Search in sources :

Example 26 with ProductResult

use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.

the class PDSWebScanProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
    PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    URI targetURI = info.getURI();
    if (targetURI == null) {
        /* no targets defined */
        return Collections.emptyList();
    }
    TargetType targetType = info.getTargetType();
    if (configSupport.isTargetTypeForbidden(targetType)) {
        LOG.info("pds adapter does not accept target type:{} so cancel execution");
        return Collections.emptyList();
    }
    LOG.debug("Trigger PDS adapter execution for target {} ", targetType);
    List<ProductResult> results = new ArrayList<>();
    String projectId = context.getConfiguration().getProjectId();
    Map<String, String> jobParameters = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
    /* @formatter:off */
    executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
    ProductResult result = resilientActionExecutor.executeResilient(() -> {
        PDSWebScanConfig pdsWebScanConfig = PDSWebScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).configure(new WebConfigBuilderStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParameters).setTargetURI(targetURI).build();
        /* @formatter:on */
        /* execute PDS by adapter and return product result */
        String pdsResult = pdsAdapter.start(pdsWebScanConfig, executorContext.getCallback());
        ProductResult currentProductResult = executorContext.getCurrentProductResult();
        currentProductResult.setResult(pdsResult);
        return currentProductResult;
    });
    results.add(result);
    return results;
}
Also used : ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) TargetType(com.mercedesbenz.sechub.domain.scan.TargetType) ArrayList(java.util.ArrayList) WebConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy) URI(java.net.URI) PDSWebScanConfig(com.mercedesbenz.sechub.adapter.pds.PDSWebScanConfig)

Example 27 with ProductResult

use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.

the class NetsparkerProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, NetsparkerInstallSetup setup, TargetRegistryInfo info) throws Exception {
    URI targetURI = info.getURI();
    if (targetURI == null) {
        /* no targets defined */
        return Collections.emptyList();
    }
    TargetType targetType = info.getTargetType();
    LOG.debug("Trigger netsparker adapter execution for target {} and setup {} ", targetType, setup);
    List<ProductResult> results = new ArrayList<>();
    /* NETSPARKER is not able to scan multiple targets */
    /*
         * special behavior, because having multiple results here, we must find former
         * result corresponding to target URI.
         */
    /* @formatter:off */
    executorContext.useFirstFormerResultHavingMetaData(NetsparkerMetaDataID.KEY_TARGET_URI, targetURI);
    NetsparkerAdapterConfig netsparkerConfig = NetsparkerConfig.builder().configure(createAdapterOptionsStrategy(context)).configure(new WebConfigBuilderStrategy(context)).configure(new OneInstallSetupConfigBuilderStrategy(setup)).setTimeToWaitForNextCheckOperationInMinutes(setup.getScanResultCheckPeriodInMinutes()).setTimeOutInMinutes(setup.getScanResultCheckTimeOutInMinutes()).setTraceID(context.getTraceLogIdAsString()).setAgentName(setup.getAgentName()).setAgentGroupName(setup.getIdentifier(targetType)).setPolicyID(setup.getDefaultPolicyId()).setLicenseID(setup.getNetsparkerLicenseId()).setTargetURI(targetURI).build();
    /* @formatter:on */
    /* execute NETSPARKER by adapter and return product result */
    String xml = netsparkerAdapter.start(netsparkerConfig, executorContext.getCallback());
    ProductResult currentProductResult = executorContext.getCurrentProductResult();
    currentProductResult.setResult(xml);
    results.add(currentProductResult);
    return results;
}
Also used : ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) OneInstallSetupConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.OneInstallSetupConfigBuilderStrategy) TargetType(com.mercedesbenz.sechub.domain.scan.TargetType) ArrayList(java.util.ArrayList) WebConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy) URI(java.net.URI) NetsparkerAdapterConfig(com.mercedesbenz.sechub.adapter.netsparker.NetsparkerAdapterConfig)

Example 28 with ProductResult

use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.

the class NetsparkerProductExecutorTest method before.

@Before
public void before() throws Exception {
    context = mock(SecHubExecutionContext.class);
    config = mock(SecHubConfiguration.class);
    executorContext = mock(ProductExecutorContext.class);
    target1 = new Target(URI_1_INTERNET, TargetType.INTERNET);
    target2 = new Target(URI_2_INTERNET, TargetType.INTERNET);
    target3 = new Target(URI_3_INTERNET, TargetType.INTERNET);
    targetResolver = mock(TargetResolver.class);
    when(targetResolver.resolveTarget(URI_1_INTERNET)).thenReturn(target1);
    when(targetResolver.resolveTarget(URI_2_INTERNET)).thenReturn(target2);
    when(targetResolver.resolveTarget(URI_3_INTERNET)).thenReturn(target3);
    netsparkerAdapter = mock(NetsparkerAdapter.class);
    when(context.getConfiguration()).thenReturn(config);
    UUID pseudoJobUUID = UUID.randomUUID();
    when(context.getSechubJobUUID()).thenReturn(pseudoJobUUID);
    when(executorContext.getCurrentProductResult()).thenReturn(new ProductResult(pseudoJobUUID, "project1", new WithoutProductExecutorConfigInfo(ProductIdentifier.NETSPARKER), "resullt1"));
    executorToTest = new TestNetsparkerProductExecutor();
    executorToTest.netsparkerAdapter = netsparkerAdapter;
    installSetup = mock(NetsparkerInstallSetup.class);
    when(installSetup.getBaseURL()).thenReturn("http://www.example.com/netsparker");
    when(installSetup.getUserId()).thenReturn("user");
    when(installSetup.getPassword()).thenReturn("apitoken1");
    when(installSetup.getNetsparkerLicenseId()).thenReturn("license1");
    executorToTest.installSetup = installSetup;
}
Also used : NetsparkerAdapter(com.mercedesbenz.sechub.adapter.netsparker.NetsparkerAdapter) Target(com.mercedesbenz.sechub.domain.scan.Target) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext) SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) ProductExecutorContext(com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext) UUID(java.util.UUID) TargetResolver(com.mercedesbenz.sechub.domain.scan.resolve.TargetResolver) WithoutProductExecutorConfigInfo(com.mercedesbenz.sechub.domain.scan.product.config.WithoutProductExecutorConfigInfo) Before(org.junit.Before)

Example 29 with ProductResult

use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.

the class NessusProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, NessusInstallSetup setup, TargetRegistryInfo data) throws Exception {
    if (data.getURIs().isEmpty() && data.getIPs().isEmpty()) {
        return Collections.emptyList();
    }
    TargetType targetType = data.getTargetType();
    LOG.debug("Trigger nessus adapter execution for target type {} and setup {} ", targetType, setup);
    /* @formatter:off */
    NessusAdapterConfig nessusConfig = NessusConfig.builder().configure(createAdapterOptionsStrategy(context)).configure(new TargetIdentifyingMultiInstallSetupConfigBuilderStrategy(setup, targetType)).setTimeToWaitForNextCheckOperationInMinutes(scanResultCheckPeriodInMinutes).setTimeOutInMinutes(scanResultCheckTimeOutInMinutes).setProxyHostname(proxyHostname).setProxyPort(proxyPort).setTraceID(context.getTraceLogIdAsString()).setPolicyID(setup.getDefaultPolicyId()).setTargetIPs(data.getIPs()).setTargetURIs(data.getURIs()).build();
    /* @formatter:on */
    /* execute NESSUS by adapter and return product result */
    String xml = nessusAdapter.start(nessusConfig, executorContext.getCallback());
    // product result is set by callback
    ProductResult productResult = executorContext.getCurrentProductResult();
    productResult.setResult(xml);
    return Collections.singletonList(productResult);
}
Also used : NessusAdapterConfig(com.mercedesbenz.sechub.adapter.nessus.NessusAdapterConfig) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) TargetType(com.mercedesbenz.sechub.domain.scan.TargetType) TargetIdentifyingMultiInstallSetupConfigBuilderStrategy(com.mercedesbenz.sechub.domain.scan.TargetIdentifyingMultiInstallSetupConfigBuilderStrategy)

Example 30 with ProductResult

use of com.mercedesbenz.sechub.domain.scan.product.ProductResult in project sechub by mercedes-benz.

the class PDSInfraScanProductExecutor method executeWithAdapter.

@Override
protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context, ProductExecutorContext executorContext, PDSInstallSetup setup, TargetRegistryInfo info) throws Exception {
    Set<URI> targetURIs = info.getURIs();
    if (targetURIs.isEmpty()) {
        /* no targets defined */
        return Collections.emptyList();
    }
    TargetType targetType = info.getTargetType();
    PDSExecutorConfigSuppport configSupport = PDSExecutorConfigSuppport.createSupportAndAssertConfigValid(executorContext.getExecutorConfig(), systemEnvironment);
    if (configSupport.isTargetTypeForbidden(targetType)) {
        LOG.info("pds adapter does not accept target type:{} so cancel execution");
        return Collections.emptyList();
    }
    LOG.debug("Trigger pds infra scan adapter execution for target {}", targetType);
    List<ProductResult> results = new ArrayList<>();
    Map<String, String> jobParameters = configSupport.createJobParametersToSendToPDS(context.getConfiguration());
    String projectId = context.getConfiguration().getProjectId();
    for (URI targetURI : targetURIs) {
        /* @formatter:off */
        /* special behavior, because having multiple results here, we must find former result corresponding to
             * target URI.
             */
        executorContext.useFirstFormerResultHavingMetaData(PDSMetaDataID.KEY_TARGET_URI, targetURI);
        PDSInfraScanConfig pdsInfraScanConfig = PDSInfraScanConfigImpl.builder().setPDSProductIdentifier(configSupport.getPDSProductIdentifier()).setTrustAllCertificates(configSupport.isTrustAllCertificatesEnabled()).setProductBaseUrl(configSupport.getProductBaseURL()).setSecHubJobUUID(context.getSechubJobUUID()).setSecHubConfigModel(context.getConfiguration()).configure(createAdapterOptionsStrategy(context)).setTimeToWaitForNextCheckOperationInMilliseconds(configSupport.getTimeToWaitForNextCheckOperationInMilliseconds(setup)).setTimeOutInMinutes(configSupport.getTimeoutInMinutes(setup)).setUser(configSupport.getUser()).setPasswordOrAPIToken(configSupport.getPasswordOrAPIToken()).setProjectId(projectId).setTraceID(context.getTraceLogIdAsString()).setJobParameters(jobParameters).setTargetIPs(info.getIPs()).setTargetURIs(info.getURIs()).build();
        /* @formatter:on */
        /* execute PDS by adapter and return product result */
        String xml = pdsAdapter.start(pdsInfraScanConfig, executorContext.getCallback());
        ProductResult currentProductResult = executorContext.getCurrentProductResult();
        currentProductResult.setResult(xml);
        results.add(currentProductResult);
    }
    return results;
}
Also used : PDSInfraScanConfig(com.mercedesbenz.sechub.adapter.pds.PDSInfraScanConfig) ProductResult(com.mercedesbenz.sechub.domain.scan.product.ProductResult) TargetType(com.mercedesbenz.sechub.domain.scan.TargetType) ArrayList(java.util.ArrayList) URI(java.net.URI)

Aggregations

ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)30 ProductExecutorContext (com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext)10 ArrayList (java.util.ArrayList)10 SecHubExecutionContext (com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext)8 UUID (java.util.UUID)8 InputStream (java.io.InputStream)6 URI (java.net.URI)6 WithoutProductExecutorConfigInfo (com.mercedesbenz.sechub.domain.scan.product.config.WithoutProductExecutorConfigInfo)5 MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)5 NetworkTargetProductServerDataAdapterConfigurationStrategy (com.mercedesbenz.sechub.domain.scan.NetworkTargetProductServerDataAdapterConfigurationStrategy)4 NetworkTargetInfo (com.mercedesbenz.sechub.domain.scan.NetworkTargetRegistry.NetworkTargetInfo)4 NetworkTargetType (com.mercedesbenz.sechub.domain.scan.NetworkTargetType)4 TargetType (com.mercedesbenz.sechub.domain.scan.TargetType)4 WebConfigBuilderStrategy (com.mercedesbenz.sechub.domain.scan.WebConfigBuilderStrategy)4 Test (org.junit.Test)4 AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)3 SecHubAdapterOptionsBuilderStrategy (com.mercedesbenz.sechub.domain.scan.SecHubAdapterOptionsBuilderStrategy)3 ProductExecutorConfig (com.mercedesbenz.sechub.domain.scan.product.config.ProductExecutorConfig)3 JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)3 Test (org.junit.jupiter.api.Test)3