Skip to content

Commit

Permalink
feat: add AppRisk flavor
Browse files Browse the repository at this point in the history
  • Loading branch information
aarlaud committed Feb 29, 2024
1 parent 143bdc7 commit 0501dae
Show file tree
Hide file tree
Showing 9 changed files with 1,018 additions and 1 deletion.
38 changes: 38 additions & 0 deletions config.default.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
"BROKER_SERVER_UNIVERSAL_CONFIG_ENABLED": false,
"SUPPORTED_BROKER_TYPES": [
"apprisk",
"artifactory",
"azure-repos",
"bitbucket-server",
Expand All @@ -22,6 +23,37 @@
},
"required": {}
},
"apprisk": {
"validations": [
{
"url": "https://$CHECKMARX/cxrestapi/auth/identity/connect/token",
"body": {
"BROKER_VAR_SUB": ["username", "password"],
"username": "$CHECKMARX_USERNAME",
"password": "$CHECKMARX_PASSWORD",
"grant_type": "password",
"scope": "sast_rest_api",
"client_id": "resource_owner_client",
"client_secret": "014DF517-39D1-4453-B7B3-9930C563627C"
},
"method": "post",
"headers": {
"x-broker-content-type": "application/x-www-form-urlencoded"
}
}
],
"default": {
"CHECKMARX": "$CHECKMARX",
"CHECKMARX_USERNAME": "$CHECKMARX_USERNAME",
"CHECKMARX_PASSWORD": "$CHECKMARX_PASSWORD"
},
"required": {
"CHECKMARX": "checkmarx.customer.com",
"CHECKMARX_USERNAME": "<username>",
"CHECKMARX_PASSWORD": "<password>",
"BROKER_CLIENT_URL": "https://<broker.client.hostname>:<port>"
}
},
"artifactory": {
"validations": [
{
Expand Down Expand Up @@ -280,6 +312,7 @@
}
},
"FILTER_RULES_PATHS": {
"apprisk": "defaultFilters/apprisk.json",
"artifactory": "defaultFilters/artifactory.json",
"azure-repos": "defaultFilters/azure-repos.json",
"bitbucket-server": "defaultFilters/bitbucket-server.json",
Expand Down Expand Up @@ -427,6 +460,11 @@
"name": "Jira",
"type": "jira",
"brokerType": "jira-bearer-auth"
},
"apprisk": {
"name": "Apprisk",
"type": "apprisk",
"brokerType": "apprisk"
}
}
}
36 changes: 36 additions & 0 deletions defaultFilters/apprisk.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{
"public": [
],
"private": [
{
"//": "Ask for Authentication token",
"method": "POST",
"path": "/cxrestapi/auth/identity/connect/token",
"origin": "https://${CHECKMARX}"
},
{
"//": "Get All Project Details",
"method": "GET",
"path": "/projects",
"origin": "https://${CHECKMARX}"
},
{
"//": "Get Remote Source Settings for GIT",
"method": "GET",
"path": "/projects/:id/sourceCode/remoteSettings/git",
"origin": "https://${CHECKMARX}"
},
{
"//": "Get All Scans for Project",
"method": "GET",
"path": "/sast/scans",
"origin": "https://${CHECKMARX}"
},
{
"//": "Get Statistic Results by Scan Id",
"method": "GET",
"path": "/sast/scans/:id/resultsStatistics",
"origin": "https://${CHECKMARX}"
}
]
}
1 change: 1 addition & 0 deletions lib/client/types/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ export interface ConnectionValidation {
method?: string;
auth: ConnectionHeaderAuth | ConnectionBasicAuth;
body?: any;
headers?: Record<string, string>;
}

export interface ConnectionHeaderAuth {
Expand Down
2 changes: 1 addition & 1 deletion lib/client/utils/connectionValidation.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ export const validateConnection = async (config: ConnectionConfig) => {
const validation = config.validations[i] ?? {};
const method = validation?.method ?? 'GET';
const { auth, url } = validation;
const headers: Record<string, string> = {};
const headers: Record<string, string> = validation?.headers ?? {};
headers['user-agent'] = `Snyk Broker client ${version}`;
switch (auth?.type) {
case 'basic':
Expand Down
16 changes: 16 additions & 0 deletions lib/common/relay/prepareRequest.ts
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,22 @@ export const prepareRequestFromFilterResult = async (
logger.error({ error }, 'error while signing github commit');
}
}
if (
payload.headers &&
payload.headers['x-broker-content-type'] ===
'application/x-www-form-urlencoded'
) {
payload.headers['Content-Type'] = 'application/x-www-form-urlencoded';
if (payload.body) {
const jsonBody = JSON.parse(payload.body) as Record<string, any>;
const params = new URLSearchParams();
for (const [key, value] of Object.entries(jsonBody)) {
params.append(key, value.toString());
}
payload.body = params.toString();
}
}

if (options.config && options.config.LOG_ENABLE_BODY === 'true') {
logContext.requestBody = payload.body;
}
Expand Down
Loading

0 comments on commit 0501dae

Please sign in to comment.