use of com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfig in project sechub by mercedes-benz.
the class SerecoFalsePositiveMarker method markFalsePositives.
public void markFalsePositives(String projectId, List<SerecoVulnerability> all) {
notEmpty(projectId, "project id may not be null or empty!");
if (all == null || all.isEmpty()) {
/* no vulnerabilities found */
return;
}
ScanProjectConfig config = scanProjectConfigService.get(projectId, ScanProjectConfigID.FALSE_POSITIVE_CONFIGURATION, false);
if (config == null) {
/* nothing configured */
return;
}
String data = config.getData();
FalsePositiveProjectConfiguration falsePositiveConfig = FalsePositiveProjectConfiguration.fromJSONString(data);
List<FalsePositiveEntry> falsePositives = falsePositiveConfig.getFalsePositives();
for (SerecoVulnerability vulnerability : all) {
handleVulnereability(falsePositives, vulnerability);
}
}
use of com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfig in project sechub by mercedes-benz.
the class ScanService method buildOptions.
private void buildOptions(SecHubExecutionContext executionContext) {
/* project specific setup */
String projectId = executionContext.getConfiguration().getProjectId();
if (projectId == null) {
throw new IllegalStateException("projectId not found in configuration - so cannot prepare context options!");
}
ScanProjectConfig scanProjectMockConfig = scanProjectConfigService.get(projectId, ScanProjectConfigID.MOCK_CONFIGURATION, false);
if (scanProjectMockConfig != null) {
String data = scanProjectMockConfig.getData();
ScanProjectMockDataConfiguration mockDataConfig = ScanProjectMockDataConfiguration.fromString(data);
executionContext.putData(ScanKey.PROJECT_MOCKDATA_CONFIGURATION, mockDataConfig);
}
}
use of com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfig in project sechub by mercedes-benz.
the class ScanServiceTest method scan_service_fetches_mock_configuration_and_puts_mock_project_configuration_complete_in_execution_context.
@Test
public void scan_service_fetches_mock_configuration_and_puts_mock_project_configuration_complete_in_execution_context() throws Exception {
/* prepare */
SecHubConfiguration configNoProjectId = prepareValidConfiguration();
DomainMessage request = prepareRequest(configNoProjectId);
ScanProjectMockDataConfiguration projectMockDataConfig = new ScanProjectMockDataConfiguration();
projectMockDataConfig.setCodeScan(new ScanMockData(TrafficLight.YELLOW));
ScanProjectConfig projectConfig = new ScanProjectConfig(ScanProjectConfigID.MOCK_CONFIGURATION, TEST_PROJECT_ID1);
projectConfig.setData(projectMockDataConfig.toJSON());
when(scanProjectConfigService.get("test-project-id1", ScanProjectConfigID.MOCK_CONFIGURATION, false)).thenReturn(projectConfig);
/* execute */
simulateEventSend(request, serviceToTest);
/* test */
ArgumentCaptor<SecHubExecutionContext> contextCaptor = ArgumentCaptor.forClass(SecHubExecutionContext.class);
verify(codeScanProductExecutionService).executeProductsAndStoreResults(contextCaptor.capture());
SecHubExecutionContext context = contextCaptor.getValue();
assertEquals(projectMockDataConfig, context.getData(ScanKey.PROJECT_MOCKDATA_CONFIGURATION));
}
use of com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfig in project sechub by mercedes-benz.
the class SerecoFalsePositiveMarkerTest method before.
@Before
public void before() throws Exception {
markerToTest = new SerecoFalsePositiveMarker();
scanProjectConfigService = mock(ScanProjectConfigService.class);
falsePositiveFinder = mock(SerecoFalsePositiveFinder.class);
config = new ScanProjectConfig(ScanProjectConfigID.FALSE_POSITIVE_CONFIGURATION, PROJECT_ID);
when(scanProjectConfigService.get(PROJECT_ID, ScanProjectConfigID.FALSE_POSITIVE_CONFIGURATION, false)).thenReturn(config);
markerToTest.scanProjectConfigService = scanProjectConfigService;
markerToTest.falsePositiveFinder = falsePositiveFinder;
projectConfig = new FalsePositiveProjectConfiguration();
}
Aggregations