diff --git a/pom.xml b/pom.xml
index a2631a7..c3946f2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -67,6 +67,7 @@
3.7.0.1746
+ org.apache.maven.plugins
maven-compiler-plugin
3.7.0
diff --git a/src/main/java/com/cx/plugin/configuration/AgentTaskConfigurator.java b/src/main/java/com/cx/plugin/configuration/AgentTaskConfigurator.java
index 796c621..c72f3f7 100644
--- a/src/main/java/com/cx/plugin/configuration/AgentTaskConfigurator.java
+++ b/src/main/java/com/cx/plugin/configuration/AgentTaskConfigurator.java
@@ -314,7 +314,10 @@ private void populateOSA_SCA_FieldsForCreate(Map context) {
context.put(GLOBAL_CXSCA_ACCOUNT_NAME,getAdminConfig(GLOBAL_CXSCA_ACCOUNT_NAME));
context.put(GLOBAL_CXSCA_USERNAME,getAdminConfig(GLOBAL_CXSCA_USERNAME));
context.put(GLOBAL_CXSCA_PWD,getAdminConfig(GLOBAL_CXSCA_PWD));
-
+
+ context.put(CXSCA_RESOLVER_ENABLED_GLOBAL,getAdminConfig(CXSCA_RESOLVER_ENABLED_GLOBAL));
+ context.put(CXSCA_RESOLVER_PATH_GLOBAL,getAdminConfig(CXSCA_RESOLVER_PATH_GLOBAL));
+ context.put(CXSCA_RESOLVER_ADD_PARAM_GLOBAL,getAdminConfig(CXSCA_RESOLVER_ADD_PARAM_GLOBAL));
context.put(GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS, getAdminConfig(GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS));
context.put(GLOBAL_OSA_INSTALL_BEFORE_SCAN, getAdminConfig(GLOBAL_OSA_INSTALL_BEFORE_SCAN));
@@ -550,9 +553,9 @@ private Map generateCxOSAAndSCAFields(@NotNull final ActionParam
config.put(CXSCA_USERNAME,getAdminConfig(GLOBAL_CXSCA_USERNAME).trim());
config.put(CXSCA_PWD,getAdminConfig(GLOBAL_CXSCA_PWD).trim());
- config.put(CXSCA_RESOLVER_ENABLED_GLOBAL,getDefaultString(params, CXSCA_RESOLVER_ENABLED_GLOBAL).trim());
- config.put(CXSCA_RESOLVER_PATH_GLOBAL,getDefaultString(params, CXSCA_RESOLVER_PATH_GLOBAL).trim());
- config.put(CXSCA_RESOLVER_ADD_PARAM_GLOBAL,getDefaultString(params, CXSCA_RESOLVER_ADD_PARAM_GLOBAL).trim());
+ config.put(CXSCA_RESOLVER_ENABLED_GLOBAL,getAdminConfig(CXSCA_RESOLVER_ENABLED_GLOBAL).trim());
+ config.put(CXSCA_RESOLVER_PATH_GLOBAL,getAdminConfig(CXSCA_RESOLVER_PATH_GLOBAL).trim());
+ config.put(CXSCA_RESOLVER_ADD_PARAM_GLOBAL,getAdminConfig(CXSCA_RESOLVER_ADD_PARAM_GLOBAL).trim());
}
@@ -664,12 +667,10 @@ public void validate(@NotNull final ActionParametersMap params, @NotNull final E
}
validateNotEmpty(params, errorCollection, PROJECT_NAME);
if(scaResolverEnabled && useGlobalSettings && enableDependancyScan){
- validateNotEmpty(params, errorCollection, CXSCA_RESOLVER_PATH);
- validateNotEmpty(params, errorCollection, CXSCA_RESOLVER_ADD_PARAM);
+ validateNotEmpty(params, errorCollection, CXSCA_RESOLVER_PATH);
}
if(scaResolverEnabledGlobal && !useGlobalSettings && enableDependancyScan){
validateNotEmpty(params, errorCollection, CXSCA_RESOLVER_PATH_GLOBAL);
- validateNotEmpty(params, errorCollection, CXSCA_RESOLVER_ADD_PARAM_GLOBAL);
}
containsIllegals(params, errorCollection, PROJECT_NAME);
validateProjectNameLength(params, errorCollection, PROJECT_NAME);
diff --git a/src/main/java/com/cx/plugin/configuration/CxGlobalConfig.java b/src/main/java/com/cx/plugin/configuration/CxGlobalConfig.java
index cacad22..3eb9cd4 100644
--- a/src/main/java/com/cx/plugin/configuration/CxGlobalConfig.java
+++ b/src/main/java/com/cx/plugin/configuration/CxGlobalConfig.java
@@ -66,6 +66,10 @@ public class CxGlobalConfig extends GlobalAdminAction {
private String globalcxScaAccessControlServerUrl = DEFAULT_CXSCA_ACCESS_CONTROL_URL;
private String globalcxScaWebAppUrl = DEFAULT_CXSCA_WEB_APP_URL;
private String globalcxScaAccountName = "";
+
+ private String globalCxScaResolverEnabled;
+ private String globalCxScaResolverPath;
+ private String globalCxScaResolverAddParam;
private Map globalDependencyScanTypeValues = ImmutableMap.of("OSA", "Use CxOSA dependency scanner", "AST_SCA", "Use CxSCA dependency scanner");
@@ -104,7 +108,11 @@ public String execute() {
globalcxScaUsername = adminConfig.getSystemProperty(GLOBAL_CXSCA_USERNAME);
globalcxScaPss = adminConfig.getSystemProperty(GLOBAL_CXSCA_PWD);
-
+
+ globalCxScaResolverEnabled = adminConfig.getSystemProperty(CXSCA_RESOLVER_ENABLED_GLOBAL);
+ globalCxScaResolverPath = adminConfig.getSystemProperty(CXSCA_RESOLVER_PATH_GLOBAL);
+ globalCxScaResolverAddParam = adminConfig.getSystemProperty(CXSCA_RESOLVER_ADD_PARAM_GLOBAL);
+
globalFolderExclusions = adminConfig.getSystemProperty(GLOBAL_FOLDER_EXCLUSION);
String filterProperty = adminConfig.getSystemProperty(GLOBAL_FILTER_PATTERN);
if (filterProperty != null) {
@@ -177,6 +185,10 @@ public String save() {
adminConfig.setSystemProperty(GLOBAL_CXSCA_USERNAME, globalcxScaUsername);
adminConfig.setSystemProperty(GLOBAL_CXSCA_PWD, encrypt(globalcxScaPss));
+ adminConfig.setSystemProperty(CXSCA_RESOLVER_ENABLED_GLOBAL, globalCxScaResolverEnabled);
+ adminConfig.setSystemProperty(CXSCA_RESOLVER_PATH_GLOBAL, globalCxScaResolverPath);
+ adminConfig.setSystemProperty(CXSCA_RESOLVER_ADD_PARAM_GLOBAL, globalCxScaResolverAddParam);
+
adminConfig.setSystemProperty(GLOBAL_FOLDER_EXCLUSION, globalFolderExclusions);
adminConfig.setSystemProperty(GLOBAL_FILTER_PATTERN, globalFilterPatterns);
adminConfig.setSystemProperty(GLOBAL_SCAN_TIMEOUT_IN_MINUTES, globalScanTimeoutInMinutes);
@@ -513,6 +525,23 @@ public void setGlobalcxScaAccountName(String globalcxScaAccountName) {
this.globalcxScaAccountName = globalcxScaAccountName;
}
+ public String getGlobalCxScaResolverEnabled() { return globalCxScaResolverEnabled; }
+
+ public void setGlobalCxScaResolverEnabled(String globalCxScaResolverEnabled) {
+ this.globalCxScaResolverEnabled = globalCxScaResolverEnabled;
+ }
+
+ public String getGlobalCxScaResolverPath() { return globalCxScaResolverPath; }
+
+ public void setGlobalCxScaResolverPath(String globalCxScaResolverPath) {
+ this.globalCxScaResolverPath = globalCxScaResolverPath;
+ }
+
+ public String getGlobalCxScaResolverAddParam() { return globalCxScaResolverAddParam; }
+
+ public void setGlobalCxScaResolverAddParam(String globalCxScaResolverAddParam) {
+ this.globalCxScaResolverAddParam = globalCxScaResolverAddParam;
+ }
public Map getGlobalDependencyScanTypeValues() {
return globalDependencyScanTypeValues;
diff --git a/src/main/java/com/cx/plugin/utils/CxConfigHelper.java b/src/main/java/com/cx/plugin/utils/CxConfigHelper.java
index c7555e5..ece6a3a 100644
--- a/src/main/java/com/cx/plugin/utils/CxConfigHelper.java
+++ b/src/main/java/com/cx/plugin/utils/CxConfigHelper.java
@@ -93,11 +93,7 @@
import java.net.URLDecoder;
import java.text.ParseException;
import java.text.SimpleDateFormat;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
+import java.util.*;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.SystemUtils;
@@ -113,6 +109,7 @@
import com.cx.restclient.dto.ProxyConfig;
import com.cx.restclient.dto.ScannerType;
import com.cx.restclient.exception.CxClientException;
+import com.cx.restclient.sca.utils.CxSCAResolverUtils;
/**
* Created by Galn on 25/10/2017.
@@ -132,6 +129,8 @@ public class CxConfigHelper {
private boolean dependencyScanEnabled;
private ScannerType dependencyScanType;
private boolean effectiveIncrementalScan;
+ private static final String scaResolverResultPath = ".cxscaresolver" + File.separator + "sca";
+ private static final String scaResolverSastResultPath = ".cxscaresolver" + File.separator + "sast";
public boolean isEffectiveIncrementalScan() {
return effectiveIncrementalScan;
@@ -254,7 +253,11 @@ public CxScanConfig resolveConfigurationMap(ConfigurationMap configMap, File wor
scanConfig.setOsaFolderExclusions(configMap.get(DEPENDENCY_SCAN_FOLDER_EXCLUDE));
if(configMap.get(DEPENDENCY_SCAN_TYPE).equalsIgnoreCase(ScannerType.AST_SCA.toString())) {
scannerType = ScannerType.AST_SCA;
- scanConfig.setAstScaConfig(getScaConfig(configMap, false));
+ try {
+ scanConfig.setAstScaConfig(getScaConfig(configMap, workDir, false));
+ } catch(ParseException e) {
+ throw new TaskException("Could not parse SCA additional arguments.", e);
+ }
}else {
scannerType = ScannerType.OSA;
scanConfig.setOsaArchiveIncludePatterns(configMap.get(OSA_ARCHIVE_INCLUDE_PATTERNS));
@@ -266,7 +269,11 @@ public CxScanConfig resolveConfigurationMap(ConfigurationMap configMap, File wor
scanConfig.setOsaFolderExclusions(getAdminConfig(GLOBAL_DEPENDENCY_SCAN_FOLDER_EXCLUDE));
if(getAdminConfig(GLOBAL_DEPENDENCY_SCAN_TYPE).equalsIgnoreCase(ScannerType.AST_SCA.toString())) {
scannerType = ScannerType.AST_SCA;
- scanConfig.setAstScaConfig(getScaConfig(configMap, true));
+ try {
+ scanConfig.setAstScaConfig(getScaConfig(configMap, workDir, true));
+ } catch(ParseException e) {
+ throw new TaskException("Could not parse SCA additional arguments.", e);
+ }
}else {
scannerType = ScannerType.OSA;
scanConfig.setOsaArchiveIncludePatterns(getAdminConfig(GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS));
@@ -416,7 +423,7 @@ private String getAdminConfig(String key) {
return StringUtils.defaultString(adminConfig.getSystemProperty(key));
}
- private AstScaConfig getScaConfig(ConfigurationMap configMap, boolean fromGlobal) {
+ private AstScaConfig getScaConfig(ConfigurationMap configMap, File workDir, boolean fromGlobal) throws ParseException {
AstScaConfig result = new AstScaConfig();
if(fromGlobal) {
@@ -426,12 +433,10 @@ private AstScaConfig getScaConfig(ConfigurationMap configMap, boolean fromGlobal
result.setTenant(getAdminConfig(GLOBAL_CXSCA_ACCOUNT_NAME));
result.setUsername(getAdminConfig(GLOBAL_CXSCA_USERNAME));
result.setPassword(decrypt(getAdminConfig(GLOBAL_CXSCA_PWD)));
- if(OPTION_TRUE.equalsIgnoreCase(configMap.get(CXSCA_RESOLVER_ENABLED_GLOBAL))) {
- validateScaResolverParams(configMap.get(CXSCA_RESOLVER_ADD_PARAM_GLOBAL));
- result.setPathToScaResolver(configMap.get(CXSCA_RESOLVER_PATH_GLOBAL));
- result.setScaResolverAddParameters(configMap.get(CXSCA_RESOLVER_ADD_PARAM_GLOBAL));
+ if(OPTION_TRUE.equalsIgnoreCase(getAdminConfig(CXSCA_RESOLVER_ENABLED_GLOBAL))) {
+ result.setPathToScaResolver(getAdminConfig(CXSCA_RESOLVER_PATH_GLOBAL));
+ result.setScaResolverAddParameters(generateScaResolverParams(configMap, workDir, true));
result.setEnableScaResolver(true);
-
}
@@ -444,11 +449,9 @@ private AstScaConfig getScaConfig(ConfigurationMap configMap, boolean fromGlobal
result.setPassword(decrypt(configMap.get(CXSCA_PWD)));
if(OPTION_TRUE.equalsIgnoreCase(configMap.get(CXSCA_RESOLVER_ENABLED))) {
- validateScaResolverParams(configMap.get(CXSCA_RESOLVER_ADD_PARAM));
result.setPathToScaResolver(configMap.get(CXSCA_RESOLVER_PATH));
- result.setScaResolverAddParameters(configMap.get(CXSCA_RESOLVER_ADD_PARAM));
+ result.setScaResolverAddParameters(generateScaResolverParams(configMap, workDir, false));
result.setEnableScaResolver(true);
-
}
@@ -456,32 +459,38 @@ private AstScaConfig getScaConfig(ConfigurationMap configMap, boolean fromGlobal
return result;
}
-
-
- private static void validateScaResolverParams(String additionalParams) {
- String[] arguments = additionalParams.split(" ");
+ private List generateScaResolverParams(ConfigurationMap configMap, File workDir, boolean fromGlobal)
+ throws ParseException {
Map params = new HashMap<>();
-
- for (int i = 0; i < arguments.length ; i++) {
- if(arguments[i].startsWith("-") && (i+1 != arguments.length && !arguments[i+1].startsWith("-")))
- params.put(arguments[i], arguments[i+1]);
- else
- params.put(arguments[i], "");
+ /* Mandatory Parameters */
+ params.put("--resolver-result-path", workDir.getAbsolutePath() + File.separator + scaResolverResultPath);
+ params.put("--scan-path", workDir.getAbsolutePath());
+ params.put("--project-name", configMap.get(PROJECT_NAME).trim());
+ /* CxSAST Parameters */
+ params.put("--sast-result-path", workDir.getAbsolutePath() + File.separator + scaResolverSastResultPath);
+ params.put("--cxserver", fromGlobal ? getAdminConfig(GLOBAL_SERVER_URL) : configMap.get(SERVER_URL));
+ params.put("--cxuser", fromGlobal ? getAdminConfig(GLOBAL_USER_NAME) : configMap.get(USER_NAME));
+ params.put("--cxpassword", decrypt(fromGlobal ? getAdminConfig(GLOBAL_PWD) : configMap.get(PASSWORD)));
+ params.put("--cxprojectname", configMap.get(PROJECT_NAME).trim());
+ /* User additional arguments */
+ params.putAll(
+ CxSCAResolverUtils.parseArguments(
+ fromGlobal ? getAdminConfig(CXSCA_RESOLVER_ADD_PARAM_GLOBAL) : configMap.get(CXSCA_RESOLVER_ADD_PARAM)
+ )
+ );
+
+ List resolved = new ArrayList<>();
+ for (Map.Entry entry : params.entrySet()) {
+ if (entry.getValue() != null) {
+ resolved.add(entry.getKey());
+ resolved.add(entry.getValue());
+ } else {
+ resolved.add(entry.getKey());
+ }
}
- String dirPath = params.get("-s");
- if(StringUtils.isEmpty(dirPath))
- throw new CxClientException("Source code path (-s ) is not provided.");
-
- String projectName = params.get("-n");
- if(StringUtils.isEmpty(projectName))
- throw new CxClientException("Project name parameter (-n ) must be provided to ScaResolver.");
-
- String resultParam = params.get("-r");
- if(StringUtils.isEmpty(resultParam))
- throw new CxClientException("Result path parameter (-r ) must be provided to ScaResolver.");
-
+ return resolved;
}
private static void fileExists(String file) {
diff --git a/src/main/resources/com/cx/plugin/cxGlobalConfig.ftl b/src/main/resources/com/cx/plugin/cxGlobalConfig.ftl
index 9ab780c..c127665 100644
--- a/src/main/resources/com/cx/plugin/cxGlobalConfig.ftl
+++ b/src/main/resources/com/cx/plugin/cxGlobalConfig.ftl
@@ -131,6 +131,12 @@
[@ww.password labelKey="cxScaGlobalPassword.label" name="globalcxScaPss" showPassword='true' /]
+
+ [@ww.checkbox labelKey="cxScaResolverEnabled.label" name="globalCxScaResolverEnabled" id="globalCxScaResolverEnabled" toggle='true' /]
+ [@ui.bambooSection title='SCA Resolver' cssClass="cx" dependsOn="globalCxScaResolverEnabled" showOn="true"]
+ [@ww.textfield labelKey="cxScaResolverPath.label" name="globalCxScaResolverPath" id="globalCxScaResolverPath" descriptionKey="cxScaResolverPath.description" required='true'/]
+ [@ww.textarea labelKey="cxScaResolverAddParam.label" name="globalCxScaResolverAddParam" id="globalCxScaResolverAddParam" descriptionKey="cxScaResolverAddParam.description" rows="3" cssClass="long-field"/]
+ [/@ui.bambooSection]
[/@ui.bambooSection]
[/@ui.bambooSection]
[/@ui.bambooSection]
diff --git a/src/main/resources/com/cx/plugin/editExampleTask.ftl b/src/main/resources/com/cx/plugin/editExampleTask.ftl
index 401a768..e1f1483 100644
--- a/src/main/resources/com/cx/plugin/editExampleTask.ftl
+++ b/src/main/resources/com/cx/plugin/editExampleTask.ftl
@@ -189,11 +189,11 @@
[@ww.password labelKey="cxScaPassword.label" id="cxScaPassword" name="cxScaPassword" showPassword='true' required='true'/]
-
+
[@ww.checkbox labelKey="cxScaResolverEnabled.label" name="cxScaResolverEnabled" id="cxScaResolverEnabled" toggle='true' /]
[@ui.bambooSection title='SCA Resolver' dependsOn='cxScaResolverEnabled' showOn='true' cssClass="cx"]
[@ww.textfield labelKey="cxScaResolverPath.label" name="cxScaResolverPath" id="cxScaResolverPath" descriptionKey="cxScaResolverPath.description" required='true'/]
- [@ww.textarea labelKey="cxScaResolverAddParam.label" name="cxScaResolverAddParam" id="cxScaResolverAddParam" descriptionKey="cxScaResolverAddParam.description" required='true'/]
+ [@ww.textarea labelKey="cxScaResolverAddParam.label" name="cxScaResolverAddParam" id="cxScaResolverAddParam" descriptionKey="cxScaResolverAddParam.description" rows="3" cssClass="long-field"/]
[/@ui.bambooSection]
[/@ui.bambooSection]
[/@ui.bambooSection]
@@ -228,12 +228,12 @@
[@ww.label labelKey="cxScaUsername.label" name="globalcxScaUsername"/]
[@ww.label labelKey="cxScaPassword.label" type="password" /]
-
- [@ww.checkbox labelKey="cxScaResolverEnabled.label" name="globalCxScaResolverEnabled" id="globalCxScaResolverEnabled" toggle='true' /]
- [@ui.bambooSection title='SCA Resolver' dependsOn='globalCxScaResolverEnabled' showOn='true' cssClass="cx"]
- [@ww.textfield labelKey="cxScaResolverPath.label" name="globalCxScaResolverPath" id="globalCxScaResolverPath" descriptionKey="cxScaResolverPath.description" required='true'/]
- [@ww.textarea labelKey="cxScaResolverAddParam.label" name="globalCxScaResolverAddParam" id="globalCxScaResolverAddParam" descriptionKey="cxScaResolverAddParam.description" required='true'/]
- [/@ui.bambooSection]
+
+ [@ww.checkbox labelKey="cxScaResolverEnabled.label" name="globalCxScaResolverEnabled" id="globalCxScaResolverEnabled" toggle='true' disabled="true" /]
+ [@ui.bambooSection title='SCA Resolver' dependsOn='globalCxScaResolverEnabled' showOn='true' cssClass="cx"]
+ [@ww.label labelKey="cxScaResolverPath.label" name="globalCxScaResolverPath"/]
+ [@ww.label labelKey="cxScaResolverAddParam.label" name="globalCxScaResolverAddParam" rows="3" cssClass="long-field"/]
+ [/@ui.bambooSection]
[/@ui.bambooSection]
[/@ui.bambooSection]
diff --git a/src/main/resources/english.properties b/src/main/resources/english.properties
index adde741..6374c61 100644
--- a/src/main/resources/english.properties
+++ b/src/main/resources/english.properties
@@ -140,7 +140,7 @@ cxScaResolverEnabled.description=Perform SCA scan using dependency resolution by
cxScaResolverPath.label=Path to SCA Resolver
cxScaResolverPath.description=Enter the absolute path where Sca Resolver tool is installed on the agent host.
cxScaResolverAddParam.label=SCA Resolver Additional
-cxScaResolverAddParam.description=Provide command line parameters supported by the Sca Resolver tool. Mandatory parameters are -s,-n and -r.
+cxScaResolverAddParam.description=Provide additional command line parameters supported by the Sca Resolver tool.
cxScaResolverManifest.label=Perform SCA scan by uploading manifests file(s)/source to SCA Service.
cxScaResolverManifest.description=Perform SCA scan by uploading manifests file(s)/source to SCA Service.
enableDependencyScan.label=Enable Dependency Scan