Search in sources :

Example 6 with JobStorage

use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.

the class PDSWorkspaceService method fetchStorage.

private JobStorage fetchStorage(UUID pdsJobUUID, PDSJobConfiguration config) {
    UUID jobUUID;
    String storagePath;
    PDSJobConfigurationSupport configurationSupport = new PDSJobConfigurationSupport(config);
    boolean useSecHubStorage = configurationSupport.isSecHubStorageEnabled();
    if (useSecHubStorage) {
        storagePath = configurationSupport.getSecHubStoragePath();
        jobUUID = config.getSechubJobUUID();
    } else {
        // will force default storage path for the PDS product
        storagePath = null;
        jobUUID = pdsJobUUID;
    }
    LOG.debug("PDS job {}: feching storage for storagePath = {} and jobUUID:{}, useSecHubStorage={}", pdsJobUUID, storagePath, jobUUID, useSecHubStorage);
    JobStorage storage = storageService.getJobStorage(storagePath, jobUUID);
    storageInfoCollector.informFetchedStorage(storagePath, config.getSechubJobUUID(), pdsJobUUID, storage);
    return storage;
}
Also used : UUID(java.util.UUID) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage)

Example 7 with JobStorage

use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.

the class PDSWorkspaceService method prepareWorkspace.

/**
 * Prepares workspace:
 * <ol>
 * <li><Fetch data from storage and copy to local workspace</li>
 * </ol>
 *
 * @param config
 */
public void prepareWorkspace(UUID jobUUID, PDSJobConfiguration config) throws IOException {
    PDSJobConfigurationSupport configurationSupport = new PDSJobConfigurationSupport(config);
    PreparationContext preparationContext = createPreparationContext(config, configurationSupport);
    File jobFolder = getUploadFolder(jobUUID);
    JobStorage storage = fetchStorage(jobUUID, config);
    Set<String> names = storage.listNames();
    LOG.debug("For jobUUID={} following names are found in storage:{}", jobUUID, names);
    for (String name : names) {
        if (isWantedStorageContent(name, configurationSupport, preparationContext)) {
            InputStream fetchedInputStream = storage.fetch(name);
            File uploadFile = new File(jobFolder, name);
            try {
                FileUtils.copyInputStreamToFile(fetchedInputStream, uploadFile);
                LOG.debug("Imported '{}' for job {} from storage to {}", name, jobUUID, uploadFile.getAbsolutePath());
            } catch (IOException e) {
                LOG.error("Was not able to import {} for job {}, reason:", name, jobUUID, e.getMessage());
                throw new IllegalArgumentException("Cannot import given file from storage", e);
            }
        } else {
            LOG.debug("Did NOT import '{}' for job {} from storage - was not wanted", name, jobUUID);
        }
    }
}
Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) IOException(java.io.IOException) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) File(java.io.File)

Example 8 with JobStorage

use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.

the class PDSWorkspaceService method cleanup.

public void cleanup(UUID jobUUID, PDSJobConfiguration config) throws IOException {
    FileUtils.deleteDirectory(getWorkspaceFolder(jobUUID));
    LOG.info("Removed workspace folder for job {}", jobUUID);
    PDSJobConfigurationSupport support = new PDSJobConfigurationSupport(config);
    if (support.isSecHubStorageEnabled()) {
        LOG.info("Removed NOT storage for PDS job {} because sechub storage and will be handled by sechub job {}", jobUUID, config.getSechubJobUUID());
    } else {
        JobStorage storage = fetchStorage(jobUUID, config);
        storage.deleteAll();
        LOG.info("Removed storage for job {}", jobUUID);
    }
}
Also used : JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage)

Example 9 with JobStorage

use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.

the class SchedulerBinariesUploadService method startUpload.

private void startUpload(String projectId, UUID jobUUID, HttpServletRequest request) throws FileUploadException, IOException, UnsupportedEncodingException {
    /* prepare */
    String checksumFromUser = null;
    String checksumCalculated = null;
    boolean fileDefinedByUser = false;
    boolean checkSumDefinedByUser = false;
    JobStorage jobStorage = storageService.getJobStorage(projectId, jobUUID);
    ServletFileUpload upload = new ServletFileUpload();
    long maxUploadSize = configuration.getMaxUploadSizeInBytes();
    // we accept 600 bytes more for header, checksum etc.
    upload.setSizeMax(maxUploadSize + 600);
    upload.setFileSizeMax(maxUploadSize);
    /*
         * Important: this next call of "upload.getItemIterator(..)" looks very simple,
         * but it creates a new <code>FileItemIteratorImpl</code> instances which
         * internally does some heavy things on creation: It does create a new input
         * stream, checks for max size handling and much more. We want to avoid creating
         * the iterator multiple times!
         *
         * Also any access to the origin request to access the parameter/field names
         * does always trigger a multipart resolving which uses again the underlying
         * standard Servlet mechanism and the configured max sizes there!
         *
         * So we could only check parameters with another item iterator when we want to
         * handle this specialized, but the item iterator should be created only one
         * time (see explained reason before).
         *
         * This is the reason, why we do not check the user input at the beginning but
         * only at the end. This is maybe inconvenient for the user when forgetting to
         * define a field, but this normally happens only one time and the benefit of
         * avoiding side effects. In addition, the performance (speed) does matter here.
         *
         * ------------------------- So please do NOT change! -------------------------
         */
    FileItemIterator iterStream = upload.getItemIterator(request);
    while (iterStream.hasNext()) {
        FileItemStream item = iterStream.next();
        String fieldName = item.getFieldName();
        switch(fieldName) {
            case PARAMETER_CHECKSUM:
                try (InputStream checkSumInputStream = item.openStream()) {
                    checksumFromUser = Streams.asString(checkSumInputStream);
                    assertion.assertIsValidSha256Checksum(checksumFromUser);
                    jobStorage.store(FILENAME_BINARIES_TAR_CHECKSUM, new StringInputStream(checksumFromUser));
                    LOG.info("uploaded user defined checksum as file for {}", jobUUID);
                }
                checkSumDefinedByUser = true;
                break;
            case PARAMETER_FILE:
                try (InputStream fileInputstream = item.openStream()) {
                    MessageDigest digest = checksumSHA256Service.createSHA256MessageDigest();
                    MessageDigestCalculatingInputStream messageDigestInputStream = new MessageDigestCalculatingInputStream(fileInputstream, digest);
                    jobStorage.store(FILENAME_BINARIES_TAR, messageDigestInputStream);
                    LOG.info("uploaded binaries for {}", jobUUID);
                    checksumCalculated = checksumSHA256Service.convertMessageDigestToHex(digest);
                }
                fileDefinedByUser = true;
                break;
            default:
                LOG.warn("Given field '{}' is not supported while uploading binaries to project {}, {}", logSanitizer.sanitize(fieldName, 30), logSanitizer.sanitize(projectId, 30), jobUUID);
        }
    }
    if (!fileDefinedByUser) {
        throw new BadRequestException("No file defined by user for binaries upload!");
    }
    if (!checkSumDefinedByUser) {
        throw new BadRequestException("No checksum defined by user for binaries upload!");
    }
    if (checksumFromUser == null) {
        throw new BadRequestException("No user checksum available for binaries upload!");
    }
    if (checksumCalculated == null) {
        throw new BadRequestException("Upload of binaries was not possible!");
    }
    assertCheckSumCorrect(checksumFromUser, checksumCalculated);
}
Also used : StringInputStream(com.amazonaws.util.StringInputStream) ServletFileUpload(org.apache.commons.fileupload.servlet.ServletFileUpload) FileItemStream(org.apache.commons.fileupload.FileItemStream) StringInputStream(com.amazonaws.util.StringInputStream) MessageDigestCalculatingInputStream(org.apache.commons.io.input.MessageDigestCalculatingInputStream) InputStream(java.io.InputStream) MessageDigestCalculatingInputStream(org.apache.commons.io.input.MessageDigestCalculatingInputStream) BadRequestException(com.mercedesbenz.sechub.sharedkernel.error.BadRequestException) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) MessageDigest(java.security.MessageDigest) FileItemIterator(org.apache.commons.fileupload.FileItemIterator)

Example 10 with JobStorage

use of com.mercedesbenz.sechub.storage.core.JobStorage in project sechub by mercedes-benz.

the class ScanServiceTest method before.

@Before
public void before() throws Exception {
    storageService = mock(StorageService.class);
    jobStorage = mock(JobStorage.class);
    scanProjectConfigService = mock(ScanProjectConfigService.class);
    scanJobRegistry = mock(ScanJobListener.class);
    monitorFactory = mock(ScanProgressMonitorFactory.class);
    ProgressMonitor monitor = mock(ProgressMonitor.class);
    when(monitor.getId()).thenReturn("monitor-test-id");
    when(storageService.getJobStorage(any(), any())).thenReturn(jobStorage);
    when(monitorFactory.createProgressMonitor(any())).thenReturn(monitor);
    webScanProductExecutionService = mock(WebScanProductExecutionService.class);
    codeScanProductExecutionService = mock(CodeScanProductExecutionService.class);
    infrastructureScanProductExecutionService = mock(InfrastructureScanProductExecutionService.class);
    scanLogService = mock(ProjectScanLogService.class);
    reportService = mock(CreateScanReportService.class);
    report = mock(ScanReport.class);
    when(report.getTrafficLightAsString()).thenReturn(TRAFFIC_LIGHT);
    when(reportService.createReport(any())).thenReturn(report);
    serviceToTest = new ScanService();
    serviceToTest.webScanProductExecutionService = webScanProductExecutionService;
    serviceToTest.infraScanProductExecutionService = infrastructureScanProductExecutionService;
    serviceToTest.codeScanProductExecutionService = codeScanProductExecutionService;
    serviceToTest.reportService = reportService;
    serviceToTest.storageService = storageService;
    serviceToTest.scanLogService = scanLogService;
    serviceToTest.scanProjectConfigService = scanProjectConfigService;
    serviceToTest.scanJobListener = scanJobRegistry;
    serviceToTest.monitorFactory = monitorFactory;
}
Also used : ScanReport(com.mercedesbenz.sechub.domain.scan.report.ScanReport) CodeScanProductExecutionService(com.mercedesbenz.sechub.domain.scan.product.CodeScanProductExecutionService) StorageService(com.mercedesbenz.sechub.storage.core.StorageService) ProgressMonitor(com.mercedesbenz.sechub.sharedkernel.ProgressMonitor) ProjectScanLogService(com.mercedesbenz.sechub.domain.scan.log.ProjectScanLogService) ScanProjectConfigService(com.mercedesbenz.sechub.domain.scan.project.ScanProjectConfigService) InfrastructureScanProductExecutionService(com.mercedesbenz.sechub.domain.scan.product.InfrastructureScanProductExecutionService) WebScanProductExecutionService(com.mercedesbenz.sechub.domain.scan.product.WebScanProductExecutionService) JobStorage(com.mercedesbenz.sechub.storage.core.JobStorage) CreateScanReportService(com.mercedesbenz.sechub.domain.scan.report.CreateScanReportService) Before(org.junit.Before)

Aggregations

JobStorage (com.mercedesbenz.sechub.storage.core.JobStorage)19 InputStream (java.io.InputStream)11 StringInputStream (com.amazonaws.util.StringInputStream)8 UUID (java.util.UUID)8 IOException (java.io.IOException)5 AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)3 ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)3 MetaDataInspection (com.mercedesbenz.sechub.sharedkernel.metadata.MetaDataInspection)3 CheckmarxAdapterConfig (com.mercedesbenz.sechub.adapter.checkmarx.CheckmarxAdapterConfig)2 SecHubRuntimeException (com.mercedesbenz.sechub.commons.model.SecHubRuntimeException)2 SecHubConfiguration (com.mercedesbenz.sechub.sharedkernel.configuration.SecHubConfiguration)2 MultiStorageService (com.mercedesbenz.sechub.sharedkernel.storage.MultiStorageService)2 S3Setup (com.mercedesbenz.sechub.storage.core.S3Setup)2 SharedVolumeSetup (com.mercedesbenz.sechub.storage.core.SharedVolumeSetup)2 BufferedReader (java.io.BufferedReader)2 InputStreamReader (java.io.InputStreamReader)2 MessageDigest (java.security.MessageDigest)2 FileItemIterator (org.apache.commons.fileupload.FileItemIterator)2 FileItemStream (org.apache.commons.fileupload.FileItemStream)2 ServletFileUpload (org.apache.commons.fileupload.servlet.ServletFileUpload)2