Skip to content

Commit

Permalink
fix(cxone): new endpoint for project creation (SAP#4889)
Browse files Browse the repository at this point in the history
* Initial in progress

* compiling but not yet functional

* Missed file

* updated checkmarxone step

* Working up to fetching a project then breaks

* Missed file

* Breaks when retrieving projects+proxy set

* Create project & run scan working, now polling

* Fixed polling

* added back the zipfile remove command

* Fixed polling again

* Generates and downloads PDF report

* Updated and working, prep for refactor

* Added compliance steps

* Cleanup, reporting, added groovy connector

* fixed groovy file

* checkmarxone to checkmarxOne

* checkmarxone to checkmarxOne

* split credentials (id+secret, apikey), renamed pullrequestname to branch, groovy fix

* Fixed filenames & yaml

* missed the metadata_generated.go

* added json to sarif conversion

* fix:type in new checkmarxone package

* fix:type in new checkmarxone package

* removed test logs, added temp error log for creds

* extra debugging to fix crash

* improved auth logging, fixed query parse issue

* fixed bug with group fetch when using oauth user

* CWE can be -1 if not defined, can't be uint

* Query also had CweID

* Disabled predicates-fetch in sarif generation

* Removing leftover info log message

* Better error handling

* fixed default preset configuration

* removing .bat files - sorry

* Cleanup per initial review

* refactoring per Gist, fixed project find, add apps

* small fix - sorry for commit noise while testing

* Fixing issues with incremental scans.

* removing maxretries

* Updated per PR feedback, further changes todo toda

* JSON Report changes and reporting cleanup

* removing .bat (again?)

* adding docs, groovy unit test, linter fixes

* Started adding tests maybe 15% covered

* fix(checkmarxOne): test cases for pkg and reporting

* fix(checkmarxOne):fix formatting

* feat(checkmarxone): update interface with missing method

* feat(checkmarxone):change runStep signature to be able to inject dependency

* feat(checkmarxone): add tests for step (wip)

* Adding a bit more coverage

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix integration test PR

* adding scan-summary bug workaround, reportgen fail

* enforceThresholds fix when no results passed in

* fixed gap when preset empty in yaml & project conf

* fixed another gap in preset selection

* fix 0-result panic

* fail when no preset is set anywhere

* removed comment

* initial project-under-app support

* fixing sarif reportgen

* some cleanup of error messages

* post-merge test fixes

* revert previous upstream merge

* adding "incremental" to "full" triggers

* wrong boolean

* project-in-application api change prep

* Fixing SARIF report without preset access

* fix sarif deeplink

* removing comments

* fix(cxone):formatting

* fix(cxone):formatting

* fix(cxone):new endpoint for project creation

---------

Co-authored-by: michael kubiaczyk <[email protected]>
Co-authored-by: michaelkubiaczyk <[email protected]>
  • Loading branch information
3 people authored and maxatsap committed Jul 23, 2024
1 parent c0d997a commit b1baa7a
Showing 1 changed file with 6 additions and 15 deletions.
21 changes: 6 additions & 15 deletions pkg/checkmarxone/checkmarxone.go
Original file line number Diff line number Diff line change
Expand Up @@ -825,10 +825,11 @@ func (sys *SystemInstance) CreateProject(projectName string, groupIDs []string)
func (sys *SystemInstance) CreateProjectInApplication(projectName, applicationID string, groupIDs []string) (Project, error) {
var project Project
jsonData := map[string]interface{}{
"name": projectName,
"groups": groupIDs,
"origin": cxOrigin,
"criticality": 3, // default
"name": projectName,
"groups": groupIDs,
"origin": cxOrigin,
"criticality": 3, // default
"applicationIds": []string{applicationID},
// multiple additional parameters exist as options
}

Expand All @@ -839,17 +840,7 @@ func (sys *SystemInstance) CreateProjectInApplication(projectName, applicationID

header := http.Header{}
header.Set("Content-Type", "application/json")

data, err := sendRequest(sys, http.MethodPost, fmt.Sprintf("/projects/application/%v", applicationID), bytes.NewBuffer(jsonValue), header, []int{})

if err != nil && err.Error()[0:8] == "HTTP 404" { // At some point, the api /projects/applications will be removed and instead the normal /projects API will do the job.
jsonData["applicationIds"] = []string{applicationID}
jsonValue, err = json.Marshal(data)
if err != nil {
return project, err
}
data, err = sendRequest(sys, http.MethodPost, "/projects", bytes.NewReader(jsonValue), header, []int{})
}
data, err := sendRequest(sys, http.MethodPost, "/projects", bytes.NewReader(jsonValue), header, []int{})

if err != nil {
return project, errors.Wrapf(err, "failed to create project %v under %v", projectName, applicationID)
Expand Down

0 comments on commit b1baa7a

Please sign in to comment.