use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.
the class PDSAdapterV1 method uploadJobData.
/* ++++++++++++++++++++++++++++++++++++++++++++++++++++ */
/* + ................Upload.......................... + */
/* ++++++++++++++++++++++++++++++++++++++++++++++++++++ */
private void uploadJobData(PDSContext context) throws AdapterException {
PDSAdapterConfig config = context.getConfig();
/*
* TODO Albert Tregnaghi, 2021-05-28: hmm.. in future not only
* PDSSourceZipConfig but more:
*/
if (!(config instanceof PDSSourceZipConfig)) {
/* no upload necessary */
return;
}
String useSecHubStorage = config.getJobParameters().get(PDSDefaultParameterKeyConstants.PARAM_KEY_PDS_CONFIG_USE_SECHUB_STORAGE);
if (Boolean.parseBoolean(useSecHubStorage)) {
LOG.info("Not uploading job data because configuration wants to use SecHub storage");
return;
}
PDSSourceZipConfig sourceZipConfig = (PDSSourceZipConfig) config;
AdapterMetaData metaData = context.getRuntimeContext().getMetaData();
if (!metaData.hasValue(PDSMetaDataConstants.METADATA_KEY_FILEUPLOAD_DONE, true)) {
/* upload source code */
PDSUploadSupport uploadSupport = new PDSUploadSupport();
uploadSupport.uploadZippedSourceCode(context, sourceZipConfig);
/* after this - mark file upload done, so on a restart we don't need this */
metaData.setValue(PDSMetaDataConstants.METADATA_KEY_FILEUPLOAD_DONE, true);
context.getRuntimeContext().getCallback().persist(metaData);
} else {
LOG.info("Reuse existing upload for:{}", context.getTraceID());
}
}
use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.
the class PDSCodeScanProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
LOG.debug("Trigger PDS adapter execution");
PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
if (configSupport.isTargetTypeForbidden(info.getTargetType())) {
LOG.info("pds adapter does not accept target type:{} so cancel execution");
return Collections.emptyList();
}
UUID jobUUID = context.getSechubJobUUID();
String projectId = context.getConfiguration().getProjectId();
JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
ProductResult result = resilientActionExecutor.executeResilient(() -> {
AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
/* we reuse existing file upload checksum done by sechub */
String sourceZipFileChecksum = fetchFileUploadChecksumIfNecessary(storage, metaDataOrNull);
try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
/* @formatter:off */
Map<String, String> jobParams = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
PDSCodeScanConfig pdsCodeScanConfig = PDSCodeScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setFileSystemSourceFolders(info.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setSourceZipFileChecksum(sourceZipFileChecksum).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParams).build();
/* @formatter:on */
/* inspect */
MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.PDS_CODESCAN.name());
inspection.notice(MetaDataInspection.TRACE_ID, pdsCodeScanConfig.getTraceID());
/* execute PDS by adapter and update product result */
String pdsResult = pdsAdapter.start(pdsCodeScanConfig, executorContext.getCallback());
// product result is set by callback
ProductResult productResult = executorContext.getCurrentProductResult();
productResult.setResult(pdsResult);
return productResult;
}
});
return Collections.singletonList(result);
}
use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.
the class CheckmarxProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, CheckmarxInstallSetup setup, TargetRegistryInfo data) throws Exception {
LOG.debug("Trigger checkmarx adapter execution");
UUID jobUUID = context.getSechubJobUUID();
String projectId = context.getConfiguration().getProjectId();
JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, executorContext);
/* start resilient */
ProductResult result = resilientActionExecutor.executeResilient(() -> {
AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
/* @formatter:off */
CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(createAdapterOptionsStrategy(context)).setTrustAllCertificates(setup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).build();
/* @formatter:on */
/* inspect */
MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
/* execute checkmarx by adapter and update product result */
String xml = checkmarxAdapter.start(checkMarxConfig, executorContext.getCallback());
// product result is set by callback
ProductResult productResult = executorContext.getCurrentProductResult();
productResult.setResult(xml);
return productResult;
}
}, callback);
return Collections.singletonList(result);
}
use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.
the class CheckmarxProductExecutor method executeByAdapter.
@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
LOG.debug("Trigger checkmarx adapter execution");
UUID jobUUID = data.getSechubExecutionContext().getSechubJobUUID();
String projectId = data.getSechubExecutionContext().getConfiguration().getProjectId();
JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(data.getProductExecutorContext().getExecutorConfig(), systemEnvironment);
CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, data.getProductExecutorContext());
/* start resilient */
ProductResult result = resilientActionExecutor.executeResilient(() -> {
AdapterMetaData metaDataOrNull = data.getProductExecutorContext().getCurrentMetaDataOrNull();
try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
/* @formatter:off */
@SuppressWarnings("deprecation") CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).setTrustAllCertificates(installSetup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(// to support mocked Checkmarx adapters we MUST use still the deprecated method!
data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(data.getSechubExecutionContext().getTraceLogIdAsString()).build();
/* @formatter:on */
/* inspect */
MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
/* execute checkmarx by adapter and update product result */
String xml = checkmarxAdapter.start(checkMarxConfig, data.getProductExecutorContext().getCallback());
// product result is set by callback
ProductResult productResult = data.getProductExecutorContext().getCurrentProductResult();
productResult.setResult(xml);
return productResult;
}
}, callback);
return Collections.singletonList(result);
}
use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.
the class CheckmarxResilienceCallback method handleCheckmarxFullScanFallback.
private void handleCheckmarxFullScanFallback(ResilienceContext context) {
Boolean fallbackToFullScan = context.getValueOrNull(CheckmarxResilienceConsultant.CONTEXT_ID_FALLBACK_CHECKMARX_FULLSCAN);
if (!Boolean.TRUE.equals(fallbackToFullScan)) {
return;
}
CheckmarxProductExecutor.LOG.debug("fallback to checkmarx fullscan recognized, alwaysFullScanEnabled before:{}", alwaysFullScanEnabled);
alwaysFullScanEnabled = true;
CheckmarxProductExecutor.LOG.debug("fallback to checkmarx fullscan recognized, alwaysFullScanEnabled now:{}", alwaysFullScanEnabled);
/*
* we must remove the the old scan id inside metadata so the restart will do a
* new scan and not reuse the old one! When we do not rest the file upload as
* well, the next scan does complains about missing source locations
*/
AdapterMetaData metaData = executorContext.getCurrentMetaDataOrNull();
if (metaData != null) {
String keyScanId = CheckmarxMetaDataID.KEY_SCAN_ID;
String uploadKey = CheckmarxMetaDataID.KEY_FILEUPLOAD_DONE;
CheckmarxProductExecutor.LOG.debug("start reset checkmarx adapter meta data for {} and {}", keyScanId, uploadKey);
metaData.setValue(keyScanId, null);
metaData.setValue(uploadKey, null);
executorContext.getCallback().persist(metaData);
CheckmarxProductExecutor.LOG.debug("persisted checkmarx adapter meta data");
}
/*
* we reset the context information, so former parts will only by triggered
* again, when the problem really come up again.
*/
context.setValue(CheckmarxResilienceConsultant.CONTEXT_ID_FALLBACK_CHECKMARX_FULLSCAN, null);
}
Aggregations