Search in sources :

Example 6 with ProductExecutorContext

use of com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext in project sechub by mercedes-benz.

the class NessusProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    NetworkTargetInfo info = data.getCurrentNetworkTargetInfo();
    if (info.getURIs().isEmpty() && info.getIPs().isEmpty()) {
        LOG.debug("{} Nessus scan not possible, because no uri or ip defined", data.getTraceLogId());
        return Collections.emptyList();
    }
    NetworkTargetType targetType = info.getTargetType();
    LOG.debug("Trigger Nessus adapter execution for target type {}", targetType);
    /* @formatter:off */
    NessusAdapterConfig nessusConfig = NessusConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).configure(new NetworkTargetProductServerDataAdapterConfigurationStrategy(installSetup, targetType)).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setProxyHostname(proxyHostname).setProxyPort(proxyPort).setTraceID(data.getTraceLogIdAsString()).setPolicyID(installSetup.getDefaultPolicyId()).setTargetIPs(info.getIPs()).setTargetURIs(info.getURIs()).build();
    /* @formatter:on */
    /* execute NESSUS by adapter and return product result */
    ProductExecutorContext productExecutorContext = data.getProductExecutorContext();
    String xml = nessusAdapter.start(nessusConfig, productExecutorContext.getCallback());
    // product result is set by callback
    ProductResult productResult = productExecutorContext.getCurrentProductResult();
    productResult.setResult(xml);
    return Collections.singletonList(productResult);
}
Also used : NessusAdapterConfig(com.mercedesbenz.sechub.adapter.nessus.NessusAdapterConfig) NetworkTargetType(com.mercedesbenz.sechub.domain.scan.NetworkTargetType) SecHubAdapterOptionsBuilderStrategy(com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) NetworkTargetProductServerDataAdapterConfigurationStrategy(com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) NetworkTargetInfo(com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo)

Example 7 with ProductExecutorContext

use of com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext in project sechub by mercedes-benz.

the class NetsparkerProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    NetworkTargetInfo info = data.getCurrentNetworkTargetInfo();
    URI targetURI = info.getURI();
    if (targetURI == null) {
        /* no targets defined */
        return Collections.emptyList();
    }
    NetworkTargetType targetType = info.getTargetType();
    LOG.debug("Trigger netsparker adapter execution for target {}", targetType);
    List<ProductResult> results = new ArrayList<>();
    /* NETSPARKER is not able to scan multiple targets */
    /*
         * special behavior, because having multiple results here, we must find former
         * result corresponding to target URI.
         */
    /* @formatter:off */
    ProductExecutorContext productExecutorContext = data.getProductExecutorContext();
    productExecutorContext.useFirstFormerResultHavingMetaData(NetsparkerMetaDataID.KEY_TARGET_URI, targetURI);
    NetsparkerAdapterConfig netsparkerConfig = NetsparkerConfig.builder().configure(new SecHubAdapterOptionsBuilderStrategy(data, getScanType())).configure(new WebConfigBuilderStrategy(data.getSechubExecutionContext())).configure(new NetworkTargetProductServerDataAdapterConfigurationStrategy(installSetup, targetType)).setTimeToWaitForNextCheckOperationInMinutes(installSetup.getScanResultCheckPeriodInMinutes()).setTimeOutInMinutes(installSetup.getScanResultCheckTimeOutInMinutes()).setTraceID(data.getTraceLogIdAsString()).setAgentName(installSetup.getAgentName()).setAgentGroupName(data.getNetworkTargetProductServerDataSupport().getIdentifier(targetType)).setPolicyID(installSetup.getDefaultPolicyId()).setLicenseID(installSetup.getNetsparkerLicenseId()).setTargetType(info.getTargetType().name()).setTargetURI(targetURI).build();
    /* @formatter:on */
    /* execute NETSPARKER by adapter and return product result */
    String xml = netsparkerAdapter.start(netsparkerConfig, productExecutorContext.getCallback());
    ProductResult currentProductResult = productExecutorContext.getCurrentProductResult();
    currentProductResult.setResult(xml);
    results.add(currentProductResult);
    return results;
}
Also used : NetworkTargetType(com.mercedesbenz.sechub.domain.scan.NetworkTargetType) SecHubAdapterOptionsBuilderStrategy(com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) NetworkTargetProductServerDataAdapterConfigurationStrategy(com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy) ArrayList(java.util.ArrayList) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) WebConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy) URI(java.net.URI) NetworkTargetInfo(com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo) NetsparkerAdapterConfig(com.mercedesbenz.sechub.adapter.netsparker.NetsparkerAdapterConfig)

Example 8 with ProductExecutorContext

use of com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext in project sechub by mercedes-benz.

the class PDSInfraScanProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    NetworkTargetInfo info = data.getCurrentNetworkTargetInfo();
    Set<URI> targetURIs = info.getURIs();
    if (targetURIs.isEmpty()) {
        /* no targets defined */
        return Collections.emptyList();
    }
    NetworkTargetType targetType = info.getTargetType();
    ProductExecutorContext executorContext = data.getProductExecutorContext();
    /* we reuse config support created inside customize method */
    PDSExecutorConfigSuppport configSupport = (PDSExecutorConfigSuppport) data.getNetworkTargetDataProvider();
    if (configSupport.isTargetTypeForbidden(targetType)) {
        LOG.info("pds adapter does not accept target type:{} so cancel execution");
        return Collections.emptyList();
    }
    LOG.debug("Trigger pds infra scan adapter execution for target {}", targetType);
    List<ProductResult> results = new ArrayList<>();
    SecHubExecutionContext context = data.getSechubExecutionContext();
    PDSStorageContentProvider contentProvider = contentProviderFactory.createContentProvider(context, configSupport, getScanType());
    for (URI targetURI : targetURIs) {
        /* @formatter:off */
        /* special behavior, because having multiple results here, we must find former result corresponding to
             * target URI.
             */
        executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
        PDSInfraScanConfig pdsInfraScanConfig = PDSInfraScanConfigImpl.builder().configure(PDSAdapterConfigurationStrategy.builder().setScanType(getScanType()).setProductExecutorData(data).setConfigSupport(configSupport).setContentProvider(contentProvider).setInstallSetup(installSetup).build()).configure(new NetworkTargetProductServerDataAdapterConfigurationStrategy(configSupport, data.getCurrentNetworkTargetInfo().getTargetType())).setTargetIPs(info.getIPs()).setTargetURIs(info.getURIs()).build();
        /* @formatter:on */
        /* execute PDS by adapter and return product result */
        String xml = pdsAdapter.start(pdsInfraScanConfig, executorContext.getCallback());
        ProductResult currentProductResult = executorContext.getCurrentProductResult();
        currentProductResult.setResult(xml);
        results.add(currentProductResult);
    }
    return results;
}
Also used : ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) NetworkTargetProductServerDataAdapterConfigurationStrategy(com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) ArrayList(java.util.ArrayList) URI(java.net.URI) NetworkTargetInfo(com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo) PDSInfraScanConfig(com.mercedesbenz.sechub.adapter.pds.PDSInfraScanConfig) NetworkTargetType(com.mercedesbenz.sechub.domain.scan.NetworkTargetType) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext)

Example 9 with ProductExecutorContext

use of com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext in project sechub by mercedes-benz.

the class PDSWebScanProductExecutor method executeByAdapter.

@Override
protected List<ProductResult> executeByAdapter(ProductExecutorData data) throws Exception {
    ProductExecutorContext executorContext = data.getProductExecutorContext();
    SecHubExecutionContext context = data.getSechubExecutionContext();
    NetworkTargetInfo info = data.getCurrentNetworkTargetInfo();
    /* we reuse config support created inside customize method */
    PDSExecutorConfigSuppport configSupport = (PDSExecutorConfigSuppport) data.getNetworkTargetDataProvider();
    URI targetURI = info.getURI();
    if (targetURI == null) {
        LOG.warn("NO target URI defined for PDS web scan execution");
        return Collections.emptyList();
    }
    NetworkTargetType targetType = info.getTargetType();
    if (configSupport.isTargetTypeForbidden(targetType)) {
        LOG.info("PDS adapter does not accept target type:{} so cancel execution");
        return Collections.emptyList();
    }
    LOG.debug("Trigger PDS adapter execution for target {} ", targetType);
    List<ProductResult> results = new ArrayList<>();
    /* @formatter:off */
    executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
    PDSStorageContentProvider contentProvider = contentProviderFactory.createContentProvider(context, configSupport, getScanType());
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        try (InputStream sourceCodeZipFileInputStreamOrNull = contentProvider.getSourceZipFileInputStreamOrNull()) {
            PDSWebScanConfig pdsWebScanConfig = PDSWebScanConfigImpl.builder().configure(PDSAdapterConfigurationStrategy.builder().setScanType(getScanType()).setProductExecutorData(data).setConfigSupport(configSupport).setSourceCodeZipFileInputStreamOrNull(sourceCodeZipFileInputStreamOrNull).setContentProvider(contentProvider).setInstallSetup(installSetup).build()).configure(new WebConfigBuilderStrategy(context)).configure(new NetworkTargetProductServerDataAdapterConfigurationStrategy(configSupport, data.getCurrentNetworkTargetInfo().getTargetType())).setTargetURI(targetURI).setTargetType(info.getTargetType().name()).build();
            /* @formatter:on */
            /* execute PDS by adapter and return product result */
            String pdsResult = pdsAdapter.start(pdsWebScanConfig, executorContext.getCallback());
            ProductResult currentProductResult = executorContext.getCurrentProductResult();
            currentProductResult.setResult(pdsResult);
            return currentProductResult;
        }
    });
    results.add(result);
    return results;
}
Also used : ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) NetworkTargetProductServerDataAdapterConfigurationStrategy(com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy) InputStream(java.io.InputStream) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) ArrayList(java.util.ArrayList) URI(java.net.URI) NetworkTargetInfo(com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo) PDSWebScanConfig(com.mercedesbenz.sechub.adapter.pds.PDSWebScanConfig) NetworkTargetType(com.mercedesbenz.sechub.domain.scan.NetworkTargetType) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext) WebConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy)

Example 10 with ProductExecutorContext

use of com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext in project sechub by mercedes-benz.

the class PDSWebScanProductExecutor method customize.

@Override
protected void customize(ProductExecutorData data) {
    SecHubConfiguration secHubConfiguration = data.getSechubExecutionContext().getConfiguration();
    data.setNetworkLocationProvider(new WebScanNetworkLocationProvider(secHubConfiguration));
    ProductExecutorContext executorContext = data.getProductExecutorContext();
    PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    data.setNetworkTargetDataProvider(configSupport);
}
Also used : SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) WebScanNetworkLocationProvider(com.mercedesbenz.sechub.domain.scan.WebScanNetworkLocationProvider)

Aggregations

ProductExecutorContext (com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext)10 ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)8 SecHubExecutionContext (com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext)6 NetworkTargetProductServerDataAdapterConfigurationStrategy (com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy)4 NetworkTargetInfo (com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo)4 NetworkTargetType (com.mercedesbenz.sechub.domain.scan.NetworkTargetType)4 InputStream (java.io.InputStream)3 URI (java.net.URI)3 ArrayList (java.util.ArrayList)3 AdapterException (com.mercedesbenz.sechub.adapter.AdapterException)2 AdapterLogId (com.mercedesbenz.sechub.adapter.AdapterLogId)2 SecHubAdapterOptionsBuilderStrategy (com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy)2 WebConfigBuilderStrategy (com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy)2 ProductExecutorCallback (com.mercedesbenz.sechub.domain.scan.product.ProductExecutorCallback)2 ProductExecutorConfig (com.mercedesbenz.sechub.domain.scan.product.config.ProductExecutorConfig)2 ProductExecutorConfigSetup (com.mercedesbenz.sechub.domain.scan.product.config.ProductExecutorConfigSetup)2 SecHubConfiguration (com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration)2 MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)2 Test (org.junit.Test)2 NessusAdapterConfig (com.mercedesbenz.sechub.adapter.nessus.NessusAdapterConfig)1