use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.
the class PDSWorkspaceService method fetchStorage.
private JobStorage fetchStorage(UUID pdsJobUUID, PDSJobConfiguration config) {
UUID jobUUID;
String storagePath;
PDSJobConfigurationSupport configurationSupport = new PDSJobConfigurationSupport(config);
boolean useSecHubStorage = configurationSupport.isSecHubStorageEnabled();
if (useSecHubStorage) {
storagePath = configurationSupport.getSecHubStoragePath();
jobUUID = config.getSechubJobUUID();
} else {
// will force default storage path for the PDS product
storagePath = null;
jobUUID = pdsJobUUID;
}
LOG.debug("PDS job {}: feching storage for storagePath = {} and jobUUID:{}, useSecHubStorage={}", pdsJobUUID, storagePath, jobUUID, useSecHubStorage);
JobStorage storage = storageService.getJobStorage(storagePath, jobUUID);
storageInfoCollector.informFetchedStorage(storagePath, config.getSechubJobUUID(), pdsJobUUID, storage);
return storage;
}
use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.
the class PDSWorkspaceService method prepareWorkspace.
/**
* Prepares workspace:
* <ol>
* <li><Fetch data from storage and copy to local workspace</li>
* </ol>
*
* @param config
*/
public void prepareWorkspace(UUID jobUUID, PDSJobConfiguration config) throws IOException {
PDSJobConfigurationSupport configurationSupport = new PDSJobConfigurationSupport(config);
PreparationContext preparationContext = createPreparationContext(config, configurationSupport);
File jobFolder = getUploadFolder(jobUUID);
JobStorage storage = fetchStorage(jobUUID, config);
Set<String> names = storage.listNames();
LOG.debug("For jobUUID={} following names are found in storage:{}", jobUUID, names);
for (String name : names) {
if (isWantedStorageContent(name, configurationSupport, preparationContext)) {
InputStream fetchedInputStream = storage.fetch(name);
File uploadFile = new File(jobFolder, name);
try {
FileUtils.copyInputStreamToFile(fetchedInputStream, uploadFile);
LOG.debug("Imported '{}' for job {} from storage to {}", name, jobUUID, uploadFile.getAbsolutePath());
} catch (IOException e) {
LOG.error("Was not able to import {} for job {}, reason:", name, jobUUID, e.getMessage());
throw new IllegalArgumentException("Cannot import given file from storage", e);
}
} else {
LOG.debug("Did NOT import '{}' for job {} from storage - was not wanted", name, jobUUID);
}
}
}
use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.
the class PDSWorkspaceService method cleanup.
public void cleanup(UUID jobUUID, PDSJobConfiguration config) throws IOException {
FileUtils.deleteDirectory(getWorkspaceFolder(jobUUID));
LOG.info("Removed workspace folder for job {}", jobUUID);
PDSJobConfigurationSupport support = new PDSJobConfigurationSupport(config);
if (support.isSecHubStorageEnabled()) {
LOG.info("Removed NOT storage for PDS job {} because sechub storage and will be handled by sechub job {}", jobUUID, config.getSechubJobUUID());
} else {
JobStorage storage = fetchStorage(jobUUID, config);
storage.deleteAll();
LOG.info("Removed storage for job {}", jobUUID);
}
}
use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.
the class SchedulerBinariesUploadService method startUpload.
private void startUpload(String projectId, UUID jobUUID, HttpServletRequest request) throws FileUploadException, IOException, UnsupportedEncodingException {
/* prepare */
String checksumFromUser = null;
String checksumCalculated = null;
boolean fileDefinedByUser = false;
boolean checkSumDefinedByUser = false;
JobStorage jobStorage = storageService.getJobStorage(projectId, jobUUID);
ServletFileUpload upload = new ServletFileUpload();
long maxUploadSize = configuration.getMaxUploadSizeInBytes();
// we accept 600 bytes more for header, checksum etc.
upload.setSizeMax(maxUploadSize + 600);
upload.setFileSizeMax(maxUploadSize);
/*
* Important: this next call of "upload.getItemIterator(..)" looks very simple,
* but it creates a new <code>FileItemIteratorImpl</code> instances which
* internally does some heavy things on creation: It does create a new input
* stream, checks for max size handling and much more. We want to avoid creating
* the iterator multiple times!
*
* Also any access to the origin request to access the parameter/field names
* does always trigger a multipart resolving which uses again the underlying
* standard Servlet mechanism and the configured max sizes there!
*
* So we could only check parameters with another item iterator when we want to
* handle this specialized, but the item iterator should be created only one
* time (see explained reason before).
*
* This is the reason, why we do not check the user input at the beginning but
* only at the end. This is maybe inconvenient for the user when forgetting to
* define a field, but this normally happens only one time and the benefit of
* avoiding side effects. In addition, the performance (speed) does matter here.
*
* ------------------------- So please do NOT change! -------------------------
*/
FileItemIterator iterStream = upload.getItemIterator(request);
while (iterStream.hasNext()) {
FileItemStream item = iterStream.next();
String fieldName = item.getFieldName();
switch(fieldName) {
case PARAMETER_CHECKSUM:
try (InputStream checkSumInputStream = item.openStream()) {
checksumFromUser = Streams.asString(checkSumInputStream);
assertion.assertIsValidSha256Checksum(checksumFromUser);
jobStorage.store(FILENAME_BINARIES_TAR_CHECKSUM, new StringInputStream(checksumFromUser));
LOG.info("uploaded user defined checksum as file for {}", jobUUID);
}
checkSumDefinedByUser = true;
break;
case PARAMETER_FILE:
try (InputStream fileInputstream = item.openStream()) {
MessageDigest digest = checksumSHA256Service.createSHA256MessageDigest();
MessageDigestCalculatingInputStream messageDigestInputStream = new MessageDigestCalculatingInputStream(fileInputstream, digest);
jobStorage.store(FILENAME_BINARIES_TAR, messageDigestInputStream);
LOG.info("uploaded binaries for {}", jobUUID);
checksumCalculated = checksumSHA256Service.convertMessageDigestToHex(digest);
}
fileDefinedByUser = true;
break;
default:
LOG.warn("Given field '{}' is not supported while uploading binaries to project {}, {}", logSanitizer.sanitize(fieldName, 30), logSanitizer.sanitize(projectId, 30), jobUUID);
}
}
if (!fileDefinedByUser) {
throw new BadRequestException("No file defined by user for binaries upload!");
}
if (!checkSumDefinedByUser) {
throw new BadRequestException("No checksum defined by user for binaries upload!");
}
if (checksumFromUser == null) {
throw new BadRequestException("No user checksum available for binaries upload!");
}
if (checksumCalculated == null) {
throw new BadRequestException("Upload of binaries was not possible!");
}
assertCheckSumCorrect(checksumFromUser, checksumCalculated);
}
use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.
the class ScanServiceTest method before.
@Before
public void before() throws Exception {
storageService = mock(StorageService.class);
jobStorage = mock(JobStorage.class);
scanProjectConfigService = mock(ScanProjectConfigService.class);
scanJobRegistry = mock(ScanJobListener.class);
monitorFactory = mock(ScanProgressMonitorFactory.class);
ProgressMonitor monitor = mock(ProgressMonitor.class);
when(monitor.getId()).thenReturn("monitor-test-id");
when(storageService.getJobStorage(any(), any())).thenReturn(jobStorage);
when(monitorFactory.createProgressMonitor(any())).thenReturn(monitor);
webScanProductExecutionService = mock(WebScanProductExecutionService.class);
codeScanProductExecutionService = mock(CodeScanProductExecutionService.class);
infrastructureScanProductExecutionService = mock(InfrastructureScanProductExecutionService.class);
scanLogService = mock(ProjectScanLogService.class);
reportService = mock(CreateScanReportService.class);
report = mock(ScanReport.class);
when(report.getTrafficLightAsString()).thenReturn(TRAFFIC_LIGHT);
when(reportService.createReport(any())).thenReturn(report);
serviceToTest = new ScanService();
serviceToTest.webScanProductExecutionService = webScanProductExecutionService;
serviceToTest.infraScanProductExecutionService = infrastructureScanProductExecutionService;
serviceToTest.codeScanProductExecutionService = codeScanProductExecutionService;
serviceToTest.reportService = reportService;
serviceToTest.storageService = storageService;
serviceToTest.scanLogService = scanLogService;
serviceToTest.scanProjectConfigService = scanProjectConfigService;
serviceToTest.scanJobListener = scanJobRegistry;
serviceToTest.monitorFactory = monitorFactory;
}
Aggregations