Merge pull request #394 from checkmarx-ltd/develop

CXFLW-916, CXFLW-869, CXFLW-1176

pom.xml

@@ -10,7 +10,8 @@
 	</parent>
 	<groupId>com.github.checkmarx-ltd</groupId>
 	<artifactId>cx-spring-boot-sdk</artifactId>
-	<version>0.6.2</version>
+	<version>0.6.3</version>
+
 
 	<name>cx-spring-boot-sdk</name>
 	<description>Checkmarx Java Spring Boot SDK</description>

src/main/java/com/checkmarx/sdk/config/CxProperties.java

@@ -66,6 +66,11 @@ public class CxProperties extends CxPropertiesBase{
     @Getter @Setter
     private Map<String, String> customStateFalsePositiveMap;
 
+
+
+    @Getter @Setter
+    private Map<String, String> modifyBranchNameByPatternMap;
+
     private Map<String, String> sshKeyList;
 
     private Boolean cxBranch = false;
@@ -92,6 +97,9 @@ public class CxProperties extends CxPropertiesBase{
     @Setter
     private Boolean deleteRunningScans = false;
 
+    @Getter @Setter
+    private Boolean overrideProjectSetting = true;
+
 
     /**
      * Maps finding state ID (as returned in CxSAST report) to state name (as specified in filter configuration).

src/main/java/com/checkmarx/sdk/service/CxService.java

@@ -25,6 +25,7 @@
 import com.checkmarx.sdk.remotesettings.tfs.Tfsremotemain;
 import com.checkmarx.sdk.service.scanner.CxClient;
 import com.checkmarx.sdk.utils.CxRepoFileHelper;
+import com.checkmarx.sdk.utils.SASTScanReport;
 import com.checkmarx.sdk.utils.ScanUtils;
 import com.checkmarx.sdk.utils.scanner.client.ScanClientHelper;
 import com.checkmarx.sdk.utils.scanner.client.httpClient.CxHttpClient;
@@ -61,6 +62,7 @@
 import java.time.format.DateTimeFormatter;
 import java.time.format.DateTimeParseException;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.regex.Pattern;
 import java.util.stream.Stream;
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
@@ -130,6 +132,7 @@ public class CxService implements CxClient {
     private static final String PROJECT_BRANCH_STATUS = "/projects/branch/{id}";
     private static final String PROJECT_SOURCE = "/projects/{id}/sourceCode/remoteSettings/git";
     private static final String PROJECT_SOURCE_FILE = "/projects/{id}/sourceCode/attachments";
+    private static final String PROJECT_SOURCE_FILE_WITH_SETTINGS = "/sast/scanWithSettings";
     private static final String PROJECT_EXCLUDE = "/projects/{id}/sourceCode/excludeSettings";
     private static final String PROJECT_BRANCH_DETAILS = "/projects/branch/{id}";
     private static final String SCAN = "/sast/scans";
@@ -276,7 +279,8 @@ public JSONObject getScanData(String scanId) {
     }
 
     @Override
-    public LocalDateTime getLastScanDate(Integer projectId) {
+    public LocalDateTime
+    getLastScanDate(Integer projectId) {
         HttpEntity requestEntity = new HttpEntity<>(authClient.createAuthHeaders());
         DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss");
 
@@ -1795,9 +1799,6 @@ public void updateProjectCustomFields(CxProject cxProject) throws CheckmarxExcep
         }
     }
 
-    /**
-     * Upload file (zip of source) for a project
-     */
     public void uploadProjectSource(Integer projectId, File file) throws CheckmarxException {
         HttpHeaders headers = authClient.createAuthHeaders();
         headers.setContentType(MediaType.MULTIPART_FORM_DATA);
@@ -1818,6 +1819,44 @@ public void uploadProjectSource(Integer projectId, File file) throws CheckmarxEx
         }
     }
 
+    /**
+     * Upload file (zip of source) for a project
+     */
+    public Integer uploadProjectSource(CxScanParams params,Integer projectId, File file,String comment) throws CheckmarxException {
+        HttpHeaders headers = authClient.createAuthHeaders();
+        headers.setContentType(MediaType.MULTIPART_FORM_DATA);
+
+        LinkedMultiValueMap<String, Object> map = new LinkedMultiValueMap<>();
+        FileSystemResource value = new FileSystemResource(file);
+        map.add("projectId", projectId);
+        map.add("customFields", params.getCustomFields());
+        map.add("overrideProjectSetting", cxProperties.getOverrideProjectSetting());
+        map.add("isIncremental", params.isIncremental());
+        map.add("isPublic", params.isPublic());
+        map.add("forceScan", params.isForceScan());
+        map.add("comment", comment);
+        map.add("presetId", getPresetId(params.getScanPreset())); //Test Satyam
+        map.add("engineConfigurationId",getScanConfiguration(params.getScanConfiguration())); //Test Satyam
+        map.add("zippedSource", value);
+
+        HttpEntity<LinkedMultiValueMap<String, Object>> requestEntity = new HttpEntity<>(map, headers);
+
+        try {
+            log.info("Updating Source details for project Id {}", projectId);
+            String response = restTemplate.exchange(cxProperties.getUrl().concat(PROJECT_SOURCE_FILE_WITH_SETTINGS), HttpMethod.POST, requestEntity, String.class).getBody();
+            JSONObject obj = new JSONObject(response);
+            String id = obj.get("id").toString();
+            log.info("Scan created with Id {} for project Id {}", id, projectId);
+            System.err.println("cxflowscanidextractiongithubaction " +id+ "endofstatementscanidaction");
+            return Integer.parseInt(id);
+
+        } catch (HttpStatusCodeException e) {
+            log.error(ExceptionUtils.getStackTrace(e));
+            log.error("Error occurred while uploading Project source for project id {}.", projectId);
+        }
+        return UNKNOWN_INT;
+    }
+
     public void setProjectExcludeDetails(Integer projectId, List<String> excludeFolders, List<String> excludeFiles) {
         String excludeFilesStr = "";
         String excludeFolderStr = "";
@@ -2213,6 +2252,16 @@ public Integer createScan(CxScanParams params, String comment) throws CheckmarxE
                     if(defaultBranch == null || defaultBranch.equalsIgnoreCase("")){
                         log.info("Default Branch Name not found");
                     }
+
+                    if (cxProperties.getModifyBranchNameByPatternMap() != null) {
+                        for (Map.Entry<String, String> entry : cxProperties.getModifyBranchNameByPatternMap().entrySet()) {
+                            String pattern = entry.getKey();
+                            String replacementChar = entry.getValue();
+                            currentBranch = editBranchString(currentBranch, pattern, replacementChar);
+                            defaultBranch = editBranchString(defaultBranch, pattern, replacementChar);
+                        }
+                    }
+
                     //params.getModifiedProjectName() have modified branch name in case if project name is append with current branch and there is script to change such project name
                     //that changes branch value as well
                     if(currentBranch != null && !currentBranch.equalsIgnoreCase("") &&  params.getProjectName().contains(currentBranch)){
@@ -2380,8 +2429,6 @@ public Integer createScan(CxScanParams params, String comment) throws CheckmarxE
 //        Svnremotemain svnremotemainObj = getSvnRepoDetails(projectId);
 //        Tfsremotemain tfsremotemainObj = getTfsRepoDetails(projectId);
 //        ExcludeSettingsmain excludeSettingsmainObj = getExcludeSettingsDetails(projectId);
-
-        prepareSources(params, projectId);
         //Setting Remembered Git Settings
 //        try {
 //            if(params.isFileSource() || (params.isGitSource()
@@ -2413,10 +2460,6 @@ public Integer createScan(CxScanParams params, String comment) throws CheckmarxE
 //            log.error("Error Occurred While Setting Settings.");
 //            log.error(ExceptionUtils.getStackTrace(e));
 //        }
-
-
-
-
         if(params.isIncremental() && projectExistedBeforeScan) {
             LocalDateTime scanDate = getLastScanDate(projectId);
             if(scanDate == null || LocalDateTime.now().isAfter(scanDate.plusDays(cxProperties.getIncrementalThreshold()))){
@@ -2433,45 +2476,56 @@ public Integer createScan(CxScanParams params, String comment) throws CheckmarxE
             params.setIncremental(false);
         }
 
-        CxScan scan = CxScan.builder()
-                .projectId(projectId)
-                .isIncremental(params.isIncremental())
-                .forceScan(params.isForceScan())
-                .isPublic(params.isPublic())
-                .comment(comment)
-                .customFields(params.getScanCustomFields())
-                .build();
-        log.debug("scan: {}", scan);
+        SASTScanReport SASTScanReportObj = prepareSources(params, projectId,comment);
+        if(SASTScanReportObj.isHasFindings()){
+            CxScan scan = CxScan.builder()
+                    .projectId(projectId)
+                    .isIncremental(params.isIncremental())
+                    .forceScan(params.isForceScan())
+                    .isPublic(params.isPublic())
+                    .comment(comment)
+                    .customFields(params.getScanCustomFields())
+                    .build();
+            log.debug("scan: {}", scan);
 
-        HttpHeaders headers = authClient.createAuthHeaders();
-        headers.add(CxHttpClient.ORIGIN_HEADER, ScanClientHelper.CX_FLOW_SCAN_ORIGIN_NAME);
-        HttpEntity<CxScan> requestEntity = new HttpEntity<>(scan, headers);
+            HttpHeaders headers = authClient.createAuthHeaders();
+            headers.add(CxHttpClient.ORIGIN_HEADER, ScanClientHelper.CX_FLOW_SCAN_ORIGIN_NAME);
+            HttpEntity<CxScan> requestEntity = new HttpEntity<>(scan, headers);
 
-        log.info("Creating Scan for project Id {}", projectId);
-        try {
-            String response = restTemplate.postForObject(cxProperties.getUrl().concat(SCAN), requestEntity, String.class);
-            JSONObject obj = new JSONObject(response);
-            String id = obj.get("id").toString();
-            log.info("Scan created with Id {} for project Id {}", id, projectId);
-            System.err.println("cxflowscanidextractiongithubaction " +id+ "endofstatementscanidaction");
-            return Integer.parseInt(id);
-        } catch (HttpStatusCodeException e) {
-            log.error(SCAN_CREATION_ERROR, projectId, e.getStatusCode());
-            log.error(ExceptionUtils.getStackTrace(e));
-        } catch (JSONException e) {
-            log.error("Error Occurred While processing JSON");
-            log.error(ExceptionUtils.getStackTrace(e));
-        } finally {
-            if (params.isGitSource() && cxProperties.getEnabledZipScan() || params.isFileSource()){
-                FileUtils.deleteQuietly(new File(params.getFilePath()));
+            log.info("Creating Scan for project Id {}", projectId);
+            try {
+                String response = restTemplate.postForObject(cxProperties.getUrl().concat(SCAN), requestEntity, String.class);
+                JSONObject obj = new JSONObject(response);
+                String id = obj.get("id").toString();
+                log.info("Scan created with Id {} for project Id {}", id, projectId);
+                System.err.println("cxflowscanidextractiongithubaction " +id+ "endofstatementscanidaction");
+                return Integer.parseInt(id);
+            } catch (HttpStatusCodeException e) {
+                log.error(SCAN_CREATION_ERROR, projectId, e.getStatusCode());
+                log.error(ExceptionUtils.getStackTrace(e));
+            } catch (JSONException e) {
+                log.error("Error Occurred While processing JSON");
+                log.error(ExceptionUtils.getStackTrace(e));
+            } finally {
+                if (params.isGitSource() && cxProperties.getEnabledZipScan() || params.isFileSource()){
+                    FileUtils.deleteQuietly(new File(params.getFilePath()));
+                }
             }
+        }else{
+            return SASTScanReportObj.getScanId();
         }
 
 
+
         log.info("...Finished creating scan");
         return UNKNOWN_INT;
     }
 
+    public static String editBranchString(String text, String pattern, String replacement) {
+        Pattern regex = Pattern.compile(pattern);
+        return regex.matcher(text).replaceAll(replacement);
+    }
+
     private void setExcludeSettingsDetails(ExcludeSettingsmain excludeSettingsmainObj, Integer projectId) {
         HttpEntity requestEntity = new HttpEntity<>(excludeSettingsmainObj,authClient.createAuthHeaders());
         try {
@@ -2641,19 +2695,29 @@ private Gitremotemain getGitRepoDetails(Integer projectId) {
     }
 
 
-    private void prepareSources(CxScanParams params, Integer projectId) throws CheckmarxException {
-        if (params.isFileSource()) {
+    private SASTScanReport prepareSources(CxScanParams params, Integer projectId, String comment) throws CheckmarxException {
+        if (params.isFileSource() && !cxProperties.getOverrideProjectSetting()) {
+            return new SASTScanReport(uploadProjectSource(params,projectId, new File(params.getFilePath()),comment),false);
+        }else if(params.isFileSource() && cxProperties.getOverrideProjectSetting()){
             uploadProjectSource(projectId, new File(params.getFilePath()));
-        }
-        else if (params.isGitSource()) {
-            if (cxProperties.getEnabledZipScan()) {
+            return new SASTScanReport(UNKNOWN_INT,true);
+        }else if (params.isGitSource()) {
+            if (cxProperties.getEnabledZipScan() && cxProperties.getOverrideProjectSetting()) {
                 String clonedRepoPath = cxRepoFileHelper.prepareRepoFile(params);
                 uploadProjectSource(projectId, new File(clonedRepoPath));
                 params.setFilePath(clonedRepoPath);
-            }else {
+                return new SASTScanReport(UNKNOWN_INT,true);
+            }else if(cxProperties.getEnabledZipScan() && !cxProperties.getOverrideProjectSetting()){
+                String clonedRepoPath = cxRepoFileHelper.prepareRepoFile(params);
+                uploadProjectSource(params,projectId, new File(clonedRepoPath),comment);
+                params.setFilePath(clonedRepoPath);
+                return new SASTScanReport(uploadProjectSource(params,projectId, new File(clonedRepoPath),comment),false);
+            }
+            else {
                 setProjectRepositoryDetails(projectId, params.getGitUrl(), params.getBranch(), params);
             }
         }
+        return new SASTScanReport(UNKNOWN_INT,true);
     }
 
     private Integer determineProjectId(CxScanParams params, String teamId) {

src/main/java/com/checkmarx/sdk/service/scanner/AbstractScanner.java

@@ -64,7 +64,7 @@ public AstScaResults scanForPDF(ScanParams scanParams,PDFPropertiesSCA pdfSCApro
 
     protected abstract AstScaResults toResults(ResultsBase scanResults);
 
-    protected ResultsBase executeScan(RestClientConfig restClientConfig) {
+    protected synchronized  ResultsBase executeScan(RestClientConfig restClientConfig) {
 
         ResultsBase finalResults;
 

src/main/java/com/checkmarx/sdk/utils/SASTScanReport.java

@@ -0,0 +1,28 @@
+package com.checkmarx.sdk.utils;
+
+public class SASTScanReport {
+
+    private int scanId;
+    private boolean hasFindings;
+
+    public SASTScanReport(int scanId, boolean hasFindings) {
+        this.scanId = scanId;
+        this.hasFindings = hasFindings;
+    }
+
+    public int getScanId() {
+        return scanId;
+    }
+
+    public void setScanId(int scanId) {
+        this.scanId = scanId;
+    }
+
+    public boolean isHasFindings() {
+        return hasFindings;
+    }
+
+    public void setHasFindings(boolean hasFindings) {
+        this.hasFindings = hasFindings;
+    }
+}