Example 6 with CheckmarxAdapterConfig
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxProjectSupport method createProject.
private CheckmarxSessionData createProject(CheckmarxContext context) throws AdapterException {
CheckmarxAdapterConfig config = context.getConfig();
String projectName = config.getProjectId();
String teamId = config.getTeamIdForNewProjects();
Map<String, String> json = new TreeMap<>();
json.put("name", projectName);
json.put("owningTeam", teamId);
json.put("isPublic", "false");
String url = context.getAPIURL("projects");
String jsonAsString = context.json().toJSON(json);
RestOperations restTemplate = context.getRestOperations();
// https://checkmarx.atlassian.net/wiki/spaces/KC/pages/222265747/Create+Project+with+Default+Configuration+-+POST+projects
// https://checkmarx.atlassian.net/wiki/spaces/KC/pages/814285654/Swagger+Examples+v8.8.0+-+v2
MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
headers.set("Content-Type", "application/json;v=2.0");
HttpEntity<String> request = new HttpEntity<>(jsonAsString, headers);
ResponseEntity<String> response = restTemplate.postForEntity(url, request, String.class);
CheckmarxSessionData sessionData = extractProjectFromJsonWithProjectCreationData(projectName, context.json(), response.getBody());
updatePresetIdAndEngineConfigurationIfNecessary(context, sessionData);
return sessionData;
}
Also used :
HttpEntity(org.springframework.http.HttpEntity)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
CheckmarxSessionData(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSessionData)
CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)
TreeMap(java.util.TreeMap)
RestOperations(org.springframework.web.client.RestOperations)
Example 7 with CheckmarxAdapterConfig
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxProjectSupport method ensureProjectExists.
public void ensureProjectExists(CheckmarxContext context) throws AdapterException {
CheckmarxAdapterConfig config = context.getConfig();
String projectName = config.getProjectId();
String teamId = config.getTeamIdForNewProjects();
Map<String, String> map = new LinkedHashMap<>();
map.put("projectName", projectName);
map.put("teamId", teamId);
String url = context.getAPIURL("projects", map);
RestOperations restTemplate = context.getRestOperations();
// CxRestAPI/projects?projectName=myProject&teamId=00000000-1111-1111-b111-989c9070eb11
try {
ResponseEntity<String> response = restTemplate.getForEntity(url, String.class);
context.setSessionData(extractFirstProjectFromJsonWithProjectArray(context.json(), response.getBody()));
context.setNewProject(false);
return;
} catch (HttpStatusCodeException e) {
if (e.getRawStatusCode() != 404) {
/* only 404 - not found is accepted */
throw context.asAdapterException("Unexpected HTTP status error", e);
}
}
/* 404 error - okay, lets create */
context.setSessionData(createProject(context));
context.setNewProject(true);
}
Also used :
CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)
HttpStatusCodeException(org.springframework.web.client.HttpStatusCodeException)
RestOperations(org.springframework.web.client.RestOperations)
LinkedHashMap(java.util.LinkedHashMap)
Example 8 with CheckmarxAdapterConfig
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxScanSupport method triggerNewEntryInQueue.
// https://checkmarx.atlassian.net/wiki/spaces/KC/pages/814121878/Swagger+Examples+v8.8.0+-+v1
private void triggerNewEntryInQueue(CheckmarxOAuthSupport oauthSupport, CheckmarxContext context) throws AdapterException {
oauthSupport.refreshBearerTokenWhenNecessary(context);
AdapterMetaData metaData = context.getRuntimeContext().getMetaData();
Long scanIdLong = metaData.getValueLong(CheckmarxMetaDataID.KEY_SCAN_ID);
long scanId = -1;
if (scanIdLong == null) {
LOG.info("Trigger new scan entry in checkmarx queue");
CheckmarxAdapterConfig config = context.getConfig();
long projectId = context.getSessionData().getProjectId();
Map<String, Object> json = new TreeMap<>();
json.put("projectId", projectId);
json.put("isIncremental", context.isIncrementalScan());
json.put("isPublic", false);
json.put("forceScan", false);
json.put("comment", "sechub job:" + config.getTraceID());
String url = context.getAPIURL("sast/scans");
String jsonAsString = context.json().toJSON(json);
HttpHeaders headers = new HttpHeaders();
headers.set("Content-Type", "application/json;v=1.0");
HttpEntity<String> request = new HttpEntity<>(jsonAsString, headers);
RestOperations restTemplate = context.getRestOperations();
ResponseEntity<String> result = restTemplate.exchange(url, HttpMethod.POST, request, String.class);
if (!result.getStatusCode().equals(HttpStatus.CREATED)) {
throw context.asAdapterException("Response HTTP status not as expected: " + result.getStatusCode(), null);
}
String body = result.getBody();
scanId = context.json().fetch("id", body).asLong();
metaData.setValue(CheckmarxMetaDataID.KEY_SCAN_ID, scanId);
context.getRuntimeContext().getCallback().persist(metaData);
} else {
/* just reuse existing data */
scanId = scanIdLong.longValue();
LOG.info("Reuse existing scanId:{}, for :{}", scanId, context.getTraceID());
}
context.getSessionData().setScanId(scanId);
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
HttpEntity(org.springframework.http.HttpEntity)
TreeMap(java.util.TreeMap)
CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)
RestOperations(org.springframework.web.client.RestOperations)
AdapterMetaData(com.mercedesbenz.sechub.adapter.AdapterMetaData)
Example 9 with CheckmarxAdapterConfig
use of com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig in project sechub by mercedes-benz.
the class CheckmarxUploadSupport method uploadZippedSourceCode.
// https://checkmarx.atlassian.net/wiki/spaces/KC/pages/223313947/Upload+Source+Code+Zip+File+-+POST+projects+id+sourceCode+attachments
// POST /projects/{id}/sourceCode/attachments and upload the zipped source code
// https://www.baeldung.com/spring-rest-template-multipart-upload
public void uploadZippedSourceCode(CheckmarxContext context) throws AdapterException {
CheckmarxAdapterConfig config = context.getConfig();
Resource sourceCodeFile = fetchResource(context, config);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.MULTIPART_FORM_DATA);
MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
body.add("zippedSource", sourceCodeFile);
HttpEntity<MultiValueMap<String, Object>> requestEntity = new HttpEntity<>(body, headers);
String url = context.getAPIURL("projects/" + context.getSessionData().getProjectId() + "/sourceCode/attachments");
RestOperations restTemplate = context.getRestOperations();
ResponseEntity<String> result = restTemplate.exchange(url, HttpMethod.POST, requestEntity, String.class);
if (!result.getStatusCode().equals(HttpStatus.NO_CONTENT)) {
throw context.asAdapterException("Response HTTP status not as expected: " + result.getStatusCode());
}
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
HttpEntity(org.springframework.http.HttpEntity)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
InputStreamResource(org.springframework.core.io.InputStreamResource)
Resource(org.springframework.core.io.Resource)
CheckmarxAdapterConfig(com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)
RestOperations(org.springframework.web.client.RestOperations)
MultiValueMap(org.springframework.util.MultiValueMap)
LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)
Aggregations
CheckmarxAdapterConfig (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)9
RestOperations (org.springframework.web.client.RestOperations)6
HttpEntity (org.springframework.http.HttpEntity)4
AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)3
HttpHeaders (org.springframework.http.HttpHeaders)3
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)3
ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)2
MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)2
JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)2
InputStream (java.io.InputStream)2
TreeMap (java.util.TreeMap)2
UUID (java.util.UUID)2
MultiValueMap (org.springframework.util.MultiValueMap)2
CheckmarxAdapterContext (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterContext)1
CheckmarxEngineConfiguration (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxEngineConfiguration)1
CheckmarxSastScanSettings (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSastScanSettings)1
CheckmarxSessionData (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxSessionData)1
SecHubAdapterOptionsBuilderStrategy (com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy)1
LinkedHashMap (java.util.LinkedHashMap)1
InputStreamResource (org.springframework.core.io.InputStreamResource)1
