Search in sources :

Example 1 with AdapterMetaData

use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.

the class PDSAdapterV1 method uploadJobData.

/* ++++++++++++++++++++++++++++++++++++++++++++++++++++ */
/* + ................Upload.......................... + */
/* ++++++++++++++++++++++++++++++++++++++++++++++++++++ */
private void uploadJobData(PDSContext context) throws AdapterException {
    PDSAdapterConfig config = context.getConfig();
    /*
         * TODO Albert Tregnaghi, 2021-05-28: hmm.. in future not only
         * PDSSourceZipConfig but more:
         */
    if (!(config instanceof PDSSourceZipConfig)) {
        /* no upload necessary */
        return;
    }
    String useSecHubStorage = config.getJobParameters().get(PDSDefaultParameterKeyConstants.PARAM_KEY_PDS_CONFIG_USE_SECHUB_STORAGE);
    if (Boolean.parseBoolean(useSecHubStorage)) {
        LOG.info("Not uploading job data because configuration wants to use SecHub storage");
        return;
    }
    PDSSourceZipConfig sourceZipConfig = (PDSSourceZipConfig) config;
    AdapterMetaData metaData = context.getRuntimeContext().getMetaData();
    if (!metaData.hasValue(PDSMetaDataConstants.METADATA_KEY_FILEUPLOAD_DONE, true)) {
        /* upload source code */
        PDSUploadSupport uploadSupport = new PDSUploadSupport();
        uploadSupport.uploadZippedSourceCode(context, sourceZipConfig);
        /* after this - mark file upload done, so on a restart we don't need this */
        metaData.setValue(PDSMetaDataConstants.METADATA_KEY_FILEUPLOAD_DONE, true);
        context.getRuntimeContext().getCallback().persist(metaData);
    } else {
        LOG.info("Reuse existing upload for:{}", context.getTraceID());
    }
}
Also used : AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 2 with AdapterMetaData

use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.

the class PDSCodeScanProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
    LOG.debug("Trigger PDS adapter execution");
    PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    if (configSupport.isTargetTypeForbidden(info.getTargetType())) {
        LOG.info("pds adapter does not accept target type:{} so cancel execution");
        return Collections.emptyList();
    }
    UUID jobUUID = context.getSechubJobUUID();
    String projectId = context.getConfiguration().getProjectId();
    JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
        /* we reuse existing file upload checksum done by sechub */
        String sourceZipFileChecksum = fetchFileUploadChecksumIfNecessary(storage, metaDataOrNull);
        try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
            /* @formatter:off */
            Map<String, String> jobParams = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
            PDSCodeScanConfig pdsCodeScanConfig = PDSCodeScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setFileSystemSourceFolders(info.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setSourceZipFileChecksum(sourceZipFileChecksum).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParams).build();
            /* @formatter:on */
            /* inspect */
            MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.PDS_CODESCAN.name());
            inspection.notice(MetaDataInspection.TRACE_ID, pdsCodeScanConfig.getTraceID());
            /* execute PDS by adapter and update product result */
            String pdsResult = pdsAdapter.start(pdsCodeScanConfig, executorContext.getCallback());
            // product result is set by callback
            ProductResult productResult = executorContext.getCurrentProductResult();
            productResult.setResult(pdsResult);
            return productResult;
        }
    });
    return Collections.singletonList(result);
}
Also used : MetaDataInspection(com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) InputStream(java.io.InputStream) PDSCodeScanConfig(com.mercedesbenz.sechub.adapter.pds.PDSCodeScanConfig) UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 3 with AdapterMetaData

use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.

the class CheckmarxProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, CheckmarxInstallSetup setup, TargetRegistryInfo data) throws Exception {
    LOG.debug("Trigger checkmarx adapter execution");
    UUID jobUUID = context.getSechubJobUUID();
    String projectId = context.getConfiguration().getProjectId();
    JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
    CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, executorContext);
    /* start resilient */
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
        try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
            /* @formatter:off */
            CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(createAdapterOptionsStrategy(context)).setTrustAllCertificates(setup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).build();
            /* @formatter:on */
            /* inspect */
            MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
            inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
            inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
            inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
            inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
            inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
            /* execute checkmarx by adapter and update product result */
            String xml = checkmarxAdapter.start(checkMarxConfig, executorContext.getCallback());
            // product result is set by callback
            ProductResult productResult = executorContext.getCurrentProductResult();
            productResult.setResult(xml);
            return productResult;
        }
    }, callback);
    return Collections.singletonList(result);
}
Also used : MetaDataInspection(com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) InputStream(java.io.InputStream) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 4 with AdapterMetaData

use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.

the class CheckmarxProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    LOG.debug("Trigger checkmarx adapter execution");
    UUID jobUUID = data.getSechubExecutionContext().getSechubJobUUID();
    String projectId = data.getSechubExecutionContext().getConfiguration().getProjectId();
    JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
    CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(data.getProductExecutorContext().getExecutorConfig(), systemEnvironment);
    CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, data.getProductExecutorContext());
    /* start resilient */
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        AdapterMetaData metaDataOrNull = data.getProductExecutorContext().getCurrentMetaDataOrNull();
        try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
            /* @formatter:off */
            @SuppressWarnings("deprecation") CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).setTrustAllCertificates(installSetup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(// to support mocked Checkmarx adapters we MUST use still the deprecated method!
            data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(data.getSechubExecutionContext().getTraceLogIdAsString()).build();
            /* @formatter:on */
            /* inspect */
            MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
            inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
            inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
            inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
            inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
            inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
            /* execute checkmarx by adapter and update product result */
            String xml = checkmarxAdapter.start(checkMarxConfig, data.getProductExecutorContext().getCallback());
            // product result is set by callback
            ProductResult productResult = data.getProductExecutorContext().getCurrentProductResult();
            productResult.setResult(xml);
            return productResult;
        }
    }, callback);
    return Collections.singletonList(result);
}
Also used : MetaDataInspection(com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection) SecHubAdapterOptionsBuilderStrategy(com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) InputStream(java.io.InputStream) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 5 with AdapterMetaData

use of com.mercedesbenz.sechub.adapter.AdapterMetaData in project sechub by mercedes-benz.

the class CheckmarxResilienceCallback method handleCheckmarxFullScanFallback.

private void handleCheckmarxFullScanFallback(ResilienceContext context) {
    Boolean fallbackToFullScan = context.getValueOrNull(CheckmarxResilienceConsultant.CONTEXT_ID_FALLBACK_CHECKMARX_FULLSCAN);
    if (!Boolean.TRUE.equals(fallbackToFullScan)) {
        return;
    }
    CheckmarxProductExecutor.LOG.debug("fallback to checkmarx fullscan recognized, alwaysFullScanEnabled before:{}", alwaysFullScanEnabled);
    alwaysFullScanEnabled = true;
    CheckmarxProductExecutor.LOG.debug("fallback to checkmarx fullscan recognized, alwaysFullScanEnabled now:{}", alwaysFullScanEnabled);
    /*
         * we must remove the the old scan id inside metadata so the restart will do a
         * new scan and not reuse the old one! When we do not rest the file upload as
         * well, the next scan does complains about missing source locations
         */
    AdapterMetaData metaData = executorContext.getCurrentMetaDataOrNull();
    if (metaData != null) {
        String keyScanId = CheckmarxMetaDataID.KEY_SCAN_ID;
        String uploadKey = CheckmarxMetaDataID.KEY_FILEUPLOAD_DONE;
        CheckmarxProductExecutor.LOG.debug("start reset checkmarx adapter meta data for {} and {}", keyScanId, uploadKey);
        metaData.setValue(keyScanId, null);
        metaData.setValue(uploadKey, null);
        executorContext.getCallback().persist(metaData);
        CheckmarxProductExecutor.LOG.debug("persisted checkmarx adapter meta data");
    }
    /*
         * we reset the context information, so former parts will only by triggered
         * again, when the problem really come up again.
         */
    context.setValue(CheckmarxResilienceConsultant.CONTEXT_ID_FALLBACK_CHECKMARX_FULLSCAN, null);
}
Also used : AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Aggregations

AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)26 Test (org.junit.Test)10 UUID (java.util.UUID)8 File (java.io.File)5 AssertFullScanData (com.mercedesbenz.sechub.integrationtest.api.AssertFullScanData)4 CheckmarxAdapterConfig (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)3 ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)3 ExecutionResult (com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult)3 MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)3 JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)3 InputStream (java.io.InputStream)3 HttpEntity (org.springframework.http.HttpEntity)3 AdapterMetaDataCallback (com.mercedesbenz.sechub.adapter.AdapterMetaDataCallback)2 TreeMap (java.util.TreeMap)2 HttpHeaders (org.springframework.http.HttpHeaders)2 RestOperations (org.springframework.web.client.RestOperations)2 SecHubTimeUnitData (com.mercedesbenz.sechub.adapter.SecHubTimeUnitData)1 CheckmarxScanSupport (com.mercedesbenz.sechub.adapter.checkmarx.support.CheckmarxScanSupport)1 CheckmarxUploadSupport (com.mercedesbenz.sechub.adapter.checkmarx.support.CheckmarxUploadSupport)1 NetsparkerConfigBuilder (com.mercedesbenz.sechub.adapter.netsparker.NetsparkerConfig.NetsparkerConfigBuilder)1