checkmarx

package
v1.366.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 10, 2024 License: Apache-2.0 Imports: 21 Imported by: 3

Documentation

Index

Constants

View Source
const ReportsDirectory = "checkmarx"

ReportsDirectory defines the subfolder for the Checkmarx reports which are generated

Variables

This section is empty.

Functions

func ConvertCxxmlToSarif added in v1.214.0

func ConvertCxxmlToSarif(sys System, xmlReportName string, scanID int) (format.SARIF, error)

ConvertCxxmlToSarif is the entrypoint for the Parse function

func CreateCustomReport added in v1.152.0

func CreateCustomReport(data map[string]interface{}, insecure, neutral []string) reporting.ScanReport

func Parse added in v1.214.0

func Parse(sys System, data []byte, scanID int) (format.SARIF, error)

Parse function

func WriteCustomReports added in v1.152.0

func WriteCustomReports(scanReport reporting.ScanReport, projectName, projectID string) ([]piperutils.Path, error)

func WriteJSONReport added in v1.199.0

func WriteJSONReport(jsonReport CheckmarxReportData) ([]piperutils.Path, error)

func WriteSarif added in v1.214.0

func WriteSarif(sarif format.SARIF) ([]piperutils.Path, error)

WriteSarif writes a json file to disk as a .sarif if it respects the specification declared in format.SARIF

Types

type AuthToken

type AuthToken struct {
	TokenType   string `json:"token_type"`
	AccessToken string `json:"access_token"`
	ExpiresIn   int    `json:"expires_in"`
}

AuthToken - Structure to store OAuth2 token

type BranchingStatus added in v1.266.0

type BranchingStatus struct {
	ID    int    `json:"id"`
	Value string `json:"value"`
}

type CheckmarxReportData added in v1.199.0

type CheckmarxReportData struct {
	ToolName             string         `json:"toolName"`
	ProjectName          string         `json:"projectName"`
	ProjectID            int64          `json:"projectID"`
	ScanID               int64          `json:"scanID"`
	TeamName             string         `json:"teamName"`
	TeamPath             string         `json:"teamPath"`
	DeepLink             string         `json:"deepLink"`
	Preset               string         `json:"preset"`
	CheckmarxVersion     string         `json:"checkmarxVersion"`
	ScanType             string         `json:"scanType"`
	HighTotal            int            `json:"highTotal"`
	HighAudited          int            `json:"highAudited"`
	MediumTotal          int            `json:"mediumTotal"`
	MediumAudited        int            `json:"mediumAudited"`
	LowTotal             int            `json:"lowTotal"`
	LowAudited           int            `json:"lowAudited"`
	InformationTotal     int            `json:"informationTotal"`
	InformationAudited   int            `json:"informationAudited"`
	IsLowPerQueryAudited bool           `json:"isLowPerQueryAudited"`
	LowPerQuery          *[]LowPerQuery `json:"lowPerQuery"`
}

func CreateJSONReport added in v1.199.0

func CreateJSONReport(data map[string]interface{}) CheckmarxReportData

type CxXMLResults added in v1.214.0

type CxXMLResults struct {
	XMLName                  xml.Name     `xml:"CxXMLResults"`
	InitiatorName            string       `xml:"InitiatorName,attr"`
	Owner                    string       `xml:"Owner,attr"`
	ScanID                   string       `xml:"ScanId,attr"`
	ProjectID                string       `xml:"ProjectId,attr"`
	ProjectName              string       `xml:"ProjectName,attr"`
	TeamFullPathOnReportDate string       `xml:"TeamFullPathOnReportDate,attr"`
	DeepLink                 string       `xml:"DeepLink,attr"`
	ScanStart                string       `xml:"ScanStart,attr"`
	Preset                   string       `xml:"Preset,attr"`
	ScanTime                 string       `xml:"ScanTime,attr"`
	LinesOfCodeScanned       string       `xml:"LinesOfCodeScanned,attr"`
	FilesScanned             string       `xml:"FilesScanned,attr"`
	ReportCreationTime       string       `xml:"ReportCreationTime,attr"`
	Team                     string       `xml:"Team,attr"`
	CheckmarxVersion         string       `xml:"CheckmarxVersion,attr"`
	ScanComments             string       `xml:"ScanComments,attr"`
	ScanType                 string       `xml:"ScanType,attr"`
	SourceOrigin             string       `xml:"SourceOrigin,attr"`
	Visibility               string       `xml:"Visibility,attr"`
	Query                    []CxxmlQuery `xml:"Query"`
}

CxXMLResults : This struct encapsulates everyting in the Cx XML document

type CxxmlQuery added in v1.214.0

type CxxmlQuery struct {
	XMLName            xml.Name      `xml:"Query"`
	ID                 string        `xml:"id,attr"`
	Categories         string        `xml:"categories,attr"`
	CweID              string        `xml:"cweId,attr"`
	Name               string        `xml:"name,attr"`
	Group              string        `xml:"group,attr"`
	Severity           string        `xml:"Severity,attr"`
	Language           string        `xml:"Language,attr"`
	LanguageHash       string        `xml:"LanguageHash,attr"`
	LanguageChangeDate string        `xml:"LanguageChangeDate,attr"`
	SeverityIndex      int           `xml:"SeverityIndex,attr"`
	QueryPath          string        `xml:"QueryPath,attr"`
	QueryVersionCode   string        `xml:"QueryVersionCode,attr"`
	Result             []CxxmlResult `xml:"Result"`
}

CxxmlQuery CxxmlQuery

type CxxmlResult added in v1.214.0

type CxxmlResult struct {
	XMLName       xml.Name `xml:"Result"`
	NodeID        string   `xml:"NodeId,attr"`
	FileName      string   `xml:"FileName,attr"`
	Status        string   `xml:"Status,attr"`
	Line          int      `xml:"Line,attr"`
	Column        int      `xml:"Column,attr"`
	FalsePositive bool     `xml:"FalsePositive,attr"`
	Severity      string   `xml:"Severity,attr"`
	AssignToUser  string   `xml:"AssignToUser,attr"`
	State         int      `xml:"state,attr"`
	Remark        string   `xml:"Remark,attr"`
	DeepLink      string   `xml:"DeepLink,attr"`
	SeverityIndex int      `xml:"SeverityIndex,attr"`
	StatusIndex   int      `xml:"StatusIndex,attr"`
	DetectionDate string   `xml:"DetectionDate,attr"`
	Path          Path     `xml:"Path"`
}

CxxmlResult CxxmlResult

type DetailedResult

type DetailedResult struct {
	XMLName                  xml.Name `xml:"CxXMLResults"`
	InitiatorName            string   `xml:"InitiatorName,attr"`
	ScanID                   string   `xml:"ScanId,attr"`
	Owner                    string   `xml:"Owner,attr"`
	ProjectID                string   `xml:"ProjectId,attr"`
	ProjectName              string   `xml:"ProjectName,attr"`
	TeamFullPathOnReportDate string   `xml:"TeamFullPathOnReportDate,attr"`
	DeepLink                 string   `xml:"DeepLink,attr"`
	ScanStart                string   `xml:"ScanStart,attr"`
	Preset                   string   `xml:"Preset,attr"`
	ScanTime                 string   `xml:"ScanTime,attr"`
	LinesOfCodeScanned       int      `xml:"LinesOfCodeScanned,attr"`
	FilesScanned             int      `xml:"FilesScanned,attr"`
	ReportCreationTime       string   `xml:"ReportCreationTime,attr"`
	Team                     string   `xml:"Team,attr"`
	CheckmarxVersion         string   `xml:"CheckmarxVersion,attr"`
	ScanType                 string   `xml:"ScanType,attr"`
	SourceOrigin             string   `xml:"SourceOrigin,attr"`
	Visibility               string   `xml:"Visibility,attr"`
	Queries                  []Query  `xml:"Query"`
}

DetailedResult - DetailedResult Structure

type EngineConfigurationLink struct {
	EngineConfigurationID int  `json:"id"`
	Link                  Link `json:"link"`
}

EngineConfigurationLink - engine configuration link found in ScanSettings response

type Line added in v1.214.0

type Line struct {
	XMLName xml.Name `xml:"Line"`
	Number  int      `xml:"Number"`
	Code    string   `xml:"Code"`
}

Line Line

type Link struct {
	Rel string `json:"rel"`
	URI string `json:"uri"`
}

Link - Link Structure

type Links struct {
	Report Link `json:"report"`
	Status Link `json:"status"`
}

Links - Links Structure

type LowPerQuery added in v1.237.0

type LowPerQuery struct {
	QueryName string `json:"query"`
	Audited   int    `json:"audited"`
	Total     int    `json:"total"`
}

type Path added in v1.214.0

type Path struct {
	XMLName           xml.Name   `xml:"Path"`
	ResultID          string     `xml:"ResultId,attr"`
	PathID            int        `xml:"PathId,attr"`
	SimilarityID      string     `xml:"SimilarityId,attr"`
	SourceMethod      string     `xml:"SourceMethod,attr"`
	DestinationMethod string     `xml:"DestinationMethod,attr"`
	PathNode          []PathNode `xml:"PathNode"`
}

Path Path

type PathNode added in v1.214.0

type PathNode struct {
	XMLName  xml.Name `xml:"PathNode"`
	FileName string   `xml:"FileName"`
	Line     int      `xml:"Line"`
	Column   int      `xml:"Column"`
	NodeID   int      `xml:"NodeId"`
	Name     string   `xml:"Name"`
	Type     string   `xml:"Type"`
	Length   int      `xml:"Length"`
	Snippet  Snippet  `xml:"Snippet"`
}

PathNode PathNode

type Preset

type Preset struct {
	ID        int    `json:"id"`
	Name      string `json:"name"`
	OwnerName string `json:"ownerName"`
	Link      Link   `json:"link"`
}

Preset - Project's Preset

type PresetLink struct {
	PresetID int  `json:"id"`
	Link     Link `json:"link"`
}

PresetLink - preset link found in ScanSettings response

type Project

type Project struct {
	ID                 int                `json:"id"`
	TeamID             string             `json:"teamId"`
	Name               string             `json:"name"`
	IsPublic           bool               `json:"isPublic"`
	SourceSettingsLink SourceSettingsLink `json:"sourceSettingsLink"`
	Link               Link               `json:"link"`
}

Project - Project Structure

type ProjectBranchingResponse added in v1.266.0

type ProjectBranchingResponse struct {
	ID   int  `json:"id"`
	Link Link `json:"link"`
}

ProjectBranchingResponse - ProjectBranchingResponse Structure

type ProjectBranchingStatusResponse added in v1.266.0

type ProjectBranchingStatusResponse struct {
	ID                int             `json:"id"`
	OriginalProjectId int             `json:"originalProjectId"`
	BranchedProjectId int             `json:"branchedProjectId"`
	Status            BranchingStatus `json:"status"`
	ErrorMessage      string          `json:"errorMessage"`
}

ProjectBranchingStatusResponse - ProjectBranchingStatusResponse Structure

type ProjectCreateResult

type ProjectCreateResult struct {
	ID   int  `json:"id"`
	Link Link `json:"link"`
}

ProjectCreateResult - ProjectCreateResult Structure

type ProjectLink struct {
	ProjectID int  `json:"id"`
	Link      Link `json:"link"`
}

ProjectLink - project link found in ScanSettings response

type Query

type Query struct {
	XMLName xml.Name `xml:"Query"`
	Name    string   `xml:"name,attr"`
	Results []Result `xml:"Result"`
}

Query - Query Structure

type Report

type Report struct {
	ReportID int   `json:"reportId"`
	Links    Links `json:"links"`
}

Report - Report Structure

type ReportStatus

type ReportStatus struct {
	ID    int    `json:"id"`
	Value string `json:"value"`
}

ReportStatus - ReportStatus Structure

type ReportStatusResponse

type ReportStatusResponse struct {
	Location    string       `json:"location"`
	ContentType string       `json:"contentType"`
	Status      ReportStatus `json:"status"`
}

ReportStatusResponse - ReportStatusResponse Structure

type Result

type Result struct {
	XMLName       xml.Name `xml:"Result"`
	State         string   `xml:"state,attr"`
	Severity      string   `xml:"Severity,attr"`
	FalsePositive string   `xml:"FalsePositive,attr"`
}

Result - Result Structure

type ResultsStatistics

type ResultsStatistics struct {
	High   int `json:"highSeverity"`
	Medium int `json:"mediumSeverity"`
	Low    int `json:"lowSeverity"`
	Info   int `json:"infoSeverity"`
}

ResultsStatistics - ResultsStatistics Structure

type Scan

type Scan struct {
	ID   int  `json:"id"`
	Link Link `json:"link"`
}

Scan - Scan Structure

type ScanSettings added in v1.222.0

type ScanSettings struct {
	Project             ProjectLink             `json:"project"`
	Preset              PresetLink              `json:"preset"`
	EngineConfiguration EngineConfigurationLink `json:"engineConfiguration" `
}

ScanSettings - scan settings at project level

type ScanStatus

type ScanStatus struct {
	ID            int    `json:"id"`
	Link          Link   `json:"link"`
	Status        Status `json:"status"`
	ScanType      string `json:"scanType"`
	Comment       string `json:"comment"`
	IsIncremental bool   `json:"isIncremental"`
}

ScanStatus - ScanStatus Structure

type ScanStatusDetail

type ScanStatusDetail struct {
	Stage string `json:"stage"`
	Step  string `json:"step"`
}

ScanStatusDetail - ScanStatusDetail Structure

type ShortDescription added in v1.224.0

type ShortDescription struct {
	Text string `json:"shortDescription"`
}

type Snippet added in v1.214.0

type Snippet struct {
	XMLName xml.Name `xml:"Snippet"`
	Line    Line     `xml:"Line"`
}

Snippet Snippet

type SourceSettingsLink struct {
	Type string `json:"type"`
	Rel  string `json:"rel"`
	URI  string `json:"uri"`
}

SourceSettingsLink - SourceSettingsLink Structure

type Status

type Status struct {
	ID      int              `json:"id"`
	Name    string           `json:"name"`
	Details ScanStatusDetail `json:"details"`
}

Status - Status Structure

type System

type System interface {
	FilterPresetByName(presets []Preset, presetName string) Preset
	FilterPresetByID(presets []Preset, presetID int) Preset
	FilterProjectByName(projects []Project, projectName string) Project
	FilterTeamByName(teams []Team, teamName string) (Team, error)
	FilterTeamByID(teams []Team, teamID json.RawMessage) Team
	DownloadReport(reportID int) ([]byte, error)
	GetReportStatus(reportID int) (ReportStatusResponse, error)
	RequestNewReport(scanID int, reportType string) (Report, error)
	GetResults(scanID int) ResultsStatistics
	GetScanStatusAndDetail(scanID int) (string, ScanStatusDetail)
	GetScans(projectID int) ([]ScanStatus, error)
	ScanProject(projectID int, isIncremental, isPublic, forceScan bool) (Scan, error)
	UpdateProjectConfiguration(projectID int, presetID int, engineConfigurationID string) error
	UpdateProjectExcludeSettings(projectID int, excludeFolders string, excludeFiles string) error
	UploadProjectSourceCode(projectID int, zipFile string) error
	CreateProject(projectName, teamID string) (ProjectCreateResult, error)
	CreateBranch(projectID int, branchName string) int
	GetPresets() []Preset
	GetProjectByID(projectID int) (Project, error)
	GetProjectsByNameAndTeam(projectName, teamID string) ([]Project, error)
	GetProjects() ([]Project, error)
	GetShortDescription(scanID int, pathID int) (ShortDescription, error)
	GetTeams() []Team
}

System is the interface abstraction of a specific SystemIns

type SystemInstance

type SystemInstance struct {
	// contains filtered or unexported fields
}

SystemInstance is the client communicating with the Checkmarx backend

func NewSystemInstance

func NewSystemInstance(client piperHttp.Uploader, serverURL, username, password string) (*SystemInstance, error)

NewSystemInstance returns a new Checkmarx client for communicating with the backend

func (*SystemInstance) CreateBranch

func (sys *SystemInstance) CreateBranch(projectID int, branchName string) int

CreateBranch creates a branch of an existing project in the Checkmarx backend

func (*SystemInstance) CreateProject

func (sys *SystemInstance) CreateProject(projectName, teamID string) (ProjectCreateResult, error)

CreateProject creates a new project in the Checkmarx backend

func (*SystemInstance) DownloadReport

func (sys *SystemInstance) DownloadReport(reportID int) ([]byte, error)

DownloadReport downloads the report addressed by reportID and returns the XML contents

func (*SystemInstance) FilterPresetByID

func (sys *SystemInstance) FilterPresetByID(presets []Preset, presetID int) Preset

FilterPresetByID filters a preset by its name

func (*SystemInstance) FilterPresetByName

func (sys *SystemInstance) FilterPresetByName(presets []Preset, presetName string) Preset

FilterPresetByName filters a preset by its name

func (*SystemInstance) FilterProjectByName

func (sys *SystemInstance) FilterProjectByName(projects []Project, projectName string) Project

FilterProjectByName filters a project by its name

func (*SystemInstance) FilterTeamByID

func (sys *SystemInstance) FilterTeamByID(teams []Team, teamID json.RawMessage) Team

FilterTeamByID filters a team by its ID

func (*SystemInstance) FilterTeamByName

func (sys *SystemInstance) FilterTeamByName(teams []Team, teamName string) (Team, error)

FilterTeamByName filters a team by its name

func (*SystemInstance) GetPresets

func (sys *SystemInstance) GetPresets() []Preset

GetPresets loads the preset values defined in the Checkmarx backend

func (*SystemInstance) GetProjectByID

func (sys *SystemInstance) GetProjectByID(projectID int) (Project, error)

GetProjectByID returns the project addressed by projectID from the Checkmarx backend which the user has access to

func (*SystemInstance) GetProjects

func (sys *SystemInstance) GetProjects() ([]Project, error)

GetProjects returns the projects defined in the Checkmarx backend which the user has access to

func (*SystemInstance) GetProjectsByNameAndTeam

func (sys *SystemInstance) GetProjectsByNameAndTeam(projectName, teamID string) ([]Project, error)

GetProjectsByNameAndTeam returns the project addressed by projectID from the Checkmarx backend which the user has access to

func (*SystemInstance) GetReportStatus

func (sys *SystemInstance) GetReportStatus(reportID int) (ReportStatusResponse, error)

GetReportStatus returns the status of the report generation process

func (*SystemInstance) GetResults

func (sys *SystemInstance) GetResults(scanID int) ResultsStatistics

GetResults returns the results of the scan addressed by scanID

func (*SystemInstance) GetScanStatusAndDetail

func (sys *SystemInstance) GetScanStatusAndDetail(scanID int) (string, ScanStatusDetail)

GetScanStatusAndDetail returns the status of the scan addressed by scanID

func (*SystemInstance) GetScans

func (sys *SystemInstance) GetScans(projectID int) ([]ScanStatus, error)

GetScans returns all scan status on the project addressed by projectID

func (*SystemInstance) GetShortDescription added in v1.224.0

func (sys *SystemInstance) GetShortDescription(scanID int, pathID int) (ShortDescription, error)

GetShortDescription returns the short description for an issue with a scanID and pathID

func (*SystemInstance) GetTeams

func (sys *SystemInstance) GetTeams() []Team

GetTeams returns the teams the user is assigned to

func (*SystemInstance) RequestNewReport

func (sys *SystemInstance) RequestNewReport(scanID int, reportType string) (Report, error)

RequestNewReport triggers the generation of a report for a specific scan addressed by scanID

func (*SystemInstance) ScanProject

func (sys *SystemInstance) ScanProject(projectID int, isIncremental, isPublic, forceScan bool) (Scan, error)

ScanProject triggers a scan on the project addressed by projectID

func (*SystemInstance) UpdateProjectConfiguration

func (sys *SystemInstance) UpdateProjectConfiguration(projectID int, presetID int, engineConfigurationID string) error

UpdateProjectConfiguration updates the configuration of the project addressed by projectID

func (*SystemInstance) UpdateProjectExcludeSettings

func (sys *SystemInstance) UpdateProjectExcludeSettings(projectID int, excludeFolders string, excludeFiles string) error

UpdateProjectExcludeSettings updates the exclude configuration of the project

func (*SystemInstance) UploadProjectSourceCode

func (sys *SystemInstance) UploadProjectSourceCode(projectID int, zipFile string) error

UploadProjectSourceCode zips and uploads the project sources for scanning

type Team

type Team struct {
	ID       json.RawMessage `json:"id"`
	FullName string          `json:"fullName"`
}

Team - Team Structure

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL