Examples with ScannerRuntimeException com.checkmarx.sdk.exception.ScannerRuntimeException used on opensource projects

Example 1 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ClientTypeResolverTest method checkThatExceptionIsThrown.

private static void checkThatExceptionIsThrown(String url) {
    ClientTypeResolver resolver = new ClientTypeResolver(new RestClientConfig());
    try {
        resolver.determineClientType(url);
        Assert.fail("Expected exception, but didn't get any.");
    } catch (Exception e) {
        Assert.assertTrue("Unexpected exception type.", e instanceof ScannerRuntimeException);
        Assert.assertTrue("Exception message is empty.", StringUtils.isNotEmpty(e.getMessage()));
        log.info("Got an expected exception");
    }
}

Example 2 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaTest method getRepoUrl.

private URL getRepoUrl() {
    URL parsedUrl;
    try {
        String token = githubProperties.getToken();
        String gitAuthUrl = githubProperties.getUrl().replace(Constants.HTTPS, Constants.HTTPS.concat(token).concat("@"));
        gitAuthUrl = gitAuthUrl.replace(Constants.HTTP, Constants.HTTP.concat(token).concat("@"));
        parsedUrl = new URL(gitAuthUrl);
    } catch (MalformedURLException e) {
        log.error("Failed to parse repository URL: '{}'", githubProperties.getUrl());
        failOnException(e);
        throw new ScannerRuntimeException("Invalid repository URL.");
    }
    return parsedUrl;
}

Example 3 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaClientHelper method getScanResults.

private SCAResults getScanResults() {
    SCAResults result;
    log.debug("Getting results for scan ID {}", scanId);
    try {
        result = new SCAResults();
        result.setScanId(this.scanId);
        ScaSummaryBaseFormat summaryBaseFormat = getSummaryReport(scanId);
        printSummary(summaryBaseFormat, this.scanId);
        ModelMapper mapper = new ModelMapper();
        Summary summary = mapper.map(summaryBaseFormat, Summary.class);
        Map<Filter.Severity, Integer> findingCountsPerSeverity = getFindingCountMap(summaryBaseFormat);
        summary.setFindingCounts(findingCountsPerSeverity);
        result.setSummary(summary);
        List<Finding> findings = getFindings(scanId);
        result.setFindings(findings);
        List<Package> packages = getPackages(scanId);
        result.setPackages(packages);
        String reportLink = getWebReportLink(config.getScaConfig().getWebAppUrl());
        result.setWebReportLink(reportLink);
        printWebReportLink(result);
        result.setScaResultReady(true);
        String riskReportId = getRiskReportByProjectId(this.projectId);
        List<PolicyEvaluation> policyEvaluationsByReportId = getPolicyEvaluationByReportId(riskReportId);
        List<String> scanViolatedPolicies = getScanViolatedPolicies(policyEvaluationsByReportId);
        result.setPolicyViolated(!scanViolatedPolicies.isEmpty());
        result.setViolatedPolicies(scanViolatedPolicies);
        if (scaProperties.isPreserveXml()) {
            String path = String.format(REPORT_IN_XML_WITH_SCANID, URLEncoder.encode(scanId, ENCODING));
            String xml = httpClient.getRequest(path, ContentType.CONTENT_TYPE_APPLICATION_JSON, String.class, HttpStatus.SC_OK, "CxSCA findings", false);
            xml = xml.trim().replaceFirst("^([\\W]+)<", "<");
            String xml2 = ScanUtils.cleanStringUTF8_2(xml);
            result.setOutput(xml2);
        }
        log.info("Retrieved SCA results successfully.");
    } catch (IOException e) {
        throw new ScannerRuntimeException("Error retrieving CxSCA scan results.", e);
    }
    return result;
}

Example 4 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaClientHelper method getEffectiveRepoUrl.

/**
 * Transforms the repo URL if credentials are specified in repoInfo.
 */
protected URL getEffectiveRepoUrl(RemoteRepositoryInfo repoInfo) {
    URL result;
    URL initialUrl = repoInfo.getUrl();
    // Otherwise we may get something like "https://mytoken:null@github.com".
    String username = StringUtils.defaultString(repoInfo.getUsername());
    String password = StringUtils.defaultString(repoInfo.getPassword());
    try {
        if (StringUtils.isNotEmpty(username) || StringUtils.isNotEmpty(password)) {
            log.info("Adding credentials as the userinfo part of the URL, because {} only supports this kind of authentication.", getScannerDisplayName());
            result = new URIBuilder(initialUrl.toURI()).setUserInfo(username, password).build().toURL();
        } else {
            result = repoInfo.getUrl();
        }
    } catch (Exception e) {
        throw new ScannerRuntimeException("Error getting effective repo URL.");
    }
    return result;
}

Example 5 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaClientHelper method initiateScan.

@Override
public ResultsBase initiateScan() {
    log.info("----------------------------------- Initiating {} Scan:------------------------------------", getScannerDisplayName());
    SCAResults scaResults = new SCAResults();
    scanId = null;
    projectId = null;
    try {
        ScaConfig scaConfig = config.getScaConfig();
        SourceLocationType locationType = scaConfig.getSourceLocationType();
        HttpResponse response;
        projectId = resolveRiskManagementProject();
        boolean isManifestAndFingerprintsOnly = !config.getScaConfig().isIncludeSources();
        if (isManifestAndFingerprintsOnly) {
            this.resolvingConfiguration = getCxSCAResolvingConfigurationForProject(this.projectId);
            log.info("Got the following manifest patterns {}", this.resolvingConfiguration.getManifests());
            log.info("Got the following fingerprint patterns {}", this.resolvingConfiguration.getFingerprints());
        }
        if (locationType == SourceLocationType.REMOTE_REPOSITORY) {
            response = submitSourcesFromRemoteRepo(projectId, scaConfig);
        } else {
            if (scaConfig.isIncludeSources()) {
                response = submitAllSourcesFromLocalDir(projectId, scaConfig);
            } else {
                response = submitManifestsAndFingerprintsFromLocalDir(projectId, scaConfig);
            }
        }
        this.scanId = extractScanIdFrom(response);
        scaResults.setScanId(scanId);
    } catch (Exception e) {
        log.error(e.getMessage());
        setState(State.FAILED);
        scaResults.setException(new ScannerRuntimeException("Error creating scan.", e));
    } finally {
        if (config.isClonedRepo() && config.getZipFile() != null) {
            log.info("Deleting cloned repo zip file: {}", config.getZipFile());
            FileUtils.deleteQuietly(config.getZipFile());
        }
    }
    return scaResults;
}