checkmarxOne

package
v1.336.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 22, 2024 License: Apache-2.0 Imports: 18 Imported by: 1

Documentation

Index

Constants

View Source
const ReportsDirectory = "checkmarxOne"

ReportsDirectory defines the subfolder for the Checkmarx reports which are generated

Variables

This section is empty.

Functions

func ConvertCxJSONToSarif

func ConvertCxJSONToSarif(sys System, serverURL string, scanResults *[]ScanResult, scanMeta *ScanMetadata, scan *Scan) (format.SARIF, error)

ConvertCxJSONToSarif is the entrypoint for the Parse function

func CreateCustomReport

func CreateCustomReport(data *map[string]interface{}, insecure, neutral []string) reporting.ScanReport

func WriteCustomReports

func WriteCustomReports(scanReport reporting.ScanReport, projectName, projectID string) ([]piperutils.Path, error)

func WriteJSONHeaderReport

func WriteJSONHeaderReport(jsonReport CheckmarxOneReportData) ([]piperutils.Path, error)

func WriteSarif

func WriteSarif(sarif format.SARIF) ([]piperutils.Path, error)

WriteSarif writes a json file to disk as a .sarif if it respects the specification declared in format.SARIF

Types

type Application

type Application struct {
	ApplicationID string            `json:"id"`
	Name          string            `json:"name"`
	Description   string            `json:"description"`
	Criticality   uint              `json:"criticality"`
	Rules         []ApplicationRule `json:"rules"`
	Tags          map[string]string `json:"tags"`
	CreatedAt     string            `json:"createdAt"`
	UpdatedAt     string            `json:"updatedAt"`
}

func (*Application) AddRule

func (a *Application) AddRule(ruletype, value string)

func (*Application) AssignProject

func (a *Application) AssignProject(project *Project)

func (*Application) GetRuleByType

func (a *Application) GetRuleByType(ruletype string) *ApplicationRule

type ApplicationRule

type ApplicationRule struct {
	Type  string `json:"type"`
	Value string `json:"value"`
}

type AuthToken

type AuthToken struct {
	TokenType   string `json:"token_type"`
	AccessToken string `json:"access_token"`
	ExpiresIn   int    `json:"expires_in"`
}

AuthToken - Structure to store OAuth2 token Updated for Cx1

type CheckmarxOneReportData

type CheckmarxOneReportData struct {
	ToolName        string     `json:"toolName"`
	ToolVersion     string     `json:"toolVersion"`
	ProjectName     string     `json:"projectName"`
	ProjectID       string     `json:"projectID"`
	ScanID          string     `json:"scanID"`
	ApplicationName string     `json:"applicationName"`
	ApplicationID   string     `json:"applicationID"`
	GroupName       string     `json:"groupName"`
	GroupID         string     `json:"groupID"`
	DeepLink        string     `json:"deepLink"`
	Preset          string     `json:"preset"`
	ScanType        string     `json:"scanType"`
	Findings        *[]Finding `json:"findings"`
}

func CreateJSONHeaderReport

func CreateJSONHeaderReport(data *map[string]interface{}) CheckmarxOneReportData

type Finding added in v1.301.0

type Finding struct {
	ClassificationName string         `json:"classificationName"`
	Total              int            `json:"total,omitempty"`
	Audited            *int           `json:"audited,omitempty"`
	LowPerQuery        *[]LowPerQuery `json:"categories,omitempty"`
}

type Group

type Group struct {
	GroupID string `json:"id"`
	Name    string `json:"name"`
}

Cx1 Group/Group - Group Structure

type LowPerQuery

type LowPerQuery struct {
	QueryName string `json:"name"`
	Audited   int    `json:"audited"`
	Total     int    `json:"total"`
}

type Preset

type Preset struct {
	PresetID int    `json:"id"`
	Name     string `json:"name"`
}

Preset - Project's Preset Updated for Cx1

type Project

type Project struct {
	ProjectID    string            `json:"id"`
	Name         string            `json:"name"`
	CreatedAt    string            `json:"createdAt"`
	UpdatedAt    string            `json:"updatedAt"`
	Groups       []string          `json:"groups"`
	Applications []string          `json:"applicationIds"`
	Tags         map[string]string `json:"tags"`
	RepoUrl      string            `json:"repoUrl"`
	MainBranch   string            `json:"mainBranch"`
	Origin       string            `json:"origin"`
	Criticality  int               `json:"criticality"`
}

Project - Project Structure Updated for Cx1

type ProjectConfigurationSetting

type ProjectConfigurationSetting struct {
	Key             string `json:"key"`
	Name            string `json:"name"`
	Category        string `json:"category"`
	OriginLevel     string `json:"originLevel"`
	Value           string `json:"value"`
	ValueType       string `json:"valuetype"`
	ValueTypeParams string `json:"valuetypeparams"`
	AllowOverride   bool   `json:"allowOverride"`
}

New for Cx1 These settings are higher-level settings that define how an engine should run, for example "multi-language" mode or setting a preset.

type Query

type Query struct {
	QueryID            uint64 `json:"queryID,string"`
	Name               string `json:"queryName"`
	Group              string
	Language           string
	Severity           string
	CweID              int64
	QueryDescriptionID int64
	Custom             bool
}

type ReportStatus

type ReportStatus struct {
	ReportID  string `json:"reportId"`
	Status    string `json:"status"`
	ReportURL string `json:"url"`
}

ReportStatus - ReportStatus Structure Updated for Cx1

type ResultsPredicates

type ResultsPredicates struct {
	PredicateID  string `json:"ID"`
	SimilarityID int64  `json:"similarityId,string"`
	ProjectID    string `json:"projectId"`
	State        string `json:"state"`
	Comment      string `json:"comment"`
	Severity     string `json:"severity"`
	CreatedBy    string
	CreatedAt    string
}

type Scan

type Scan struct {
	ScanID        string              `json:"id"`
	Status        string              `json:"status"`
	StatusDetails []ScanStatusDetails `json:"statusDetails"`
	Branch        string              `json:"branch"`
	CreatedAt     string              `json:"createdAt"`
	UpdatedAt     string              `json:"updatedAt"`
	ProjectID     string              `json:"projectId"`
	ProjectName   string              `json:"projectName"`
	UserAgent     string              `json:"userAgent"`
	Initiator     string              `json:"initiator"`
	Tags          map[string]string   `json:"tags"`
	Metadata      struct {
		Type    string              `json:"type"`
		Configs []ScanConfiguration `json:"configs"`
	} `json:"metadata"`
	Engines      []string `json:"engines"`
	SourceType   string   `json:"sourceType"`
	SourceOrigin string   `json:"sourceOrigin"`
}

Scan - Scan Structure updated for Cx1

func (*Scan) IsIncremental

func (s *Scan) IsIncremental() (bool, error)

type ScanConfiguration

type ScanConfiguration struct {
	ScanType string            `json:"type"`
	Values   map[string]string `json:"value"`
}

New for Cx1: ScanConfiguration - list of key:value pairs used to configure the scan for each scan engine This is specifically for scan-level configurations like "is incremental" and scan tags

type ScanMetadata

type ScanMetadata struct {
	ScanID                string
	ProjectID             string
	LOC                   int
	FileCount             int
	IsIncremental         bool
	IsIncrementalCanceled bool
	PresetName            string `json:"queryPreset"`
}

{"scanId":"bef5d38b-7eb9-4138-b74b-2639fcf49e2e","projectId":"ad34ade3-9bf3-4b5a-91d7-3ad67eca7852","loc":137,"fileCount":12,"isIncremental":false,"isIncrementalCanceled":false,"queryPreset":"ASA Premium"}

type ScanResult

type ScanResult struct {
	Type                 string
	ResultID             string `json:"id"`
	SimilarityID         int64  `json:"similarityId,string"`
	Status               string
	State                string
	Severity             string
	CreatedAt            string `json:"created"`
	FirstFoundAt         string
	FoundAt              string
	FirstScanId          string
	Description          string
	Data                 ScanResultData
	VulnerabilityDetails ScanResultDetails
}

type ScanResultData

type ScanResultData struct {
	QueryID      uint64
	QueryName    string
	Group        string
	ResultHash   string
	LanguageName string
	Nodes        []ScanResultNodes
}

type ScanResultDetails

type ScanResultDetails struct {
	CweId       int
	Compliances []string
}

type ScanResultNodes

type ScanResultNodes struct {
	ID          string
	Line        int
	Name        string
	Column      int
	Length      int
	Method      string
	NodeID      int
	DOMType     string
	FileName    string
	FullName    string
	TypeName    string
	MethodLine  int
	Definitions string
}

type ScanStatusDetails

type ScanStatusDetails struct {
	Name    string `json:"name"`
	Status  string `json:"status"`
	Details string `json:"details"`
}

Cx1: StatusDetails - details of each engine type's scan status for a multi-engine scan

type ScanSummary

type ScanSummary struct {
	TenantID     string
	ScanID       string
	SASTCounters struct {
		//QueriesCounters           []?
		//SinkFileCounters          []?
		LanguageCounters []struct {
			Language string
			Counter  uint64
		}
		ComplianceCounters []struct {
			Compliance string
			Counter    uint64
		}
		SeverityCounters []struct {
			Severity string
			Counter  uint64
		}
		StatusCounters []struct {
			Status  string
			Counter uint64
		}
		StateCounters []struct {
			State   string
			Counter uint64
		}
		TotalCounter        uint64
		FilesScannedCounter uint64
	}
}

Very simplified for now

func (*ScanSummary) TotalCount

func (s *ScanSummary) TotalCount() uint64

type Status

type Status struct {
	ID      int               `json:"id"`
	Name    string            `json:"name"`
	Details ScanStatusDetails `json:"details"`
}

Status - Status Structure

type System

type System interface {
	DownloadReport(reportID string) ([]byte, error)
	GetReportStatus(reportID string) (ReportStatus, error)
	RequestNewReport(scanID, projectID, branch, reportType string) (string, error)

	CreateApplication(appname string) (Application, error)
	GetApplicationByName(appname string) (Application, error)
	GetApplicationByID(appId string) (Application, error)
	UpdateApplication(app *Application) error

	GetScan(scanID string) (Scan, error)
	GetScanMetadata(scanID string) (ScanMetadata, error)
	GetScanResults(scanID string, limit uint64) ([]ScanResult, error)
	GetScanSummary(scanID string) (ScanSummary, error)
	GetResultsPredicates(SimilarityID int64, ProjectID string) ([]ResultsPredicates, error)
	GetScanWorkflow(scanID string) ([]WorkflowLog, error)
	GetLastScans(projectID string, limit int) ([]Scan, error)
	GetLastScansByStatus(projectID string, limit int, status []string) ([]Scan, error)

	ScanProject(projectID, sourceUrl, branch, scanType string, settings []ScanConfiguration) (Scan, error)
	ScanProjectZip(projectID, sourceUrl, branch string, settings []ScanConfiguration) (Scan, error)
	ScanProjectGit(projectID, repoUrl, branch string, settings []ScanConfiguration) (Scan, error)

	UploadProjectSourceCode(projectID string, zipFile string) (string, error)
	CreateProject(projectName string, groupIDs []string) (Project, error)
	CreateProjectInApplication(projectName, applicationID string, groupIDs []string) (Project, error)
	GetPresets() ([]Preset, error)
	GetProjectByID(projectID string) (Project, error)
	GetProjectsByName(projectName string) ([]Project, error)
	GetProjectsByNameAndGroup(projectName, groupID string) ([]Project, error)
	GetProjects() ([]Project, error)
	GetQueries() ([]Query, error)
	//GetShortDescription(scanID int, pathID int) (ShortDescription, error)
	GetGroups() ([]Group, error)
	GetGroupByName(groupName string) (Group, error)
	GetGroupByID(groupID string) (Group, error)
	SetProjectBranch(projectID, branch string, allowOverride bool) error
	SetProjectPreset(projectID, presetName string, allowOverride bool) error
	SetProjectLanguageMode(projectID, languageMode string, allowOverride bool) error
	SetProjectFileFilter(projectID, filter string, allowOverride bool) error

	GetProjectConfiguration(projectID string) ([]ProjectConfigurationSetting, error)
	UpdateProjectConfiguration(projectID string, settings []ProjectConfigurationSetting) error

	GetVersion() (VersionInfo, error)
}

System is the interface abstraction of a specific SystemIns

type SystemInstance

type SystemInstance struct {
	APIKey string // New for Cx1
	// contains filtered or unexported fields
}

SystemInstance is the client communicating with the Checkmarx backend

func NewSystemInstance

func NewSystemInstance(client piperHttp.Uploader, serverURL, iamURL, tenant, APIKey, client_id, client_secret string) (*SystemInstance, error)

NewSystemInstance returns a new Checkmarx client for communicating with the backend Updated for Cx1

func (*SystemInstance) CreateApplication

func (sys *SystemInstance) CreateApplication(appname string) (Application, error)

func (*SystemInstance) CreateProject

func (sys *SystemInstance) CreateProject(projectName string, groupIDs []string) (Project, error)

CreateProject creates a new project in the Checkmarx backend Updated for Cx1

func (*SystemInstance) CreateProjectInApplication added in v1.308.0

func (sys *SystemInstance) CreateProjectInApplication(projectName, applicationID string, groupIDs []string) (Project, error)

func (*SystemInstance) DownloadReport

func (sys *SystemInstance) DownloadReport(reportUrl string) ([]byte, error)

DownloadReport downloads the report addressed by reportID and returns the XML contents

func (*SystemInstance) GetApplicationByID added in v1.308.0

func (sys *SystemInstance) GetApplicationByID(appId string) (Application, error)

func (*SystemInstance) GetApplicationByName

func (sys *SystemInstance) GetApplicationByName(name string) (Application, error)

func (*SystemInstance) GetApplicationsByName

func (sys *SystemInstance) GetApplicationsByName(name string, limit uint64) ([]Application, error)

func (*SystemInstance) GetGroupByID

func (sys *SystemInstance) GetGroupByID(groupID string) (Group, error)

New for Cx1

func (*SystemInstance) GetGroupByName

func (sys *SystemInstance) GetGroupByName(groupName string) (Group, error)

New for Cx1

func (*SystemInstance) GetGroups

func (sys *SystemInstance) GetGroups() ([]Group, error)

Updated for Cx1

func (*SystemInstance) GetLastScans

func (sys *SystemInstance) GetLastScans(projectID string, limit int) ([]Scan, error)

func (*SystemInstance) GetLastScansByStatus

func (sys *SystemInstance) GetLastScansByStatus(projectID string, limit int, status []string) ([]Scan, error)

func (*SystemInstance) GetPresets

func (sys *SystemInstance) GetPresets() ([]Preset, error)

func (*SystemInstance) GetProjectByID

func (sys *SystemInstance) GetProjectByID(projectID string) (Project, error)

GetProjectByID returns the project addressed by projectID from the Checkmarx backend which the user has access to Updated for Cx1

func (*SystemInstance) GetProjectConfiguration

func (sys *SystemInstance) GetProjectConfiguration(projectID string) ([]ProjectConfigurationSetting, error)

func (*SystemInstance) GetProjects

func (sys *SystemInstance) GetProjects() ([]Project, error)

GetProjects returns the projects defined in the Checkmarx backend which the user has access to

func (*SystemInstance) GetProjectsByName

func (sys *SystemInstance) GetProjectsByName(projectName string) ([]Project, error)

GetProjectsByNameAndGroup returns the project addressed by project name from the Checkmarx backend which the user has access to Updated for Cx1

func (*SystemInstance) GetProjectsByNameAndGroup

func (sys *SystemInstance) GetProjectsByNameAndGroup(projectName, groupID string) ([]Project, error)

GetProjectsByNameAndGroup returns the project addressed by project name from the Checkmarx backend which the user has access to Updated for Cx1

func (*SystemInstance) GetQueries

func (sys *SystemInstance) GetQueries() ([]Query, error)

func (*SystemInstance) GetReportStatus

func (sys *SystemInstance) GetReportStatus(reportID string) (ReportStatus, error)

GetReportStatus returns the status of the report generation process

func (*SystemInstance) GetResultsPredicates

func (sys *SystemInstance) GetResultsPredicates(SimilarityID int64, ProjectID string) ([]ResultsPredicates, error)

func (*SystemInstance) GetScan

func (sys *SystemInstance) GetScan(scanID string) (Scan, error)

GetScans returns all scan status on the project addressed by projectID

func (*SystemInstance) GetScanMetadata

func (sys *SystemInstance) GetScanMetadata(scanID string) (ScanMetadata, error)

func (*SystemInstance) GetScanResults

func (sys *SystemInstance) GetScanResults(scanID string, limit uint64) ([]ScanResult, error)

func (*SystemInstance) GetScanSummary

func (sys *SystemInstance) GetScanSummary(scanID string) (ScanSummary, error)

func (*SystemInstance) GetScanWorkflow

func (sys *SystemInstance) GetScanWorkflow(scanID string) ([]WorkflowLog, error)

func (*SystemInstance) GetUploadURI

func (sys *SystemInstance) GetUploadURI() (string, error)

New for Cx1

func (*SystemInstance) GetVersion added in v1.328.0

func (sys *SystemInstance) GetVersion() (VersionInfo, error)

func (*SystemInstance) RequestNewReport

func (sys *SystemInstance) RequestNewReport(scanID, projectID, branch, reportType string) (string, error)

RequestNewReport triggers the generation of a report for a specific scan addressed by scanID

func (*SystemInstance) ScanProject

func (sys *SystemInstance) ScanProject(projectID, sourceUrl, branch, scanType string, settings []ScanConfiguration) (Scan, error)

func (*SystemInstance) ScanProjectGit

func (sys *SystemInstance) ScanProjectGit(projectID, repoUrl, branch string, settings []ScanConfiguration) (Scan, error)

func (*SystemInstance) ScanProjectZip

func (sys *SystemInstance) ScanProjectZip(projectID, sourceUrl, branch string, settings []ScanConfiguration) (Scan, error)

func (*SystemInstance) SetProjectBranch

func (sys *SystemInstance) SetProjectBranch(projectID, branch string, allowOverride bool) error

func (*SystemInstance) SetProjectFileFilter

func (sys *SystemInstance) SetProjectFileFilter(projectID, filter string, allowOverride bool) error

func (*SystemInstance) SetProjectLanguageMode

func (sys *SystemInstance) SetProjectLanguageMode(projectID, languageMode string, allowOverride bool) error

func (*SystemInstance) SetProjectPreset

func (sys *SystemInstance) SetProjectPreset(projectID, presetName string, allowOverride bool) error

func (*SystemInstance) UpdateApplication

func (sys *SystemInstance) UpdateApplication(app *Application) error

func (*SystemInstance) UpdateProjectConfiguration

func (sys *SystemInstance) UpdateProjectConfiguration(projectID string, settings []ProjectConfigurationSetting) error

func (*SystemInstance) UploadProjectSourceCode

func (sys *SystemInstance) UploadProjectSourceCode(projectID string, zipFile string) (string, error)

type VersionInfo added in v1.328.0

type VersionInfo struct {
	CxOne string `json:"CxOne"`
	KICS  string `json:"KICS"`
	SAST  string `json:"SAST"`
}

type WorkflowLog

type WorkflowLog struct {
	Source    string `json:"Source"`
	Info      string `json:"Info"`
	Timestamp string `json:"Timestamp"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL