use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method getScaResults.
private SCAResults getScaResults(RiskReportSummaryType riskReportSummaryType, PackagesType packagesType, VulnerabilitiesType vulnerabilitiesType, LicensesType licensesType, PoliciesType policiesType) {
SCAResults result;
ScaSummaryBaseFormat summaryBaseFormat = new ScaSummaryBaseFormat();
List<Package> packages = null;
log.debug("Getting results for scan ID {}", scanId);
try {
result = new SCAResults();
result.setScanId(this.scanId);
summaryBaseFormat = getScaSummaryReport(riskReportSummaryType, summaryBaseFormat);
printSummary(summaryBaseFormat, this.scanId);
ModelMapper mapper = new ModelMapper();
Summary summary = mapper.map(summaryBaseFormat, Summary.class);
Map<Filter.Severity, Integer> findingCountsPerSeverity = getFindingCountMap(summaryBaseFormat);
summary.setFindingCounts(findingCountsPerSeverity);
result.setSummary(summary);
List<Finding> findings = getScaFindings(vulnerabilitiesType);
result.setFindings(findings);
packages = getScaPackages(packagesType, packages);
result.setPackages(packages);
String reportLink = getWebReportLink(config.getScaConfig().getWebAppUrl());
result.setWebReportLink(reportLink);
printWebReportLink(result);
result.setScaResultReady(true);
List<PolicyEvaluation> policyEvaluationsByReport = getScaPolicyEvaluationByReport(policiesType);
List<String> scanViolatedPolicies = getScanViolatedPolicies(policyEvaluationsByReport);
result.setPolicyViolated(!scanViolatedPolicies.isEmpty());
result.setViolatedPolicies(scanViolatedPolicies);
log.info("Retrieved SCA results successfully.");
} catch (Exception e) {
throw new ScannerRuntimeException("Error retrieving CxSCA scan results.", e);
}
return result;
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScanWaiter method waitForScanToFinish.
public void waitForScanToFinish(String scanId) {
startTimestampSec = System.currentTimeMillis() / 1000;
Duration timeout = getTimeout(config);
Duration pollInterval = getPollInterval(config);
int maxErrorCount = getMaxErrorCount(config);
AtomicInteger errorCounter = new AtomicInteger();
try {
String urlPath = String.format(ScanClientHelper.GET_SCAN, URLEncoder.encode(scanId, ENCODING));
Awaitility.await().atMost(timeout).pollDelay(Duration.ZERO).pollInterval(pollInterval).until(() -> scanIsCompleted(urlPath, errorCounter, maxErrorCount));
} catch (ConditionTimeoutException e) {
String message = String.format("Failed to perform %s scan. The scan has been automatically aborted: " + "reached the user-specified timeout (%d minutes).", scannerDisplayName, timeout.toMinutes());
throw new ScannerRuntimeException(message);
} catch (UnsupportedEncodingException e) {
log.error("Unexpected error.", e);
}
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaClientHelper method submitManifestsAndFingerprintsFromLocalDir.
private HttpResponse submitManifestsAndFingerprintsFromLocalDir(String projectId, ScanConfigBase configBase) throws IOException {
log.info("Using manifest only and fingerprint flow");
String sourceDir = config.getSourceDir();
PathFilter userFilter = new PathFilter("", "", log);
if (ArrayUtils.isNotEmpty(userFilter.getIncludes()) && !ArrayUtils.contains(userFilter.getIncludes(), "**")) {
userFilter.addToIncludes("**");
}
Set<String> scannedFileSet = new HashSet<>(Arrays.asList(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, userFilter)));
PathFilter manifestIncludeFilter = new PathFilter(null, getManifestsIncludePattern(), log);
if (manifestIncludeFilter.getIncludes().length == 0) {
throw new ScannerRuntimeException(String.format("Using manifest only mode requires include filter. Resolving config does not have include patterns defined: %s", getManifestsIncludePattern()));
}
List<String> filesToZip = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, manifestIncludeFilter)).filter(scannedFileSet::contains).collect(Collectors.toList());
List<String> filesToFingerprint = Arrays.stream(CxSCAFileSystemUtils.scanAndGetIncludedFiles(sourceDir, new PathFilter(null, getFingerprintsIncludePattern(), log))).filter(scannedFileSet::contains).collect(Collectors.toList());
CxSCAScanFingerprints fingerprints = fingerprintCollector.collectFingerprints(sourceDir, filesToFingerprint);
File zipFile = zipDirectoryAndFingerprints(sourceDir, filesToZip, fingerprints);
optionallyWriteFingerprintsToFile(fingerprints);
if (config.isClonedRepo()) {
CxRepoFileHelper cxRepoFileHelper = new CxRepoFileHelper();
cxRepoFileHelper.deleteCloneLocalDir(new File(sourceDir));
config.setZipFile(zipFile);
}
return initiateScanForUpload(projectId, FileUtils.readFileToByteArray(zipFile), configBase);
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScanClientHelper method handleInitError.
protected void handleInitError(Exception e, ResultsBase results) {
String message = String.format("Failed to init %s client. %s", getScannerDisplayName(), e.getMessage());
log.error(message);
setState(State.FAILED);
results.setException(new ScannerRuntimeException(message, e));
}
use of com.checkmarx.sdk.exception.ScannerRuntimeException in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScanClientHelper method getSourcesUploadUrl.
private String getSourcesUploadUrl() throws IOException {
List<ScanConfig> apiScanConfig = Collections.singletonList(getScanConfig());
ScaUploadUrlRequest request = ScaUploadUrlRequest.builder().config(apiScanConfig).build();
StringEntity entity = HttpClientHelper.convertToStringEntity(request);
JsonNode response = httpClient.postRequest(GET_UPLOAD_URL, ContentType.CONTENT_TYPE_APPLICATION_JSON, entity, JsonNode.class, HttpStatus.SC_OK, "get upload URL for sources");
if (response == null || response.get("url") == null) {
throw new ScannerRuntimeException("Unable to get the upload URL.");
}
return response.get("url").asText();
}
Aggregations