Search in sources :

Example 11 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaClientHelper method getScaResults.

private SCAResults getScaResults(RiskReportSummaryType riskReportSummaryType, PackagesType packagesType, VulnerabilitiesType vulnerabilitiesType, LicensesType licensesType, PoliciesType policiesType) {
    SCAResults result;
    ScaSummaryBaseFormat summaryBaseFormat = new ScaSummaryBaseFormat();
    List<Package> packages = null;
    log.debug("Getting results for scan ID {}", scanId);
    try {
        result = new SCAResults();
        result.setScanId(this.scanId);
        summaryBaseFormat = getScaSummaryReport(riskReportSummaryType, summaryBaseFormat);
        printSummary(summaryBaseFormat, this.scanId);
        ModelMapper mapper = new ModelMapper();
        Summary summary = mapper.map(summaryBaseFormat, Summary.class);
        Map<Filter.Severity, Integer> findingCountsPerSeverity = getFindingCountMap(summaryBaseFormat);
        summary.setFindingCounts(findingCountsPerSeverity);
        result.setSummary(summary);
        List<Finding> findings = getScaFindings(vulnerabilitiesType);
        result.setFindings(findings);
        packages = getScaPackages(packagesType, packages);
        result.setPackages(packages);
        String reportLink = getWebReportLink(config.getScaConfig().getWebAppUrl());
        result.setWebReportLink(reportLink);
        printWebReportLink(result);
        result.setScaResultReady(true);
        List<PolicyEvaluation> policyEvaluationsByReport = getScaPolicyEvaluationByReport(policiesType);
        List<String> scanViolatedPolicies = getScanViolatedPolicies(policyEvaluationsByReport);
        result.setPolicyViolated(!scanViolatedPolicies.isEmpty());
        result.setViolatedPolicies(scanViolatedPolicies);
        log.info("Retrieved SCA results successfully.");
    } catch (Exception e) {
        throw new ScannerRuntimeException("Error retrieving CxSCA scan results.", e);
    }
    return result;
}
Also used : Severity(com.checkmarx.sdk.dto.scansummary.Severity) ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException) CheckmarxException(com.checkmarx.sdk.exception.CheckmarxException) ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException) JAXBException(javax.xml.bind.JAXBException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) CxHTTPClientException(com.checkmarx.sdk.exception.CxHTTPClientException) IOException(java.io.IOException) ModelMapper(org.modelmapper.ModelMapper) Package(com.checkmarx.sdk.dto.sca.report.Package)

Example 12 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScanWaiter method waitForScanToFinish.

public void waitForScanToFinish(String scanId) {
    startTimestampSec = System.currentTimeMillis() / 1000;
    Duration timeout = getTimeout(config);
    Duration pollInterval = getPollInterval(config);
    int maxErrorCount = getMaxErrorCount(config);
    AtomicInteger errorCounter = new AtomicInteger();
    try {
        String urlPath = String.format(ScanClientHelper.GET_SCAN, URLEncoder.encode(scanId, ENCODING));
        Awaitility.await().atMost(timeout).pollDelay(Duration.ZERO).pollInterval(pollInterval).until(() -> scanIsCompleted(urlPath, errorCounter, maxErrorCount));
    } catch (ConditionTimeoutException e) {
        String message = String.format("Failed to perform %s scan. The scan has been automatically aborted: " + "reached the user-specified timeout (%d minutes).", scannerDisplayName, timeout.toMinutes());
        throw new ScannerRuntimeException(message);
    } catch (UnsupportedEncodingException e) {
        log.error("Unexpected error.", e);
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) ConditionTimeoutException(org.awaitility.core.ConditionTimeoutException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) Duration(java.time.Duration) ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException)

Example 13 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScaClientHelper method submitManifestsAndFingerprintsFromLocalDir.

private HttpResponse submitManifestsAndFingerprintsFromLocalDir(String projectId, ScanConfigBase configBase) throws IOException {
    log.info("Using manifest only and fingerprint flow");
    String sourceDir = config.getSourceDir();
    PathFilter userFilter = new PathFilter("", "", log);
    if (ArrayUtils.isNotEmpty(userFilter.getIncludes()) && !ArrayUtils.contains(userFilter.getIncludes(), "**")) {
        userFilter.addToIncludes("**");
    }
    Set<String> scannedFileSet = new HashSet<>(Arrays.asList(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, userFilter)));
    PathFilter manifestIncludeFilter = new PathFilter(null, getManifestsIncludePattern(), log);
    if (manifestIncludeFilter.getIncludes().length == 0) {
        throw new ScannerRuntimeException(String.format("Using manifest only mode requires include filter. Resolving config does not have include patterns defined: %s", getManifestsIncludePattern()));
    }
    List<String> filesToZip = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, manifestIncludeFilter)).filter(scannedFileSet::contains).collect(Collectors.toList());
    List<String> filesToFingerprint = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, new PathFilter(null, getFingerprintsIncludePattern(), log))).filter(scannedFileSet::contains).collect(Collectors.toList());
    CxSCAScanFingerprints fingerprints = fingerprintCollector.collectFingerprints(sourceDir, filesToFingerprint);
    File zipFile = zipDirectoryAndFingerprints(sourceDir, filesToZip, fingerprints);
    optionallyWriteFingerprintsToFile(fingerprints);
    if (config.isClonedRepo()) {
        CxRepoFileHelper cxRepoFileHelper = new CxRepoFileHelper();
        cxRepoFileHelper.deleteCloneLocalDir(new File(sourceDir));
        config.setZipFile(zipFile);
    }
    return initiateScanForUpload(projectId, FileUtils.readFileToByteArray(zipFile), configBase);
}
Also used : CxSCAScanFingerprints(com.checkmarx.sdk.utils.sca.fingerprints.CxSCAScanFingerprints) ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException) NewCxZipFile(com.checkmarx.sdk.utils.zip.NewCxZipFile) File(java.io.File) CxRepoFileHelper(com.checkmarx.sdk.utils.CxRepoFileHelper)

Example 14 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScanClientHelper method handleInitError.

protected void handleInitError(Exception e, ResultsBase results) {
    String message = String.format("Failed to init %s client. %s", getScannerDisplayName(), e.getMessage());
    log.error(message);
    setState(State.FAILED);
    results.setException(new ScannerRuntimeException(message, e));
}
Also used : ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException)

Example 15 with ScannerRuntimeException

use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.

the class ScanClientHelper method getSourcesUploadUrl.

private String getSourcesUploadUrl() throws IOException {
    List<ScanConfig> apiScanConfig = Collections.singletonList(getScanConfig());
    ScaUploadUrlRequest request = ScaUploadUrlRequest.builder().config(apiScanConfig).build();
    StringEntity entity = HttpClientHelper.convertToStringEntity(request);
    JsonNode response = httpClient.postRequest(GET_UPLOAD_URL, ContentType.CONTENT_TYPE_APPLICATION_JSON, entity, JsonNode.class, HttpStatus.SC_OK, "get upload URL for sources");
    if (response == null || response.get("url") == null) {
        throw new ScannerRuntimeException("Unable to get the upload URL.");
    }
    return response.get("url").asText();
}
Also used : StringEntity(org.apache.http.entity.StringEntity) ScaUploadUrlRequest(com.checkmarx.sdk.dto.sca.ScaUploadUrlRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) ScannerRuntimeException(com.checkmarx.sdk.exception.ScannerRuntimeException)

Aggregations

ScannerRuntimeException (com.checkmarx.sdk.exception.ScannerRuntimeException)22 IOException (java.io.IOException)6 UnsupportedEncodingException (java.io.UnsupportedEncodingException)5 CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)4 CxHTTPClientException (com.checkmarx.sdk.exception.CxHTTPClientException)4 MalformedURLException (java.net.MalformedURLException)3 URL (java.net.URL)3 JAXBException (javax.xml.bind.JAXBException)3 UrlEncodedFormEntity (org.apache.http.client.entity.UrlEncodedFormEntity)3 RestClientConfig (com.checkmarx.sdk.config.RestClientConfig)2 Package (com.checkmarx.sdk.dto.sca.report.Package)2 Severity (com.checkmarx.sdk.dto.scansummary.Severity)2 URISyntaxException (java.net.URISyntaxException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 URIBuilder (org.apache.http.client.utils.URIBuilder)2 ModelMapper (org.modelmapper.ModelMapper)2 AstConfig (com.checkmarx.sdk.config.AstConfig)1 TokenLoginResponse (com.checkmarx.sdk.dto.TokenLoginResponse)1 Finding (com.checkmarx.sdk.dto.ast.report.Finding)1 ScaUploadUrlRequest (com.checkmarx.sdk.dto.sca.ScaUploadUrlRequest)1