Example 31 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class AbstractVulnerabilityScanner method scanRemoteRepo.
private ScanResults scanRemoteRepo(ScanRequest request) throws ExitThrowable {
ScanResults results = null;
try {
String effectiveProjectName = projectNameGenerator.determineProjectName(request);
request.setProject(effectiveProjectName);
ScanDetails details = executeCxScan(request, null);
results = getScanResults(request, details.getProjectId(), details.getScanId());
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred", e);
exit(3);
}
return results;
}
Also used :
ScanResults(com.checkmarx.sdk.dto.ScanResults)
MachinaException(com.checkmarx.flow.exception.MachinaException)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
Example 32 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class GitHubService method startBlockMerge.
public void startBlockMerge(ScanRequest request, String url) {
if (properties.isBlockMerge()) {
final String PULL_REQUEST_STATUS = "pending";
// When Shard Manager is enabled overide the PULL url to link to the correct shard.
if (cxProperties.getEnableShardManager()) {
ShardSession shard = sessionTracker.getShardSession();
try {
String teamId = cxService.getTeamId(request.getTeam());
List<CxProject> projects = cxService.getProjects(teamId);
String projectID = "0";
// String projName = request.getRepoName() + "-" + request.getBranch();
for (CxProject project : projects) {
if (project.getName().equals(request.getProject())) {
projectID = project.getId().toString();
}
}
url = shard.getUrl() + "/cxwebclient/portal#/projectState/" + projectID + "/Summary";
} catch (CheckmarxException e) {
log.error(URL_INVALID);
}
}
HttpEntity<?> httpEntity = new HttpEntity<>(getJSONStatus(PULL_REQUEST_STATUS, url, "Checkmarx Scan Initiated").toString(), createAuthHeaders(request));
String statusApiUrl = request.getAdditionalMetadata(STATUSES_URL_KEY);
if (ScanUtils.empty(statusApiUrl)) {
log.error(STATUSES_URL_NOT_PROVIDED);
return;
}
log.debug("Setting pull request status to '{}': {}", PULL_REQUEST_STATUS, statusApiUrl);
String logErrorMessage = String.format("failed to set pull request status to %s", PULL_REQUEST_STATUS);
statusExchange(request, httpEntity, statusApiUrl, logErrorMessage);
}
}
Also used :
HttpEntity(org.springframework.http.HttpEntity)
ShardSession(com.checkmarx.sdk.ShardManager.ShardSession)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
CxProject(com.checkmarx.sdk.dto.cx.CxProject)
Example 33 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class SCAScanner method setScannerSpecificProperties.
@Override
protected void setScannerSpecificProperties(ScanRequest scanRequest, ScanParams scanParams) {
try {
// report in xml format
if (!ScanUtils.empty(scanRequest.getBugTracker().getCustomBean()) && scanRequest.getBugTracker().getCustomBean().equalsIgnoreCase("CxXml")) {
scaProperties.setPreserveXml(true);
}
if (scaProperties.isEnabledZipScan()) {
log.info("CxAST-SCA zip scan is enabled");
String scaClonedFolderPath = cxRepoFileHelper.getScaClonedRepoFolderPath(scanRequest.getRepoUrlWithAuth(), scanRequest.getExcludeFiles(), scanRequest.getBranch());
scanParams.setSourceDir(scaClonedFolderPath);
}
if (scanRequest.getExcludeFiles() != null) {
scanParams.getScaConfig().setExcludeFiles(scanRequest.getExcludeFiles());
} else if (scaProperties.getExcludeFiles() != null) {
List<String> excludeFiles = new ArrayList<String>(Arrays.asList(scaProperties.getExcludeFiles().split(",")));
log.debug("Exclude Files list contains : {}", excludeFiles);
scanParams.getScaConfig().setExcludeFiles(excludeFiles);
}
} catch (CheckmarxException e) {
log.error("Error occurred while setting scanner properties", e);
throw new MachinaRuntimeException(e.getMessage());
}
}
Also used :
MachinaRuntimeException(com.checkmarx.flow.exception.MachinaRuntimeException)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 34 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class SastScanner method cxParseResults.
public void cxParseResults(ScanRequest request, File file) throws ExitThrowable {
try {
ScanResults results = cxService.getReportContent(file, request.getFilter());
resultsService.processResults(request, results, scanDetails);
if (flowProperties.isBreakBuild() && results != null && results.getXIssues() != null && !results.getXIssues().isEmpty()) {
log.error(ERROR_BREAK_MSG);
exit(ExitCode.BUILD_INTERRUPTED);
}
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred while processing results file", e);
exit(3);
}
}
Also used :
ScanResults(com.checkmarx.sdk.dto.ScanResults)
MachinaException(com.checkmarx.flow.exception.MachinaException)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
Example 35 with CheckmarxException
use of com.checkmarx.sdk.exception.CheckmarxException in project cx-flow by checkmarx-ltd.
the class SastScanner method cxBatch.
/**
* Process Projects in batch mode - JIRA ONLY
*/
public void cxBatch(ScanRequest originalRequest) throws ExitThrowable {
try {
List<CxProject> projects;
List<CompletableFuture<ScanResults>> processes = new ArrayList<>();
// Get all projects
if (ScanUtils.empty(originalRequest.getTeam())) {
projects = cxService.getProjects();
} else {
// Get projects for the provided team
String team = originalRequest.getTeam();
if (!team.startsWith(cxProperties.getTeamPathSeparator())) {
team = cxProperties.getTeamPathSeparator().concat(team);
}
String teamId = cxService.getTeamId(team);
projects = cxService.getProjects(teamId);
}
for (CxProject project : projects) {
ScanRequest request = new ScanRequest(originalRequest);
String name = project.getName().replaceAll("[^a-zA-Z0-9-_]+", "_");
// TODO set team when entire instance batch mode
// update new request object with a unique id for thread log monitoring
projectNameGenerator.getHelperService().getShortUid(request);
request.setProject(name);
request.setApplication(name);
processes.add(getLatestScanResultsAsync(request, project));
}
log.info("Waiting for processing to complete");
processes.forEach(CompletableFuture::join);
} catch (CheckmarxException e) {
log.error("Error occurred while processing projects in batch mode", e);
exit(3);
}
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
CompletableFuture(java.util.concurrent.CompletableFuture)
CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException)
ArrayList(java.util.ArrayList)
CxProject(com.checkmarx.sdk.dto.cx.CxProject)
Aggregations
CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)62
HttpStatusCodeException (org.springframework.web.client.HttpStatusCodeException)23
ScanResults (com.checkmarx.sdk.dto.ScanResults)11
HttpEntity (org.springframework.http.HttpEntity)10
MachinaException (com.checkmarx.flow.exception.MachinaException)8
Test (org.junit.Test)7
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)7
File (java.io.File)6
JSONObject (org.json.JSONObject)6
CxProject (com.checkmarx.sdk.dto.cx.CxProject)5
CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)4
IOException (java.io.IOException)4
JAXBContext (javax.xml.bind.JAXBContext)4
JAXBException (javax.xml.bind.JAXBException)4
Unmarshaller (javax.xml.bind.Unmarshaller)4
XMLInputFactory (javax.xml.stream.XMLInputFactory)3
GitAPIException (org.eclipse.jgit.api.errors.GitAPIException)3
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)3
SoapActionCallback (org.springframework.ws.soap.client.core.SoapActionCallback)3
ScanReport (com.checkmarx.flow.dto.report.ScanReport)2
