use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, CheckmarxInstallSetup setup, TargetRegistryInfo data) throws Exception {
LOG.debug("Trigger checkmarx adapter execution");
UUID jobUUID = context.getSechubJobUUID();
String projectId = context.getConfiguration().getProjectId();
JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, executorContext);
/* start resilient */
ProductResult result = resilientActionExecutor.executeResilient(() -> {
AdapterMetaData metaDataOrNull = executorContext.getCurrentMetaDataOrNull();
try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
/* @formatter:off */
CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(createAdapterOptionsStrategy(context)).setTrustAllCertificates(setup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).build();
/* @formatter:on */
/* inspect */
MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
/* execute checkmarx by adapter and update product result */
String xml = checkmarxAdapter.start(checkMarxConfig, executorContext.getCallback());
// product result is set by callback
ProductResult productResult = executorContext.getCurrentProductResult();
productResult.setResult(xml);
return productResult;
}
}, callback);
return Collections.singletonList(result);
}
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxProductExecutor method executeByAdapter.
@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
LOG.debug("Trigger checkmarx adapter execution");
UUID jobUUID = data.getSechubExecutionContext().getSechubJobUUID();
String projectId = data.getSechubExecutionContext().getConfiguration().getProjectId();
JobStorage storage = storageService.getJobStorage(projectId, jobUUID);
CheckmarxExecutorConfigSuppport configSupport = CheckmarxExecutorConfigSuppport.createSupportAndAssertConfigValid(data.getProductExecutorContext().getExecutorConfig(), systemEnvironment);
CheckmarxResilienceCallback callback = new CheckmarxResilienceCallback(configSupport, data.getProductExecutorContext());
/* start resilient */
ProductResult result = resilientActionExecutor.executeResilient(() -> {
AdapterMetaData metaDataOrNull = data.getProductExecutorContext().getCurrentMetaDataOrNull();
try (InputStream sourceCodeZipFileInputStream = fetchInputStreamIfNecessary(storage, metaDataOrNull)) {
/* @formatter:off */
@SuppressWarnings("deprecation") CheckmarxAdapterConfig checkMarxConfig = CheckmarxConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).setTrustAllCertificates(installSetup.isHavingUntrustedCertificate()).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProductBaseUrl(configSupport.getProductBaseURL()).setAlwaysFullScan(callback.isAlwaysFullScanEnabled()).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setFileSystemSourceFolders(// to support mocked Checkmarx adapters we MUST use still the deprecated method!
data.getCodeUploadFileSystemFolders()).setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).setTeamIdForNewProjects(configSupport.getTeamIdForNewProjects(projectId)).setClientSecret(configSupport.getClientSecret()).setEngineConfigurationName(configSupport.getEngineConfigurationName()).setPresetIdForNewProjects(configSupport.getPresetIdForNewProjects(projectId)).setProjectId(projectId).setTraceID(data.getSechubExecutionContext().getTraceLogIdAsString()).build();
/* @formatter:on */
/* inspect */
MetaDataInspection inspection = scanMetaDataCollector.inspect(ProductIdentifier.CHECKMARX.name());
inspection.notice(MetaDataInspection.TRACE_ID, checkMarxConfig.getTraceID());
inspection.notice("presetid", checkMarxConfig.getPresetIdForNewProjectsOrNull());
inspection.notice("engineconfigurationname", checkMarxConfig.getEngineConfigurationName());
inspection.notice("teamid", checkMarxConfig.getTeamIdForNewProjects());
inspection.notice("alwaysFullScanEnabled", checkMarxConfig.isAlwaysFullScanEnabled());
/* execute checkmarx by adapter and update product result */
String xml = checkmarxAdapter.start(checkMarxConfig, data.getProductExecutorContext().getCallback());
// product result is set by callback
ProductResult productResult = data.getProductExecutorContext().getCurrentProductResult();
productResult.setResult(xml);
return productResult;
}
}, callback);
return Collections.singletonList(result);
}
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxOAuthSupportTest method createContextWithRestSimulation.
private CheckmarxAdapterContext createContextWithRestSimulation(CheckmarxOAuthData alreadyExistingOauthData) {
CheckmarxAdapterContext context = createMockedContext(alreadyExistingOauthData);
when(context.json()).thenReturn(JSONAdapterSupport.FOR_UNKNOWN_ADAPTER);
String url = "https://somerest.api.example.com/auth/identity/connect/token";
when(context.getAPIURL("auth/identity/connect/token")).thenReturn(url);
CheckmarxAdapterConfig config = mock(CheckmarxAdapterConfig.class);
RestOperations restOperations = mock(RestOperations.class);
ResponseEntity<String> repsonseEntity1 = new ResponseEntity<>("{\"access_token\": \"mytoken1\",\"expires_in\": 3600,\"token_type\": \"Bearer\"}", HttpStatus.OK);
ResponseEntity<String> repsonseEntity2 = new ResponseEntity<>("{\"access_token\": \"mytoken2\",\"expires_in\": 3600,\"token_type\": \"Bearer\"}", HttpStatus.OK);
when(restOperations.postForEntity(eq(url), any(), eq(String.class))).thenReturn(repsonseEntity1).thenReturn(repsonseEntity2);
when(context.getConfig()).thenReturn(config);
when(context.getRestOperations()).thenReturn(restOperations);
return context;
}
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxOAuthSupport method loginAndGetOAuthToken.
public void loginAndGetOAuthToken(CheckmarxAdapterContext context) throws AdapterException {
CheckmarxAdapterConfig config = context.getConfig();
// example:
// CxRestAPI/projects?projectId=myProject&teamId=00000000-1111-1111-b111-989c9070eb11
String url = context.getAPIURL("auth/identity/connect/token");
RestOperations restTemplate = context.getRestOperations();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("username", config.getUser());
map.add("password", config.getPasswordOrAPIToken());
map.add("grant_type", "password");
map.add("scope", "sast_rest_api");
map.add("client_id", "resource_owner_client");
map.add("client_secret", config.getClientSecret());
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
// Endpoint example:
// http://<server-name/ip>:<port>/cxrestapi/auth/identity/connect/token
ResponseEntity<String> response = restTemplate.postForEntity(url, request, String.class);
String json = response.getBody();
CheckmarxOAuthData data = extractFromJson(context.json(), json);
context.markAuthenticated(data);
}
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxProjectSupport method updatePresetIdAndEngineConfigurationIfNecessary.
protected boolean updatePresetIdAndEngineConfigurationIfNecessary(CheckmarxContext context, CheckmarxSessionData sessionData) throws AdapterException {
boolean updated = false;
InternalUpdateContext updateContext = new InternalUpdateContext();
CheckmarxAdapterConfig config = context.getConfig();
CheckmarxSastScanSettings checkmarxSastScanSettings = fetchCurrentSastScanSettings(context, sessionData);
List<CheckmarxEngineConfiguration> engineConfigurations = fetchEngineConfigurations(context, sessionData);
updatePresetIdWhenSetInAdapterConfig(config, checkmarxSastScanSettings, updateContext);
updateEngineCondfigurationIdWhenSecHubAndCheckmarxDiffer(config, engineConfigurations, checkmarxSastScanSettings, updateContext);
/* check if the engine configuration needs to be updated */
if (updateContext.isUpdateNecessary()) {
LOG.debug("Update scan settings.");
updateSastScanSettings(context, updateContext.getPresetId(), updateContext.getEngineConfigurationId(), checkmarxSastScanSettings);
if (updateContext.isUpdateOfPresetIdNecessary()) {
LOG.debug("Updated preset id {}", updateContext.getPresetId());
}
if (updateContext.isUpdateOfEngineConfigurationNecessary()) {
LOG.debug("Updated engine configuration id {}", updateContext.getEngineConfigurationId());
}
updated = true;
} else {
LOG.debug("No update necessary.");
}
return updated;
}
Aggregations