Search in sources :

Example 16 with SecHubConfiguration

use of com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration in project sechub by mercedes-benz.

the class AbstractProductExecutor method configureSourceCodeHandlingIfNecessary.

private void configureSourceCodeHandlingIfNecessary(ProductExecutorData data) {
    if (scanType != ScanType.CODE_SCAN) {
        return;
    }
    // the information about paths is interesting for debugging but also necessary
    // for our integration tests - see mocked_setup.json
    Set<String> paths = new LinkedHashSet<>();
    data.codeUploadFileSystemFolderPaths = paths;
    SecHubConfiguration configuration = data.getSechubExecutionContext().getConfiguration();
    Optional<SecHubCodeScanConfiguration> codeScanOpt = configuration.getCodeScan();
    if (!codeScanOpt.isPresent()) {
        return;
    }
    SecHubCodeScanConfiguration codeScan = codeScanOpt.get();
    addFileSystemParts(paths, codeScan);
    Set<String> usedNames = codeScan.getNamesOfUsedDataConfigurationObjects();
    if (usedNames.isEmpty()) {
        return;
    }
    List<SecHubDataConfigurationObjectInfo> found = configObjectFinder.findDataObjectsByName(configuration, usedNames);
    for (SecHubDataConfigurationObjectInfo info : found) {
        if (info.getType() != SecHubDataConfigurationType.SOURCE) {
            continue;
        }
        SecHubDataConfigurationObject config = info.getDataConfigurationObject();
        if (!(config instanceof SecHubSourceDataConfiguration)) {
            LOG.warn("source object data was not expected {} but {}", SecHubSourceDataConfiguration.class, config.getClass());
            continue;
        }
        SecHubSourceDataConfiguration sourceDataConfig = (SecHubSourceDataConfiguration) config;
        addFileSystemParts(paths, sourceDataConfig);
    }
}
Also used : LinkedHashSet(java.util.LinkedHashSet) SecHubSourceDataConfiguration(com.mercedesbenz.sechub.commons.model.SecHubSourceDataConfiguration) SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) SecHubCodeScanConfiguration(com.mercedesbenz.sechub.commons.model.SecHubCodeScanConfiguration) SecHubDataConfigurationObject(com.mercedesbenz.sechub.commons.model.SecHubDataConfigurationObject) SecHubDataConfigurationObjectInfo(com.mercedesbenz.sechub.commons.model.SecHubDataConfigurationObjectInfo)

Example 17 with SecHubConfiguration

use of com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration in project sechub by mercedes-benz.

the class ScanServiceTest method scan_service_fetches_mock_configuration_and_puts_mock_project_configuration_complete_in_execution_context.

@Test
public void scan_service_fetches_mock_configuration_and_puts_mock_project_configuration_complete_in_execution_context() throws Exception {
    /* prepare */
    SecHubConfiguration configNoProjectId = prepareValidConfiguration();
    DomainMessage request = prepareRequest(configNoProjectId);
    ScanProjectMockDataConfiguration projectMockDataConfig = new ScanProjectMockDataConfiguration();
    projectMockDataConfig.setCodeScan(new ScanMockData(TrafficLight.YELLOW));
    ScanProjectConfig projectConfig = new ScanProjectConfig(ScanProjectConfigID.MOCK_CONFIGURATION, TEST_PROJECT_ID1);
    projectConfig.setData(projectMockDataConfig.toJSON());
    when(scanProjectConfigService.get("test-project-id1", ScanProjectConfigID.MOCK_CONFIGURATION, false)).thenReturn(projectConfig);
    /* execute */
    simulateEventSend(request, serviceToTest);
    /* test */
    ArgumentCaptor<SecHubExecutionContext> contextCaptor = ArgumentCaptor.forClass(SecHubExecutionContext.class);
    verify(codeScanProductExecutionService).executeProductsAndStoreResults(contextCaptor.capture());
    SecHubExecutionContext context = contextCaptor.getValue();
    assertEquals(projectMockDataConfig, context.getData(ScanKey.PROJECT_MOCKDATA_CONFIGURATION));
}
Also used : SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) ScanMockData(com.mercedesbenz.sechub.domain.scan.project.ScanMockData) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext) ScanProjectConfig(com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfig) ScanProjectMockDataConfiguration(com.mercedesbenz.sechub.domain.scan.project.ScanProjectMockDataConfiguration) DomainMessage(com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessage) Test(org.junit.Test)

Example 18 with SecHubConfiguration

use of com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration in project sechub by mercedes-benz.

the class ScanServiceTest method scan_service_fetches_configuration_without_accesscheck.

@Test
public void scan_service_fetches_configuration_without_accesscheck() throws Exception {
    /* prepare */
    SecHubConfiguration configNoProjectId = prepareValidConfiguration();
    DomainMessage request = prepareRequest(configNoProjectId);
    /* execute */
    simulateEventSend(request, serviceToTest);
    /* test */
    verify(scanProjectConfigService).get(TEST_PROJECT_ID1, ScanProjectConfigID.MOCK_CONFIGURATION, false);
}
Also used : SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) DomainMessage(com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessage) Test(org.junit.Test)

Example 19 with SecHubConfiguration

use of com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration in project sechub by mercedes-benz.

the class WebConfigBuilderStrategyTest method too_many_includes.

@Test
public void too_many_includes() {
    /* prepare */
    List<String> includes = new LinkedList<>();
    for (int i = 1; i <= 501; i++) {
        includes.add("/myapp" + i);
    }
    String json = createIncludesJson(includes);
    SecHubConfiguration configuration = SECHUB_CONFIG.fromJSON(json);
    SecHubExecutionContext context = new SecHubExecutionContext(UUID.randomUUID(), configuration, "test");
    WebConfigBuilderStrategy strategyToTest = new WebConfigBuilderStrategy(context);
    TestAbstractWebScanAdapterConfigBuilder configBuilder = new TestAbstractWebScanAdapterConfigBuilder();
    /* execute */
    IllegalArgumentException exception = Assertions.assertThrows(IllegalArgumentException.class, () -> {
        strategyToTest.configure(configBuilder);
    });
    /* test */
    assertEquals("A maximum of 500 includes are allowed.", exception.getMessage());
}
Also used : SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext) LinkedList(java.util.LinkedList) Test(org.junit.jupiter.api.Test)

Example 20 with SecHubConfiguration

use of com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration in project sechub by mercedes-benz.

the class WebConfigBuilderStrategyTest method include_too_long.

@Test
public void include_too_long() {
    /* prepare */
    // create long string
    StringBuilder sb = new StringBuilder();
    sb.append("/");
    for (int i = 0; i < 64; i++) {
        sb.append("abcdefghijklmnopqrstuvwxyz012345");
    }
    List<String> includes = new LinkedList<>();
    includes.add(sb.toString());
    String json = createIncludesJson(includes);
    SecHubConfiguration configuration = SECHUB_CONFIG.fromJSON(json);
    SecHubExecutionContext context = new SecHubExecutionContext(UUID.randomUUID(), configuration, "test");
    WebConfigBuilderStrategy strategyToTest = new WebConfigBuilderStrategy(context);
    TestAbstractWebScanAdapterConfigBuilder configBuilder = new TestAbstractWebScanAdapterConfigBuilder();
    /* execute */
    IllegalArgumentException exception = Assertions.assertThrows(IllegalArgumentException.class, () -> {
        strategyToTest.configure(configBuilder);
    });
    /* test */
    assertThat(exception.getMessage(), startsWith("Maximum URL length is 2048 characters. The first 2048 characters of the URL in question: /abcdefghijklmnopqrst"));
}
Also used : SecHubConfiguration(com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration) SecHubExecutionContext(com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext) LinkedList(java.util.LinkedList) Test(org.junit.jupiter.api.Test)

Aggregations

SecHubConfiguration (com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration)29 SecHubExecutionContext (com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionContext)15 Test (org.junit.jupiter.api.Test)10 LinkedList (java.util.LinkedList)8 UUIDTraceLogID (com.mercedesbenz.sechub.sharedkernel.UUIDTraceLogID)6 DomainMessage (com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessage)3 UUID (java.util.UUID)3 Test (org.junit.Test)3 SecHubCodeScanConfiguration (com.mercedesbenz.sechub.commons.model.SecHubCodeScanConfiguration)2 InfraScanNetworkLocationProvider (com.mercedesbenz.sechub.domain.scan.InfraScanNetworkLocationProvider)2 WebScanNetworkLocationProvider (com.mercedesbenz.sechub.domain.scan.WebScanNetworkLocationProvider)2 ProductExecutorContext (com.mercedesbenz.sechub.domain.scan.product.ProductExecutorContext)2 ProductExecutorConfig (com.mercedesbenz.sechub.domain.scan.product.config.ProductExecutorConfig)2 SecHubExecutionException (com.mercedesbenz.sechub.sharedkernel.execution.SecHubExecutionException)2 JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)2 ScanType (com.mercedesbenz.sechub.commons.model.ScanType)1 SecHubDataConfigurationObject (com.mercedesbenz.sechub.commons.model.SecHubDataConfigurationObject)1 SecHubDataConfigurationObjectInfo (com.mercedesbenz.sechub.commons.model.SecHubDataConfigurationObjectInfo)1 SecHubFileSystemConfiguration (com.mercedesbenz.sechub.commons.model.SecHubFileSystemConfiguration)1 SecHubLicenseScanConfiguration (com.mercedesbenz.sechub.commons.model.SecHubLicenseScanConfiguration)1