use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.
the class PDSWebScanProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
URI targetURI = info.getURI();
if (targetURI == null) {
/* no targets defined */
return Collections.emptyList();
}
TargetType targetType = info.getTargetType();
if (configSupport.isTargetTypeForbidden(targetType)) {
LOG.info("pds adapter does not accept target type:{} so cancel execution");
return Collections.emptyList();
}
LOG.debug("Trigger PDS adapter execution for target {} ", targetType);
List<ProductResult> results = new ArrayList<>();
String projectId = context.getConfiguration().getProjectId();
Map<String, String> jobParameters = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
/* @formatter:off */
executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
ProductResult result = resilientActionExecutor.executeResilient(() -> {
PDSWebScanConfig pdsWebScanConfig = PDSWebScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).configure(new WebConfigBuilderStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParameters).setTargetURI(targetURI).build();
/* @formatter:on */
/* execute PDS by adapter and return product result */
String pdsResult = pdsAdapter.start(pdsWebScanConfig, executorContext.getCallback());
ProductResult currentProductResult = executorContext.getCurrentProductResult();
currentProductResult.setResult(pdsResult);
return currentProductResult;
});
results.add(result);
return results;
}
use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.
the class NetsparkerProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, NetsparkerInstallSetup setup, TargetRegistryInfo info) throws Exception {
URI targetURI = info.getURI();
if (targetURI == null) {
/* no targets defined */
return Collections.emptyList();
}
TargetType targetType = info.getTargetType();
LOG.debug("Trigger netsparker adapter execution for target {} and setup {} ", targetType, setup);
List<ProductResult> results = new ArrayList<>();
/* NETSPARKER is not able to scan multiple targets */
/*
* special behavior, because having multiple results here, we must find former
* result corresponding to target URI.
*/
/* @formatter:off */
executorContext.useFirstFormerResultHavingMetaData(NetsparkerMetaDataID.KEY_TARGET_URI, targetURI);
NetsparkerAdapterConfig netsparkerConfig = NetsparkerConfig.builder().configure(createAdapterOptionsStrategy(context)).configure(new WebConfigBuilderStrategy(context)).configure(new OneInstallSetupConfigBuilderStrategy(setup)).setTimeToWaitForNextCheckOperationInMinutes(setup.getScanResultCheckPeriodInMinutes()).setTimeOutInMinutes(setup.getScanResultCheckTimeOutInMinutes()).setTraceID(context.getTraceLogIdAsString()).setAgentName(setup.getAgentName()).setAgentGroupName(setup.getIdentifier(targetType)).setPolicyID(setup.getDefaultPolicyId()).setLicenseID(setup.getNetsparkerLicenseId()).setTargetURI(targetURI).build();
/* @formatter:on */
/* execute NETSPARKER by adapter and return product result */
String xml = netsparkerAdapter.start(netsparkerConfig, executorContext.getCallback());
ProductResult currentProductResult = executorContext.getCurrentProductResult();
currentProductResult.setResult(xml);
results.add(currentProductResult);
return results;
}
use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.
the class NetsparkerProductExecutorTest method before.
@Before
public void before() throws Exception {
context = mock(SecHubExecutionContext.class);
config = mock(SecHubConfiguration.class);
executorContext = mock(ProductExecutorContext.class);
target1 = new Target(URI_1_INTERNET, TargetType.INTERNET);
target2 = new Target(URI_2_INTERNET, TargetType.INTERNET);
target3 = new Target(URI_3_INTERNET, TargetType.INTERNET);
targetResolver = mock(TargetResolver.class);
when(targetResolver.resolveTarget(URI_1_INTERNET)).thenReturn(target1);
when(targetResolver.resolveTarget(URI_2_INTERNET)).thenReturn(target2);
when(targetResolver.resolveTarget(URI_3_INTERNET)).thenReturn(target3);
netsparkerAdapter = mock(NetsparkerAdapter.class);
when(context.getConfiguration()).thenReturn(config);
UUID pseudoJobUUID = UUID.randomUUID();
when(context.getSechubJobUUID()).thenReturn(pseudoJobUUID);
when(executorContext.getCurrentProductResult()).thenReturn(new ProductResult(pseudoJobUUID, "project1", new WithoutProductExecutorConfigInfo(ProductIdentifier.NETSPARKER), "resullt1"));
executorToTest = new TestNetsparkerProductExecutor();
executorToTest.netsparkerAdapter = netsparkerAdapter;
installSetup = mock(NetsparkerInstallSetup.class);
when(installSetup.getBaseURL()).thenReturn("http://www.example.com/netsparker");
when(installSetup.getUserId()).thenReturn("user");
when(installSetup.getPassword()).thenReturn("apitoken1");
when(installSetup.getNetsparkerLicenseId()).thenReturn("license1");
executorToTest.installSetup = installSetup;
}
use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.
the class NessusProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, NessusInstallSetup setup, TargetRegistryInfo data) throws Exception {
if (data.getURIs().isEmpty() && data.getIPs().isEmpty()) {
return Collections.emptyList();
}
TargetType targetType = data.getTargetType();
LOG.debug("Trigger nessus adapter execution for target type {} and setup {} ", targetType, setup);
/* @formatter:off */
NessusAdapterConfig nessusConfig = NessusConfig.builder().configure(createAdapterOptionsStrategy(context)).configure(new TargetIdentifyingMultiInstallSetupConfigBuilderStrategy(setup, targetType)).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setProxyHostname(proxyHostname).setProxyPort(proxyPort).setTraceID(context.getTraceLogIdAsString()).setPolicyID(setup.getDefaultPolicyId()).setTargetIPs(data.getIPs()).setTargetURIs(data.getURIs()).build();
/* @formatter:on */
/* execute NESSUS by adapter and return product result */
String xml = nessusAdapter.start(nessusConfig, executorContext.getCallback());
// product result is set by callback
ProductResult productResult = executorContext.getCurrentProductResult();
productResult.setResult(xml);
return Collections.singletonList(productResult);
}
use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.
the class PDSInfraScanProductExecutor method executeWithAdapter.
@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
Set<URI> targetURIs = info.getURIs();
if (targetURIs.isEmpty()) {
/* no targets defined */
return Collections.emptyList();
}
TargetType targetType = info.getTargetType();
PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
if (configSupport.isTargetTypeForbidden(targetType)) {
LOG.info("pds adapter does not accept target type:{} so cancel execution");
return Collections.emptyList();
}
LOG.debug("Trigger pds infra scan adapter execution for target {}", targetType);
List<ProductResult> results = new ArrayList<>();
Map<String, String> jobParameters = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
String projectId = context.getConfiguration().getProjectId();
for (URI targetURI : targetURIs) {
/* @formatter:off */
/* special behavior, because having multiple results here, we must find former result corresponding to
* target URI.
*/
executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
PDSInfraScanConfig pdsInfraScanConfig = PDSInfraScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParameters).setTargetIPs(info.getIPs()).setTargetURIs(info.getURIs()).build();
/* @formatter:on */
/* execute PDS by adapter and return product result */
String xml = pdsAdapter.start(pdsInfraScanConfig, executorContext.getCallback());
ProductResult currentProductResult = executorContext.getCurrentProductResult();
currentProductResult.setResult(xml);
results.add(currentProductResult);
}
return results;
}
Aggregations