Introducing scan config parts #127

- introducting of ScanConfig, ScanConfigService and related parts - it is now possible to define a scan configuration inside a spring value which can define mappings for checkmarx - CheckmarxInstallSetup does now use ScanConfigService to resolve mappings for teamIds and also presetIds which is given to adapter - Missing: adapter must do rest call to update presetId when project has been created.
mercedes-benz · Dec 18, 2019 · caf2263 · caf2263
1 parent d2555a1
commit caf2263
Show file tree

Hide file tree

Showing 16 changed files with 713 additions and 5 deletions.
diff --git a/...adapter-checkmarx/src/main/java/com/daimler/sechub/adapter/checkmarx/CheckmarxConfig.java b/...adapter-checkmarx/src/main/java/com/daimler/sechub/adapter/checkmarx/CheckmarxConfig.java
@@ -10,6 +10,7 @@ public class CheckmarxConfig extends AbstractCodeScanAdapterConfig implements Ch
 
 	private String teamIdForNewProjects;
 	private InputStream sourceCodeZipFileInputStream;
+	public String presetIdForNewProjects;
 
 	private CheckmarxConfig() {
 	}
@@ -19,6 +20,10 @@ public String getTeamIdForNewProjects() {
 		return teamIdForNewProjects;
 	}
 
+	public String getPresetIdForNewProjects() {
+		return presetIdForNewProjects;
+	}
+
 	@Override
 	public InputStream getSourceCodeZipFileInputStream() {
 		return sourceCodeZipFileInputStream;
@@ -31,6 +36,7 @@ public static CheckmarxConfigBuilder builder() {
 	public static class CheckmarxConfigBuilder extends AbstractCodeScanAdapterConfigBuilder<CheckmarxConfigBuilder, CheckmarxConfig>{
 
 		private String teamIdForNewProjects;
+		private String presetIdForNewProjects;
 		private InputStream sourceCodeZipFileInputStream;
 
 		/**
@@ -42,6 +48,17 @@ public CheckmarxConfigBuilder setTeamIdForNewProjects(String teamId){
 			this.teamIdForNewProjects=teamId;
 			return this;
 		}
+
+		/**
+		 * When we create a new project this is the team ID to use
+		 * @param teamId
+		 * @return
+		 */
+		public CheckmarxConfigBuilder setPresetIdForNewProjects(String presetId){
+			this.presetIdForNewProjects=presetId;
+			return this;
+		}
+
 		public CheckmarxConfigBuilder setSourceCodeZipFileInputStream(InputStream sourceCodeZipFileInputStream){
 			this.sourceCodeZipFileInputStream=sourceCodeZipFileInputStream;
 			return this;
@@ -50,6 +67,7 @@ public CheckmarxConfigBuilder setSourceCodeZipFileInputStream(InputStream source
 		@Override
 		protected void customBuild(CheckmarxConfig config) {
 			config.teamIdForNewProjects=teamIdForNewProjects;
+			config.presetIdForNewProjects=presetIdForNewProjects;
 			config.sourceCodeZipFileInputStream=sourceCodeZipFileInputStream;
 		}
 
@@ -71,6 +89,7 @@ protected void assertTeamIdSet() {
 				throw new IllegalStateException("no team id given");
 			}
 		}
+
 	}
 
 

diff --git a/...src/main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetup.java b/...src/main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetup.java
@@ -5,6 +5,18 @@
 
 public interface CheckmarxInstallSetup extends AnyTargetOneInstallSetup{
 
-	public String getTeamIdForNewProjects();
+	/**
+	 * Provide team id when project has to be created
+	 * @param projectId
+	 * @return team id either by name pattern rule, or default id, but never <code>null</code>
+	 */
+	public String getTeamIdForNewProjects(String projectId);
+
+	/**
+	 * Provide presetId when project has to be created
+	 * @param projectId
+	 * @return preset Id or <code>null</code> - in case of null checkmarx will use default preset
+	 */
+	public String getPresetIdForNewProjects(String projectId);
 
 }
diff --git a/...main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetupImpl.java b/...main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetupImpl.java
@@ -1,12 +1,14 @@
 // SPDX-License-Identifier: MIT
 package com.daimler.sechub.domain.scan.product.checkmarx;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
 import com.daimler.sechub.adapter.AbstractAdapterConfigBuilder;
 import com.daimler.sechub.domain.scan.AbstractInstallSetup;
 import com.daimler.sechub.domain.scan.TargetType;
+import com.daimler.sechub.domain.scan.config.ScanConfigService;
 import com.daimler.sechub.sharedkernel.MustBeDocumented;
 
 @Component
@@ -18,7 +20,7 @@ public class CheckmarxInstallSetupImpl extends AbstractInstallSetup implements C
 			+ "For creation a team must be assigned to the project, which cannot be done by API "
 			+ "(and its not clear which users should be included etc.). "
 			+ "\n\nNormally this should not be necessary, because Admins should define a team (with sechubuser inside) alraedy before.")
-	private String teamIdForNewProjects;
+	String teamIdForNewProjects;
 
 	@Value("${sechub.adapter.checkmarx.baseurl}")
 	@MustBeDocumented(value = "Base url for checkmarx")
@@ -36,6 +38,9 @@ public class CheckmarxInstallSetupImpl extends AbstractInstallSetup implements C
 	@MustBeDocumented(AbstractAdapterConfigBuilder.DOCUMENT_INFO_TRUSTALL)
 	private boolean trustAllCertificatesNecessary;
 
+	@Autowired
+	ScanConfigService scanConfigService;
+
 	@Override
 	public String getBaseURL() {
 		return baseURL;
@@ -51,10 +56,19 @@ public String getPassword() {
 		return password;
 	}
 
-	public String getTeamIdForNewProjects() {
+	public String getTeamIdForNewProjects(String projectId) {
+		String teamId = scanConfigService.getNamePatternIdProvider("checkmarx.newproject.teamid").getIdForName(projectId);
+		if (teamId!=null) {
+			return teamId;
+		}
 		return teamIdForNewProjects;
 	}
 
+	@Override
+	public String getPresetIdForNewProjects(String projectId) {
+		return scanConfigService.getNamePatternIdProvider("checkmarx.newproject.presetid").getIdForName(projectId);
+	}
+
 	@Override
 	public boolean isHavingUntrustedCertificate() {
 		return trustAllCertificatesNecessary;

diff --git a/.../main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxProductExecutor.java b/.../main/java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxProductExecutor.java
@@ -87,10 +87,10 @@ protected List<ProductResult> executeWithAdapter(SecHubExecutionContext context,
 							setScanResultTimeOutInMinutes(scanResultCheckTimeOutInMinutes).
 							setFileSystemSourceFolders(data.getCodeUploadFileSystemFolders()).
 							setSourceCodeZipFileInputStream(sourceCodeZipFileInputStream).
-							setTeamIdForNewProjects(setup.getTeamIdForNewProjects()).
+							setTeamIdForNewProjects(setup.getTeamIdForNewProjects(projectId)).
+							setPresetIdForNewProjects(setup.getPresetIdForNewProjects(projectId)).
 							setProjectId(projectId).
 							setTraceID(context.getTraceLogIdAsString()).
-							/* TODO Albert Tregnaghi, 2018-10-09:policy id - always default id - what about config.getPoliciyID() ?!?! */
 							build();
 					/* @formatter:on */
 

diff --git a/.../java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetupImplTest.java b/.../java/com/daimler/sechub/domain/scan/product/checkmarx/CheckmarxInstallSetupImplTest.java
@@ -0,0 +1,81 @@
+package com.daimler.sechub.domain.scan.product.checkmarx;
+
+import static org.junit.Assert.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import static org.mockito.Mockito.*;
+
+import com.daimler.sechub.domain.scan.config.NamePatternIdprovider;
+import com.daimler.sechub.domain.scan.config.ScanConfigService;
+
+public class CheckmarxInstallSetupImplTest {
+
+	private CheckmarxInstallSetupImpl setupImplToTest;
+	private ScanConfigService scanConfigService;
+
+	@Before
+	public void before() {
+		setupImplToTest = new CheckmarxInstallSetupImpl();
+		setupImplToTest.teamIdForNewProjects="A0";
+		scanConfigService = mock(ScanConfigService.class);
+		setupImplToTest.scanConfigService = scanConfigService;
+	}
+
+	@Test
+	public void teamId_found_name_by_provider_returns_team_id_from_provider() {
+		/* prepare */
+		NamePatternIdprovider provider = mock(NamePatternIdprovider.class);
+		when(provider.getIdForName("abc")).thenReturn("A1");
+
+		when(scanConfigService.getNamePatternIdProvider("checkmarx.newproject.teamid")).thenReturn(provider);
+
+		/* execute */
+		String result = setupImplToTest.getTeamIdForNewProjects("abc");
+		/* test */
+		assertEquals("A1",result);
+	}
+
+	@Test
+	public void teamId_not_found_name_by_provider_returns_default_teamId() {
+		/* prepare */
+		NamePatternIdprovider provider = mock(NamePatternIdprovider.class);
+		when(provider.getIdForName("abc")).thenReturn(null);
+
+		when(scanConfigService.getNamePatternIdProvider("checkmarx.newproject.teamid")).thenReturn(provider);
+
+		/* execute */
+		String result = setupImplToTest.getTeamIdForNewProjects("abc");
+		/* test */
+		assertEquals("A0",result);
+	}
+
+	@Test
+	public void presetId_found_name_by_provider_returns_preset_id_from_provider() {
+		/* prepare */
+		NamePatternIdprovider provider = mock(NamePatternIdprovider.class);
+		when(provider.getIdForName("abc")).thenReturn("B1");
+
+		when(scanConfigService.getNamePatternIdProvider("checkmarx.newproject.presetid")).thenReturn(provider);
+
+		/* execute */
+		String result = setupImplToTest.getPresetIdForNewProjects("abc");
+		/* test */
+		assertEquals("B1",result);
+	}
+
+	@Test
+	public void presetId_not_found_name_by_provider_returns_null() {
+		/* prepare */
+		NamePatternIdprovider provider = mock(NamePatternIdprovider.class);
+		when(provider.getIdForName("abc")).thenReturn(null);
+
+		when(scanConfigService.getNamePatternIdProvider("checkmarx.newproject.presetid")).thenReturn(provider);
+
+		/* execute */
+		String result = setupImplToTest.getPresetIdForNewProjects("abc");
+		/* test */
+		assertEquals(null,result);
+	}
+
+}
diff --git a/sechub-scan-product-checkmarx/src/test/resources/checkmarx_scan_config1.json b/sechub-scan-product-checkmarx/src/test/resources/checkmarx_scan_config1.json
@@ -0,0 +1,35 @@
+{
+    "apiVersion": "1.0",
+    "type" : "scanConfig",
+
+    "namePatternIdProviders": {
+        "checkmarx.newproject.presetid": [
+            {
+                "namePattern": "my-java-project-.*",
+                "id": "100021"
+            },
+            {
+                "namePattern": "a-go-project-.*",
+                "id": "100031"
+            },
+            {
+                "namePattern": ".*",
+                "id": "100001"
+            }
+        ],
+        "checkmarx.newproject.teamid": [
+            {
+                "namePattern": "my-java-project-.*",
+                "id": "e2e4e8f4-ba17-453b-b194-c736c605700d"
+            },
+            {
+                "namePattern": "a-go-project-.*",
+                "id": "e2e4e8f4-ba17-453b-b194-d836c605700d"
+            },
+            {
+                "namePattern": ".*",
+                "id": "f2c4g8f4-ba17-453b-b194-c746c605700d"
+            }
+        ]
+    }
+}
diff --git a/sechub-scan/src/main/java/com/daimler/sechub/domain/scan/config/NamePatternIdprovider.java b/sechub-scan/src/main/java/com/daimler/sechub/domain/scan/config/NamePatternIdprovider.java
@@ -0,0 +1,38 @@
+package com.daimler.sechub.domain.scan.config;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class NamePatternIdprovider {
+
+
+private static final Logger LOG = LoggerFactory.getLogger(NamePatternIdprovider.class);
+
+	private List<NamePatternToIdEntry> entries = new ArrayList<>();
+
+	public void add(NamePatternToIdEntry entry) {
+		if (entry==null) {
+			LOG.warn("Ignoring null entry");
+			return;
+		}
+		entries.add(entry);
+	}
+
+	/**
+	 * Resolves id for given name or <code>null</code> when no matchers available
+	 * @param name
+	 * @return id or <code>null</code>
+	 */
+	public String getIdForName(String name) {
+		for (NamePatternToIdEntry entry: entries) {
+			if (entry.isMatching(name)) {
+				return entry.getId();
+			}
+		}
+		return null;
+	}
+
+}
diff --git a/sechub-scan/src/main/java/com/daimler/sechub/domain/scan/config/NamePatternToIdEntry.java b/sechub-scan/src/main/java/com/daimler/sechub/domain/scan/config/NamePatternToIdEntry.java
@@ -0,0 +1,67 @@
+package com.daimler.sechub.domain.scan.config;
+
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.daimler.sechub.sharedkernel.util.JSONable;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class NamePatternToIdEntry implements JSONable<NamePatternToIdEntry>{
+
+	private static final Logger LOG = LoggerFactory.getLogger(NamePatternToIdEntry.class);
+
+	private String namePattern;
+	private String id;
+
+	private Pattern regexp;
+
+	private static final NamePatternToIdEntry JSON_INITIALIZER = new NamePatternToIdEntry();
+
+	public static NamePatternToIdEntry createFromJSON(String json) {
+		return JSON_INITIALIZER.fromJSON(json);
+	}
+
+	private NamePatternToIdEntry() {
+		/* only internal used */
+	}
+
+	@JsonCreator
+	public NamePatternToIdEntry(@JsonProperty("namePattern")String namePattern,@JsonProperty("id") String id) {
+		this.namePattern = namePattern;
+		this.id = id;
+
+		try {
+			regexp=Pattern.compile(namePattern);
+		}catch(RuntimeException e) {
+			LOG.error("Was not able to compile regexp: {}",namePattern, e);
+		}
+	}
+
+	Pattern getRegexp() {
+		return regexp;
+	}
+
+	public String getNamePattern() {
+		return namePattern;
+	}
+
+	public String getId() {
+		return id;
+	}
+
+	public boolean isMatching(String string) {
+		if (string == null || regexp==null) {
+			return false;
+		}
+		return regexp.matcher(string).matches();
+	}
+
+	@Override
+	public Class<NamePatternToIdEntry> getJSONTargetClass() {
+		return NamePatternToIdEntry.class;
+	}
+
+}