Search in sources :

Example 1 with CheckmarxAdapterConfig

use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.

the class CheckmarxProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, CheckmarxInstallSetup setup, TargetRegistryInfo data) throws Exception {
    LOG.debug("Trigger checkmarx adapter execution");
    UUID jobUUID = context.getSechubJobUUID();
    String projectId = context.getConfiguration().getProjectId();
    JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
    CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, executorContext);
    /* start resilient */
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
        try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
            /* @formatter:off */
            CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(createAdapterOptionsStrategy(context)).setTrustAllCertificates(setup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).build();
            /* @formatter:on */
            /* inspect */
            MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
            inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
            inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
            inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
            inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
            inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
            /* execute checkmarx by adapter and update product result */
            String xml = checkmarxAdapter.start(checkMarxConfig, executorContext.getCallback());
            // product result is set by callback
            ProductResult productResult = executorContext.getCurrentProductResult();
            productResult.setResult(xml);
            return productResult;
        }
    }, callback);
    return Collections.singletonList(result);
}
Also used : MetaDataInspection(com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) InputStream(java.io.InputStream) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 2 with CheckmarxAdapterConfig

use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.

the class CheckmarxProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    LOG.debug("Trigger checkmarx adapter execution");
    UUID jobUUID = data.getSechubExecutionContext().getSechubJobUUID();
    String projectId = data.getSechubExecutionContext().getConfiguration().getProjectId();
    JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
    CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(data.getProductExecutorContext().getExecutorConfig(), systemEnvironment);
    CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, data.getProductExecutorContext());
    /* start resilient */
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        AdapterMetaData metaDataOrNull = data.getProductExecutorContext().getCurrentMetaDataOrNull();
        try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
            /* @formatter:off */
            @SuppressWarnings("deprecation") CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).setTrustAllCertificates(installSetup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(// to support mocked Checkmarx adapters we MUST use still the deprecated method!
            data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(data.getSechubExecutionContext().getTraceLogIdAsString()).build();
            /* @formatter:on */
            /* inspect */
            MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
            inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
            inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
            inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
            inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
            inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
            /* execute checkmarx by adapter and update product result */
            String xml = checkmarxAdapter.start(checkMarxConfig, data.getProductExecutorContext().getCallback());
            // product result is set by callback
            ProductResult productResult = data.getProductExecutorContext().getCurrentProductResult();
            productResult.setResult(xml);
            return productResult;
        }
    }, callback);
    return Collections.singletonList(result);
}
Also used : MetaDataInspection(com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection) SecHubAdapterOptionsBuilderStrategy(com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) InputStream(java.io.InputStream) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)

Example 3 with CheckmarxAdapterConfig

use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.

the class CheckmarxOAuthSupportTest method createContextWithRestSimulation.

private CheckmarxAdapterContext createContextWithRestSimulation(CheckmarxOAuthData alreadyExistingOauthData) {
    CheckmarxAdapterContext context = createMockedContext(alreadyExistingOauthData);
    when(context.json()).thenReturn(JSONAdapterSupport.FOR_UNKNOWN_ADAPTER);
    String url = "https://somerest.api.example.com/auth/identity/connect/token";
    when(context.getAPIURL("auth/identity/connect/token")).thenReturn(url);
    CheckmarxAdapterConfig config = mock(CheckmarxAdapterConfig.class);
    RestOperations restOperations = mock(RestOperations.class);
    ResponseEntity<String> repsonseEntity1 = new ResponseEntity<>("{\"access_token\": \"mytoken1\",\"expires_in\": 3600,\"token_type\": \"Bearer\"}", HttpStatus.OK);
    ResponseEntity<String> repsonseEntity2 = new ResponseEntity<>("{\"access_token\": \"mytoken2\",\"expires_in\": 3600,\"token_type\": \"Bearer\"}", HttpStatus.OK);
    when(restOperations.postForEntity(eq(url), any(), eq(String.class))).thenReturn(repsonseEntity1).thenReturn(repsonseEntity2);
    when(context.getConfig()).thenReturn(config);
    when(context.getRestOperations()).thenReturn(restOperations);
    return context;
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) CheckmarxAdapterContext(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterContext) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) RestOperations(org.springframework.web.client.RestOperations)

Example 4 with CheckmarxAdapterConfig

use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.

the class CheckmarxOAuthSupport method loginAndGetOAuthToken.

public void loginAndGetOAuthToken(CheckmarxAdapterContext context) throws AdapterException {
    CheckmarxAdapterConfig config = context.getConfig();
    // example:
    // CxRestAPI/projects?projectId=myProject&teamId=00000000-1111-1111-b111-989c9070eb11
    String url = context.getAPIURL("auth/identity/connect/token");
    RestOperations restTemplate = context.getRestOperations();
    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
    MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
    map.add("username", config.getUser());
    map.add("password", config.getPasswordOrAPIToken());
    map.add("grant_type", "password");
    map.add("scope", "sast_rest_api");
    map.add("client_id", "resource_owner_client");
    map.add("client_secret", config.getClientSecret());
    HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
    // Endpoint example:
    // http://<server-name/ip>:<port>/cxrestapi/auth/identity/connect/token
    ResponseEntity<String> response = restTemplate.postForEntity(url, request, String.class);
    String json = response.getBody();
    CheckmarxOAuthData data = extractFromJson(context.json(), json);
    context.markAuthenticated(data);
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) RestOperations(org.springframework.web.client.RestOperations) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)

Example 5 with CheckmarxAdapterConfig

use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.

the class CheckmarxProjectSupport method updatePresetIdAndEngineConfigurationIfNecessary.

protected boolean updatePresetIdAndEngineConfigurationIfNecessary(CheckmarxContext context, CheckmarxSessionData sessionData) throws AdapterException {
    boolean updated = false;
    InternalUpdateContext updateContext = new InternalUpdateContext();
    CheckmarxAdapterConfig config = context.getConfig();
    CheckmarxSastScanSettings checkmarxSastScanSettings = fetchCurrentSastScanSettings(context, sessionData);
    List<CheckmarxEngineConfiguration> engineConfigurations = fetchEngineConfigurations(context, sessionData);
    updatePresetIdWhenSetInAdapterConfig(config, checkmarxSastScanSettings, updateContext);
    updateEngineCondfigurationIdWhenSecHubAndCheckmarxDiffer(config, engineConfigurations, checkmarxSastScanSettings, updateContext);
    /* check if the engine configuration needs to be updated */
    if (updateContext.isUpdateNecessary()) {
        LOG.debug("Update scan settings.");
        updateSastScanSettings(context, updateContext.getPresetId(), updateContext.getEngineConfigurationId(), checkmarxSastScanSettings);
        if (updateContext.isUpdateOfPresetIdNecessary()) {
            LOG.debug("Updated preset id {}", updateContext.getPresetId());
        }
        if (updateContext.isUpdateOfEngineConfigurationNecessary()) {
            LOG.debug("Updated engine configuration id {}", updateContext.getEngineConfigurationId());
        }
        updated = true;
    } else {
        LOG.debug("No update necessary.");
    }
    return updated;
}
Also used : CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig) CheckmarxSastScanSettings(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSastScanSettings) CheckmarxEngineConfiguration(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxEngineConfiguration)

Aggregations

CheckmarxAdapterConfig (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)9 RestOperations (org.springframework.web.client.RestOperations)6 HttpEntity (org.springframework.http.HttpEntity)4 AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)3 HttpHeaders (org.springframework.http.HttpHeaders)3 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)3 ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)2 MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)2 JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)2 InputStream (java.io.InputStream)2 TreeMap (java.util.TreeMap)2 UUID (java.util.UUID)2 MultiValueMap (org.springframework.util.MultiValueMap)2 CheckmarxAdapterContext (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterContext)1 CheckmarxEngineConfiguration (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxEngineConfiguration)1 CheckmarxSastScanSettings (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSastScanSettings)1 CheckmarxSessionData (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSessionData)1 SecHubAdapterOptionsBuilderStrategy (com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy)1 LinkedHashMap (java.util.LinkedHashMap)1 InputStreamResource (org.springframework.core.io.InputStreamResource)1