------------------", SCAN_TYPE);
setRequestParamsByProperties(scanRequest);
checkScanSubmitEmailDelivery(scanRequest);
try {
Integer scanId;
CxScanParams cxScanParams = getScanRequestConverter().toScanParams(scanRequest);
Integer projectId = cxScanParams.getProjectId();
log.info("Checking if there is any existing scan for Project: {}", projectId);
Integer existingScanId = getScannerClient().getScanIdOfExistingScanIfExists(projectId);
String scanComment = getScanComment(scanRequest);
if (existingScanId != UNKNOWN_INT) {
if (!getCxPropertiesBase().getScanQueuing()) {
Boolean scanResubmit = false;
if (scanRequest.getScanResubmit() != null) {
scanResubmit = Boolean.parseBoolean(scanRequest.getScanResubmit());
} else if (flowProperties.getScanResubmit()) {
scanResubmit = flowProperties.getScanResubmit();
}
if (scanResubmit) {
log.info("Existing ongoing scan with id {} found for Project : {}", existingScanId, projectId);
log.info("Aborting the ongoing scan with id {} for Project: {}", existingScanId, projectId);
getScannerClient().cancelScan(existingScanId);
log.info("Resubmitting the scan for Project: {}", projectId);
scanId = getScannerClient().createScan(cxScanParams, scanComment);
} else {
log.warn("Property scan-resubmit set to {} : New scan not submitted, due to existing ongoing scan for the same Project id {}", flowProperties.getScanResubmit(), projectId);
bugTrackers.getBugTrackerEventTrigger().triggerScanNotSubmittedBugTrackerEvent(scanRequest, getEmptyScanResults());
throw new CheckmarxException(String.format("Active Scan with Id %d already exists for Project: %d", existingScanId, projectId));
}
} else {
scanId = getScannerClient().createScan(cxScanParams, scanComment);
}
} else {
scanId = getScannerClient().createScan(cxScanParams, scanComment);
}
return getScanResults(scanRequest, projectId, scanId);
} catch (GitHubRepoUnavailableException e) {
// an error stack trace in the log
return getEmptyScanResults();
} catch (Exception e) {
log.error("SAST scan failed", e);
OperationResult scanCreationFailure = new OperationResult(OperationStatus.FAILURE, e.getMessage());
ScanReport report = new ScanReport(-1, scanRequest, scanRequest.getRepoUrl(), scanCreationFailure);
report.log();
return getEmptyScanResults();
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class AbstractVulnerabilityScanner method getLatestScanResultsAsync.
public CompletableFuture<ScanResults> getLatestScanResultsAsync(ScanRequest request, CxProject cxProject) {
try {
CxProject project;
if (cxProject == null) {
Integer projectId = getProjectId(request);
if (projectId.equals(UNKNOWN_INT)) {
log.warn("No project found for {}", request.getProject());
return CompletableFuture.completedFuture(null);
}
project = getScannerClient().getProject(projectId);
} else {
project = cxProject;
}
Integer scanId = getScannerClient().getLastScanId(project.getId());
if (scanId.equals(UNKNOWN_INT)) {
log.warn("No Scan Results to process for project {}", project.getName());
CompletableFuture<ScanResults> x = new CompletableFuture<>();
x.complete(null);
return x;
}
setCxFields(project, request);
// null is passed for osaScanId as it is not applicable here and will be ignored
return resultsService.processScanResultsAsync(request, project.getId(), scanId, null, request.getFilter());
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred while processing results for {}{}", request.getTeam(), request.getProject(), e);
CompletableFuture<ScanResults> x = new CompletableFuture<>();
x.completeExceptionally(e);
return x;
}
}
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class AbstractVulnerabilityScanner method scanLocalPath.
private ScanResults scanLocalPath(ScanRequest request, String path) throws ExitThrowable {
ScanResults results = null;
try {
String effectiveProjectName = projectNameGenerator.determineProjectName(request);
request.setProject(effectiveProjectName);
overrideScanPreset(request);
File zipFile = ZipUtils.zipToTempFile(path, flowProperties.getZipExclude());
ScanDetails details = executeCxScan(request, zipFile);
results = getScanResults(request, details.getProjectId(), details.getScanId());
log.debug("Deleting temp file {}", zipFile.getPath());
Files.deleteIfExists(zipFile.toPath());
} catch (IOException e) {
log.error("Error occurred while attempting to zip path {}", path, e);
exit(3);
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred", e);
exit(3);
}
return results;
}
Aggregations