use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ClientTypeResolverTest method checkThatExceptionIsThrown.
private static void checkThatExceptionIsThrown(String url) {
ClientTypeResolver resolver = new ClientTypeResolver(new RestClientConfig());
try {
resolver.determineClientType(url);
Assert.fail("Expected exception, but didn't get any.");
} catch (Exception e) {
Assert.assertTrue("Unexpected exception type.", e instanceof ScannerRuntimeException);
Assert.assertTrue("Exception message is empty.", StringUtils.isNotEmpty(e.getMessage()));
log.info("Got an expected exception");
}
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaTest method getRepoUrl.
private URL getRepoUrl() {
URL parsedUrl;
try {
String token = githubProperties.getToken();
String gitAuthUrl = githubProperties.getUrl().replace(Constants.HTTPS, Constants.HTTPS.concat(token).concat("@"));
gitAuthUrl = gitAuthUrl.replace(Constants.HTTP, Constants.HTTP.concat(token).concat("@"));
parsedUrl = new URL(gitAuthUrl);
} catch (MalformedURLException e) {
log.error("Failed to parse repository URL: '{}'", githubProperties.getUrl());
failOnException(e);
throw new ScannerRuntimeException("Invalid repository URL.");
}
return parsedUrl;
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method getScanResults.
private SCAResults getScanResults() {
SCAResults result;
log.debug("Getting results for scan ID {}", scanId);
try {
result = new SCAResults();
result.setScanId(this.scanId);
ScaSummaryBaseFormat summaryBaseFormat = getSummaryReport(scanId);
printSummary(summaryBaseFormat, this.scanId);
ModelMapper mapper = new ModelMapper();
Summary summary = mapper.map(summaryBaseFormat, Summary.class);
Map<Filter.Severity, Integer> findingCountsPerSeverity = getFindingCountMap(summaryBaseFormat);
summary.setFindingCounts(findingCountsPerSeverity);
result.setSummary(summary);
List<Finding> findings = getFindings(scanId);
result.setFindings(findings);
List<Package> packages = getPackages(scanId);
result.setPackages(packages);
String reportLink = getWebReportLink(config.getScaConfig().getWebAppUrl());
result.setWebReportLink(reportLink);
printWebReportLink(result);
result.setScaResultReady(true);
String riskReportId = getRiskReportByProjectId(this.projectId);
List<PolicyEvaluation> policyEvaluationsByReportId = getPolicyEvaluationByReportId(riskReportId);
List<String> scanViolatedPolicies = getScanViolatedPolicies(policyEvaluationsByReportId);
result.setPolicyViolated(!scanViolatedPolicies.isEmpty());
result.setViolatedPolicies(scanViolatedPolicies);
if (scaProperties.isPreserveXml()) {
String path = String.format(REPORT_IN_XML_WITH_SCANID, URLEncoder.encode(scanId, ENCODING));
String xml = httpClient.getRequest(path, ContentType.CONTENT_TYPE_APPLICATION_JSON, String.class, HttpStatus.SC_OK, "CxSCA findings", false);
xml = xml.trim().replaceFirst("^([\\W]+)<", "<");
String xml2 = ScanUtils.cleanStringUTF8_2(xml);
result.setOutput(xml2);
}
log.info("Retrieved SCA results successfully.");
} catch (IOException e) {
throw new ScannerRuntimeException("Error retrieving CxSCA scan results.", e);
}
return result;
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method getEffectiveRepoUrl.
/**
* Transforms the repo URL if credentials are specified in repoInfo.
*/
protected URL getEffectiveRepoUrl(RemoteRepositoryInfo repoInfo) {
URL result;
URL initialUrl = repoInfo.getUrl();
// Otherwise we may get something like "https://mytoken:null@github.com".
String username = StringUtils.defaultString(repoInfo.getUsername());
String password = StringUtils.defaultString(repoInfo.getPassword());
try {
if (StringUtils.isNotEmpty(username) || StringUtils.isNotEmpty(password)) {
log.info("Adding credentials as the userinfo part of the URL, because {} only supports this kind of authentication.", getScannerDisplayName());
result = new URIBuilder(initialUrl.toURI()).setUserInfo(username, password).build().toURL();
} else {
result = repoInfo.getUrl();
}
} catch (Exception e) {
throw new ScannerRuntimeException("Error getting effective repo URL.");
}
return result;
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method initiateScan.
@Override
public ResultsBase initiateScan() {
log.info("----------------------------------- Initiating {} Scan:------------------------------------", getScannerDisplayName());
SCAResults scaResults = new SCAResults();
scanId = null;
projectId = null;
try {
ScaConfig scaConfig = config.getScaConfig();
SourceLocationType locationType = scaConfig.getSourceLocationType();
HttpResponse response;
projectId = resolveRiskManagementProject();
boolean isManifestAndFingerprintsOnly = !config.getScaConfig().isIncludeSources();
if (isManifestAndFingerprintsOnly) {
this.resolvingConfiguration = getCxSCAResolvingConfigurationForProject(this.projectId);
log.info("Got the following manifest patterns {}", this.resolvingConfiguration.getManifests());
log.info("Got the following fingerprint patterns {}", this.resolvingConfiguration.getFingerprints());
}
if (locationType == SourceLocationType.REMOTE_REPOSITORY) {
response = submitSourcesFromRemoteRepo(projectId, scaConfig);
} else {
if (scaConfig.isIncludeSources()) {
response = submitAllSourcesFromLocalDir(projectId, scaConfig);
} else {
response = submitManifestsAndFingerprintsFromLocalDir(projectId, scaConfig);
}
}
this.scanId = extractScanIdFrom(response);
scaResults.setScanId(scanId);
} catch (Exception e) {
log.error(e.getMessage());
setState(State.FAILED);
scaResults.setException(new ScannerRuntimeException("Error creating scan.", e));
} finally {
if (config.isClonedRepo() && config.getZipFile() != null) {
log.info("Deleting cloned repo zip file: {}", config.getZipFile());
FileUtils.deleteQuietly(config.getZipFile());
}
}
return scaResults;
}
Aggregations