From 635733e2c20da1d9eb3eeca791735f2d43ec7392 Mon Sep 17 00:00:00 2001 From: ilandn Date: Thu, 10 Nov 2022 09:31:54 -0600 Subject: [PATCH 1/4] bugid: Proxy - global support CR_by: n/a --- build/pom.xml | 2 +- cxplugin-agent/pom.xml | 2 +- .../teamcity/agent/CxConfigHelper.java | 324 +++--- cxplugin-common/pom.xml | 2 +- .../checkmarx/teamcity/common/CxParam.java | 28 +- cxplugin-server/pom.xml | 2 +- .../server/CxAdminPageController.java | 3 + .../checkmarx/teamcity/server/CxOptions.java | 107 +- .../server/TestConnectionController.java | 63 +- .../server/TestConnectionRequest.java | 54 + .../buildServerResources/adminPage.jsp | 1018 +++++++++-------- .../buildServerResources/editRunParams.jsp | 644 ++++++----- .../buildServerResources/testConnection.js | 6 + pom.xml | 4 +- 14 files changed, 1288 insertions(+), 971 deletions(-) diff --git a/build/pom.xml b/build/pom.xml index 24aeb9f..8dae129 100644 --- a/build/pom.xml +++ b/build/pom.xml @@ -4,7 +4,7 @@ cxplugin com.checkmarx.teamcity - 2022.2.1 + 2022.2.2 build pom diff --git a/cxplugin-agent/pom.xml b/cxplugin-agent/pom.xml index 6e92c26..deaae73 100644 --- a/cxplugin-agent/pom.xml +++ b/cxplugin-agent/pom.xml @@ -5,7 +5,7 @@ cxplugin com.checkmarx.teamcity - 2022.2.1 + 2022.2.2 cxplugin-agent jar diff --git a/cxplugin-agent/src/main/java/com/checkmarx/teamcity/agent/CxConfigHelper.java b/cxplugin-agent/src/main/java/com/checkmarx/teamcity/agent/CxConfigHelper.java index c737081..32d1c0b 100644 --- a/cxplugin-agent/src/main/java/com/checkmarx/teamcity/agent/CxConfigHelper.java +++ b/cxplugin-agent/src/main/java/com/checkmarx/teamcity/agent/CxConfigHelper.java @@ -4,9 +4,10 @@ import com.checkmarx.teamcity.common.InvalidParameterException; import com.cx.restclient.ast.dto.sca.AstScaConfig; import com.cx.restclient.configuration.CxScanConfig; +import com.cx.restclient.dto.ProxyConfig; import com.cx.restclient.dto.ScannerType; -import com.cx.restclient.sast.utils.LegacyClient; import com.cx.restclient.exception.CxClientException; +import com.cx.restclient.sast.utils.LegacyClient; import com.cx.restclient.sca.utils.CxSCAFileSystemUtils; import jetbrains.buildServer.agent.AgentRunningBuild; import org.apache.commons.lang3.StringUtils; @@ -33,21 +34,20 @@ public class CxConfigHelper { private static final String PARAMETER_SUFFIX = "] must be positive integer. Actual value: "; private static String teamPath; private static LegacyClient commonClient = null; - public static CxScanConfig resolveConfigurations(Map buildParameters, Map globalParameters, File checkoutDirectory, - File reportDirectory, Map otherParameters, AgentRunningBuild agentRunningBuild, CxLoggerAdapter logger) throws InvalidParameterException, UnsupportedEncodingException { - + public static CxScanConfig resolveConfigurations(Map buildParameters, Map globalParameters, File checkoutDirectory, + File reportDirectory, Map otherParameters, AgentRunningBuild agentRunningBuild, CxLoggerAdapter logger) throws InvalidParameterException, UnsupportedEncodingException { CxScanConfig ret = new CxScanConfig(); //to support builds that were configured before this parameter, allow sast scan if parameter is null. ret.setSastEnabled(buildParameters.get(SAST_ENABLED) == null || TRUE.equals(buildParameters.get(SAST_ENABLED))); - + String originUrl = CxUtility.getCxOriginUrl(agentRunningBuild); ret.setCxOriginUrl(originUrl); String cxOrigin = CxUtility.getCxOrigin(agentRunningBuild); ret.setCxOrigin(cxOrigin); - logger.info("CxOrigin : "+ cxOrigin); - logger.info("CxOrigin URL : "+ originUrl); - + logger.info("CxOrigin : " + cxOrigin); + logger.info("CxOrigin URL : " + originUrl); + ret.setSourceDir(checkoutDirectory.getAbsolutePath()); ret.setReportsDir(reportDirectory); String isProxyVar = System.getProperty("cx.isproxy"); @@ -57,28 +57,28 @@ public static CxScanConfig resolveConfigurations(Map buildParame ret.setUrl(validateNotEmpty(globalParameters.get(GLOBAL_SERVER_URL), GLOBAL_SERVER_URL)); ret.setUsername(validateNotEmpty(globalParameters.get(GLOBAL_USERNAME), GLOBAL_USERNAME)); ret.setPassword(decrypt(validateNotEmpty(globalParameters.get(GLOBAL_PASSWORD), GLOBAL_PASSWORD))); + setProxySetting(globalParameters, ret); } else { ret.setUrl(validateNotEmpty(buildParameters.get(SERVER_URL), SERVER_URL)); ret.setUsername(validateNotEmpty(buildParameters.get(USERNAME), USERNAME)); ret.setPassword(decrypt(validateNotEmpty(buildParameters.get(PASSWORD), PASSWORD))); } - ret.setProjectName(validateNotEmpty(buildParameters.get(PROJECT_NAME), PROJECT_NAME)); ret.setPresetId(convertToIntegerIfNotNull(buildParameters.get(PRESET_ID), PRESET_ID)); ret.setTeamId(validateNotEmpty(buildParameters.get(TEAM_ID), TEAM_ID)); try { - initializeCommonClient(ret, logger); - commonClient.login(); - teamPath = commonClient.getTeamNameById(buildParameters.get(TEAM_ID)); - } catch (Exception e) { + initializeCommonClient(ret, logger); + commonClient.login(); + teamPath = commonClient.getTeamNameById(buildParameters.get(TEAM_ID)); + } catch (Exception e) { logger.error("Failed to get team name by team id: " + e.getMessage()); } finally { if (commonClient != null) { commonClient.close(); } } - if(ret.isSastEnabled()){ + if (ret.isSastEnabled()) { if (TRUE.equals(buildParameters.get(USE_DEFAULT_SAST_CONFIG))) { ret.setSastFolderExclusions(globalParameters.get(GLOBAL_EXCLUDE_FOLDERS)); ret.setSastFilterPattern(globalParameters.get(GLOBAL_FILTER_PATTERNS)); @@ -92,13 +92,13 @@ public static CxScanConfig resolveConfigurations(Map buildParame ret.setScanComment(buildParameters.get(SCAN_COMMENT)); ret.setIncremental(TRUE.equals(buildParameters.get(IS_INCREMENTAL))); - - String periodicFullScan = (buildParameters.get(PERIODIC_FULL_SCAN) == null)? FALSE: buildParameters.get(PERIODIC_FULL_SCAN); + + String periodicFullScan = (buildParameters.get(PERIODIC_FULL_SCAN) == null) ? FALSE : buildParameters.get(PERIODIC_FULL_SCAN); int fullScanAfterNumberOfBuilds = -1; - if(TRUE.equalsIgnoreCase(periodicFullScan)) - fullScanAfterNumberOfBuilds = convertToIntegerIfNotNull(buildParameters.get(PERIODIC_FULL_SCAN_AFTER), PERIODIC_FULL_SCAN_AFTER); - - ret.setIncremental(isThisBuildIncremental(otherParameters.get(CX_BUILD_NUMBER),buildParameters.get(IS_INCREMENTAL),periodicFullScan, fullScanAfterNumberOfBuilds)); + if (TRUE.equalsIgnoreCase(periodicFullScan)) + fullScanAfterNumberOfBuilds = convertToIntegerIfNotNull(buildParameters.get(PERIODIC_FULL_SCAN_AFTER), PERIODIC_FULL_SCAN_AFTER); + + ret.setIncremental(isThisBuildIncremental(otherParameters.get(CX_BUILD_NUMBER), buildParameters.get(IS_INCREMENTAL), periodicFullScan, fullScanAfterNumberOfBuilds)); ret.setCustomFields(customFieldFormat(buildParameters.get(CUSTOM_FIELDS))); @@ -113,33 +113,29 @@ public static CxScanConfig resolveConfigurations(Map buildParame } - if (TRUE.equals(buildParameters.get(DEPENDENCY_SCAN_ENABLED))) - { + if (TRUE.equals(buildParameters.get(DEPENDENCY_SCAN_ENABLED))) { ScannerType scannerType; - if (TRUE.equals(buildParameters.get(OVERRIDE_GLOBAL_CONFIGURATIONS))) - { - ret.setOsaFilterPattern(buildParameters.get(OSA_FILTER_PATTERNS)); - if("SCA".equalsIgnoreCase(buildParameters.get(DEPENDENCY_SCANNER_TYPE))) { - scannerType = ScannerType.AST_SCA; - ret.setAstScaConfig(getScaConfig(buildParameters,globalParameters, false)); - } - else { - scannerType = ScannerType.OSA; - ret.setOsaArchiveIncludePatterns(buildParameters.get(OSA_ARCHIVE_INCLUDE_PATTERNS)); + if (TRUE.equals(buildParameters.get(OVERRIDE_GLOBAL_CONFIGURATIONS))) { + ret.setOsaFilterPattern(buildParameters.get(OSA_FILTER_PATTERNS)); + if ("SCA".equalsIgnoreCase(buildParameters.get(DEPENDENCY_SCANNER_TYPE))) { + scannerType = ScannerType.AST_SCA; + ret.setAstScaConfig(getScaConfig(buildParameters, globalParameters, false)); + } else { + scannerType = ScannerType.OSA; + ret.setOsaArchiveIncludePatterns(buildParameters.get(OSA_ARCHIVE_INCLUDE_PATTERNS)); ret.setOsaRunInstall(TRUE.equals(buildParameters.get(OSA_INSTALL_BEFORE_SCAN))); } - + } else { - ret.setOsaFilterPattern(globalParameters.get(GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS)); - if("SCA".equalsIgnoreCase(globalParameters.get(GLOBAL_DEPENDENCY_SCANNER_TYPE)) ) { - scannerType = ScannerType.AST_SCA; - ret.setAstScaConfig(getScaConfig(buildParameters,globalParameters, true)); - } - else { - scannerType = ScannerType.OSA; - ret.setOsaArchiveIncludePatterns(buildParameters.get(GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS)); + ret.setOsaFilterPattern(globalParameters.get(GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS)); + if ("SCA".equalsIgnoreCase(globalParameters.get(GLOBAL_DEPENDENCY_SCANNER_TYPE))) { + scannerType = ScannerType.AST_SCA; + ret.setAstScaConfig(getScaConfig(buildParameters, globalParameters, true)); + } else { + scannerType = ScannerType.OSA; + ret.setOsaArchiveIncludePatterns(buildParameters.get(GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS)); ret.setOsaRunInstall(TRUE.equals(buildParameters.get(GLOBAL_EXECUTE_DEPENDENCY_MANAGER))); - } + } } if (scannerType != null) { ret.addScannerType(scannerType); @@ -147,7 +143,6 @@ public static CxScanConfig resolveConfigurations(Map buildParame } - String thresholdEnabled = THRESHOLD_ENABLED; String highThreshold = HIGH_THRESHOLD; String mediumThreshold = MEDIUM_THRESHOLD; @@ -204,16 +199,16 @@ public static CxScanConfig resolveConfigurations(Map buildParame } private static void initializeCommonClient(CxScanConfig config, CxLoggerAdapter logger) { - try { - commonClient = CommonClientFactory.getInstance(config, logger); - } catch (Exception e) { - logger.debug("Failed to initialize cx client " + e.getMessage(), e); - commonClient = null; - } - } + try { + commonClient = CommonClientFactory.getInstance(config, logger); + } catch (Exception e) { + logger.debug("Failed to initialize cx client " + e.getMessage(), e); + commonClient = null; + } + } private static String customFieldFormat(String customFields) { - if(customFields != null && !customFields.isEmpty()) { + if (customFields != null && !customFields.isEmpty()) { customFields = customFields.replaceAll(":", "\":\""); customFields = customFields.replaceAll(",", "\",\""); customFields = "{\"".concat(customFields).concat("\"}"); @@ -221,11 +216,11 @@ private static String customFieldFormat(String customFields) { return customFields; } - private static AstScaConfig getScaConfig(Map buildParameters, Map globalParameters, boolean fromGlobal) throws InvalidParameterException{ - AstScaConfig scaConfig = new AstScaConfig(); - - if(fromGlobal) { - scaConfig.setAccessControlUrl(buildParameters.get(GLOBAL_SCA_ACCESS_CONTROL_URL)); + private static AstScaConfig getScaConfig(Map buildParameters, Map globalParameters, boolean fromGlobal) throws InvalidParameterException { + AstScaConfig scaConfig = new AstScaConfig(); + + if (fromGlobal) { + scaConfig.setAccessControlUrl(buildParameters.get(GLOBAL_SCA_ACCESS_CONTROL_URL)); scaConfig.setWebAppUrl(buildParameters.get(GLOBAL_SCA_WEB_APP_URL)); scaConfig.setApiUrl(buildParameters.get(GLOBAL_SCA_API_URL)); scaConfig.setPassword(decrypt(buildParameters.get(GLOBAL_SCA_PASSWORD))); @@ -235,44 +230,43 @@ private static AstScaConfig getScaConfig(Map buildParameters, Ma scaConfig.setIncludeSources(false); String scaEnvVars = buildParameters.get(GLOBAL_SCA_ENV_VARIABLE); - if(StringUtils.isNotEmpty(scaEnvVars)) - { - scaConfig.setEnvVariables(CxSCAFileSystemUtils.convertStringToKeyValueMap(scaEnvVars)); + if (StringUtils.isNotEmpty(scaEnvVars)) { + scaConfig.setEnvVariables(CxSCAFileSystemUtils.convertStringToKeyValueMap(scaEnvVars)); } String configFilePaths = buildParameters.get(GLOBAL_SCA_CONFIGFILE); - if (StringUtils.isNotEmpty(configFilePaths)) { - String[] strArrayFile = configFilePaths.split(","); - List trimmedConfigPaths = getTrimmedConfigPaths(strArrayFile); - scaConfig.setConfigFilePaths(trimmedConfigPaths); - } - - //set the exp path params - - String isExpPath = buildParameters.get(GLOBAL_IS_EXPLOITABLE_PATH); - if (TRUE.equals(isExpPath)) { - String scaSASTServerUrl = buildParameters.get(GLOBAL_SAST_SERVER_URL); - String scaSASTServerUserName = buildParameters.get(GLOBAL_SAST_SERVER_USERNAME); - String scaSASTServerPassword = decrypt(buildParameters.get(GLOBAL_SAST_SERVER_PASSWORD)); - - scaConfig.setSastServerUrl(scaSASTServerUrl); - scaConfig.setSastUsername(scaSASTServerUserName); - scaConfig.setSastPassword(scaSASTServerPassword); - scaConfig.setSastProjectName(validateNotEmpty(buildParameters.get(PROJECT_NAME), PROJECT_NAME)); - - } - - }else { - scaConfig.setAccessControlUrl(buildParameters.get(SCA_ACCESS_CONTROL_URL)); + if (StringUtils.isNotEmpty(configFilePaths)) { + String[] strArrayFile = configFilePaths.split(","); + List trimmedConfigPaths = getTrimmedConfigPaths(strArrayFile); + scaConfig.setConfigFilePaths(trimmedConfigPaths); + } + + //set the exp path params + + String isExpPath = buildParameters.get(GLOBAL_IS_EXPLOITABLE_PATH); + if (TRUE.equals(isExpPath)) { + String scaSASTServerUrl = buildParameters.get(GLOBAL_SAST_SERVER_URL); + String scaSASTServerUserName = buildParameters.get(GLOBAL_SAST_SERVER_USERNAME); + String scaSASTServerPassword = decrypt(buildParameters.get(GLOBAL_SAST_SERVER_PASSWORD)); + + scaConfig.setSastServerUrl(scaSASTServerUrl); + scaConfig.setSastUsername(scaSASTServerUserName); + scaConfig.setSastPassword(scaSASTServerPassword); + scaConfig.setSastProjectName(validateNotEmpty(buildParameters.get(PROJECT_NAME), PROJECT_NAME)); + + } + + } else { + scaConfig.setAccessControlUrl(buildParameters.get(SCA_ACCESS_CONTROL_URL)); scaConfig.setWebAppUrl(buildParameters.get(SCA_WEB_APP_URL)); scaConfig.setApiUrl(buildParameters.get(SCA_API_URL)); scaConfig.setPassword(decrypt(buildParameters.get(SCA_PASSWORD))); scaConfig.setUsername(buildParameters.get(SCA_USERNAME)); scaConfig.setTenant(buildParameters.get(SCA_TENANT)); - - if(!StringUtils.isEmpty(buildParameters.get(SCA_TEAMPATH))) { - scaConfig.setTeamPath(buildParameters.get(SCA_TEAMPATH)); + + if (!StringUtils.isEmpty(buildParameters.get(SCA_TEAMPATH))) { + scaConfig.setTeamPath(buildParameters.get(SCA_TEAMPATH)); } else { - scaConfig.setTeamPath(teamPath); + scaConfig.setTeamPath(teamPath); } scaConfig.setIncludeSources(TRUE.equals(buildParameters.get(IS_INCLUDE_SOURCES))); String scaEnvVars = buildParameters.get(SCA_ENV_VARIABLE); @@ -283,65 +277,62 @@ private static AstScaConfig getScaConfig(Map buildParameters, Ma // scaResolverPathExist(buildParameters.get(SCA_RESOLVER_PATH)); validateScaResolverParams(buildParameters.get(SCA_RESOLVER_ADD_PARAMETERS)); scaConfig.setEnableScaResolver(true); - } - else + } else scaConfig.setEnableScaResolver(false); scaConfig.setPathToScaResolver(buildParameters.get(SCA_RESOLVER_PATH)); scaConfig.setScaResolverAddParameters(buildParameters.get(SCA_RESOLVER_ADD_PARAMETERS)); - if(StringUtils.isNotEmpty(scaEnvVars)) - { - scaConfig.setEnvVariables(CxSCAFileSystemUtils.convertStringToKeyValueMap(scaEnvVars)); + if (StringUtils.isNotEmpty(scaEnvVars)) { + scaConfig.setEnvVariables(CxSCAFileSystemUtils.convertStringToKeyValueMap(scaEnvVars)); } String configFilePaths = buildParameters.get(SCA_CONFIGFILE); - if (StringUtils.isNotEmpty(configFilePaths)) { - String[] strArrayFile = configFilePaths.split(","); - List trimmedConfigPaths = getTrimmedConfigPaths(strArrayFile); - scaConfig.setConfigFilePaths(trimmedConfigPaths); - } - - //set the exp path params - - String isExpPath = buildParameters.get(IS_EXPLOITABLE_PATH); - if (TRUE.equals(isExpPath)) { - String sastProjectName = buildParameters.get(SCA_SAST_PROJECT_FULLPATH); - String sastProjectId = buildParameters.get(SCA_SAST_PROJECT_ID); - scaConfig.setSastProjectName(sastProjectName); - scaConfig.setSastProjectId(sastProjectId); - if (!TRUE.equals(buildParameters.get(USE_SAST_DEFAULT_SERVER))) { - String scaSASTServerUrl = buildParameters.get(SCA_SAST_SERVER_URL); - String scaSASTServerUserName = buildParameters.get(SCA_SAST_SERVER_USERNAME); - String scaSASTServerPassword = decrypt(buildParameters.get(SCA_SAST_SERVER_PASSWORD)); - - scaConfig.setSastServerUrl(scaSASTServerUrl); - scaConfig.setSastUsername(scaSASTServerUserName); - scaConfig.setSastPassword(scaSASTServerPassword); - } else { - String scaSASTServerUrl = globalParameters.get(GLOBAL_SAST_SERVER_URL); - String scaSASTServerUserName = globalParameters.get(GLOBAL_SAST_SERVER_USERNAME); - String scaSASTServerPassword = decrypt(globalParameters.get(GLOBAL_SAST_SERVER_PASSWORD)); - - scaConfig.setSastServerUrl(scaSASTServerUrl); - scaConfig.setSastUsername(scaSASTServerUserName); - scaConfig.setSastPassword(scaSASTServerPassword); - } - - - } - } - return scaConfig; + if (StringUtils.isNotEmpty(configFilePaths)) { + String[] strArrayFile = configFilePaths.split(","); + List trimmedConfigPaths = getTrimmedConfigPaths(strArrayFile); + scaConfig.setConfigFilePaths(trimmedConfigPaths); + } + + //set the exp path params + + String isExpPath = buildParameters.get(IS_EXPLOITABLE_PATH); + if (TRUE.equals(isExpPath)) { + String sastProjectName = buildParameters.get(SCA_SAST_PROJECT_FULLPATH); + String sastProjectId = buildParameters.get(SCA_SAST_PROJECT_ID); + scaConfig.setSastProjectName(sastProjectName); + scaConfig.setSastProjectId(sastProjectId); + if (!TRUE.equals(buildParameters.get(USE_SAST_DEFAULT_SERVER))) { + String scaSASTServerUrl = buildParameters.get(SCA_SAST_SERVER_URL); + String scaSASTServerUserName = buildParameters.get(SCA_SAST_SERVER_USERNAME); + String scaSASTServerPassword = decrypt(buildParameters.get(SCA_SAST_SERVER_PASSWORD)); + + scaConfig.setSastServerUrl(scaSASTServerUrl); + scaConfig.setSastUsername(scaSASTServerUserName); + scaConfig.setSastPassword(scaSASTServerPassword); + } else { + String scaSASTServerUrl = globalParameters.get(GLOBAL_SAST_SERVER_URL); + String scaSASTServerUserName = globalParameters.get(GLOBAL_SAST_SERVER_USERNAME); + String scaSASTServerPassword = decrypt(globalParameters.get(GLOBAL_SAST_SERVER_PASSWORD)); + + scaConfig.setSastServerUrl(scaSASTServerUrl); + scaConfig.setSastUsername(scaSASTServerUserName); + scaConfig.setSastPassword(scaSASTServerPassword); + } + + + } + } + return scaConfig; } private static boolean scaResolverPathExist(String pathToResolver) { pathToResolver = pathToResolver + File.separator + "ScaResolver"; - if(!SystemUtils.IS_OS_UNIX) + if (!SystemUtils.IS_OS_UNIX) pathToResolver = pathToResolver + ".exe"; File file = new File(pathToResolver); - if(!file.exists()) - { - throw new CxClientException("SCA Resolver path does not exist. Path="+file.getAbsolutePath()); + if (!file.exists()) { + throw new CxClientException("SCA Resolver path does not exist. Path=" + file.getAbsolutePath()); } return true; } @@ -351,20 +342,20 @@ private static void validateScaResolverParams(String additionalParams) { String[] arguments = additionalParams.split(" "); Map params = new HashMap<>(); - for (int i = 0; i < arguments.length ; i++) { - if(arguments[i].startsWith("-") && (i+1 != arguments.length && !arguments[i+1].startsWith("-"))) - params.put(arguments[i], arguments[i+1]); + for (int i = 0; i < arguments.length; i++) { + if (arguments[i].startsWith("-") && (i + 1 != arguments.length && !arguments[i + 1].startsWith("-"))) + params.put(arguments[i], arguments[i + 1]); else params.put(arguments[i], ""); } String dirPath = params.get("-s"); - if(StringUtils.isEmpty(dirPath)) + if (StringUtils.isEmpty(dirPath)) throw new CxClientException("Source code path (-s ) is not provided."); // fileExists(dirPath); String projectName = params.get("-n"); - if(StringUtils.isEmpty(projectName)) + if (StringUtils.isEmpty(projectName)) throw new CxClientException("Project name parameter (-n ) must be provided to ScaResolver."); } @@ -378,14 +369,14 @@ private static void fileExists(String file) { } private static List getTrimmedConfigPaths(String[] strArrayFile) { - List paths = new ArrayList(); - for (int i = 0; i < strArrayFile.length; i++) { - paths.add(strArrayFile[i].trim()); - } - return paths; - } - private static Integer convertToIntegerIfNotNull(String param, String paramName) throws InvalidParameterException { + List paths = new ArrayList(); + for (int i = 0; i < strArrayFile.length; i++) { + paths.add(strArrayFile[i].trim()); + } + return paths; + } + private static Integer convertToIntegerIfNotNull(String param, String paramName) throws InvalidParameterException { if (param != null && param.length() > 0) { try { int i = Integer.parseInt(param); @@ -393,8 +384,6 @@ private static Integer convertToIntegerIfNotNull(String param, String paramName) throw new InvalidParameterException(PARAMETER_PREFIX + paramName + PARAMETER_SUFFIX + param); } return i; - - } catch (NumberFormatException e) { throw new InvalidParameterException(PARAMETER_PREFIX + paramName + PARAMETER_SUFFIX + param); } @@ -402,14 +391,47 @@ private static Integer convertToIntegerIfNotNull(String param, String paramName) return null; } + private static void setProxySetting(Map parameters, CxScanConfig ret) { + if (parameters.get(GLOBAL_IS_PROXY) != null && TRUE.equals(parameters.get(GLOBAL_IS_PROXY))) { + ret.setProxy(true); + String host = parameters.get(GLOBAL_PROXY_HOST); + String portStr = parameters.get(GLOBAL_PROXY_PORT); + String user = parameters.get(GLOBAL_PROXY_USER); + String password = decrypt(parameters.get(GLOBAL_PROXY_PASSWORD)); + String https = parameters.get(GLOBAL_PROXY_HTTPS); + + if (StringUtils.isNotEmpty(host) && StringUtils.isNotEmpty(portStr) && isValidPort(portStr)) { + ProxyConfig config = new ProxyConfig(); + int port = Integer.parseInt(portStr); + config.setHost(host); + config.setPort(port); + if (StringUtils.isNotEmpty(user) && StringUtils.isNotEmpty(password)) { + config.setUsername(user); + config.setPassword(password); + config.setUseHttps(https != null && TRUE.equals(parameters.get(https))); + } + ret.setProxyConfig(config); + } + } + } + + private static boolean isValidPort(String portStr) { + try { + int i = Integer.parseInt(portStr); + return i >= 0; + } catch (NumberFormatException e) { + return false; + } + } + private static String validateNotEmpty(String param, String paramName) throws InvalidParameterException { if (param == null || param.length() == 0) { throw new InvalidParameterException(PARAMETER_PREFIX + paramName + "] must not be empty"); } return param; } - - private static boolean isThisBuildIncremental(String buildNumber, String isIncremental, String isPeriodicFullScan, int fullScanAfter ) { + + private static boolean isThisBuildIncremental(String buildNumber, String isIncremental, String isPeriodicFullScan, int fullScanAfter) { boolean askedForIncremental = TRUE.equalsIgnoreCase(isIncremental); if (!askedForIncremental) { @@ -427,10 +449,10 @@ private static boolean isThisBuildIncremental(String buildNumber, String isIncre } int currentBuildNumer = -1; - try { - currentBuildNumer = Integer.parseInt(buildNumber); - }catch(Exception wrongNumber) { - return true; + try { + currentBuildNumer = Integer.parseInt(buildNumber); + } catch (Exception wrongNumber) { + return true; } // If user asked to perform full scan after every 9 incremental scans - // it means that every 10th scan should be full, diff --git a/cxplugin-common/pom.xml b/cxplugin-common/pom.xml index 9470556..47fab8a 100644 --- a/cxplugin-common/pom.xml +++ b/cxplugin-common/pom.xml @@ -4,7 +4,7 @@ cxplugin com.checkmarx.teamcity - 2022.2.1 + 2022.2.2 cxplugin-common jar diff --git a/cxplugin-common/src/main/java/com/checkmarx/teamcity/common/CxParam.java b/cxplugin-common/src/main/java/com/checkmarx/teamcity/common/CxParam.java index aaabf39..b42ac20 100644 --- a/cxplugin-common/src/main/java/com/checkmarx/teamcity/common/CxParam.java +++ b/cxplugin-common/src/main/java/com/checkmarx/teamcity/common/CxParam.java @@ -13,6 +13,7 @@ public abstract class CxParam { public static final String SERVER_URL = "cxServerUrl"; public static final String USERNAME = "cxUsername"; public static final String PASSWORD = "cxPassword"; + public static final String IS_PROXY = "cxIsProxy"; public static final String PROJECT_NAME = "cxProjectName"; public static final String PRESET_ID = "cxPresetId"; public static final String TEAM_ID = "cxTeamId"; @@ -52,6 +53,12 @@ public abstract class CxParam { public static final String GLOBAL_SERVER_URL = "cxGlobalServerUrl"; public static final String GLOBAL_USERNAME = "cxGlobalUsername"; public static final String GLOBAL_PASSWORD = "cxGlobalPassword"; + public static final String GLOBAL_IS_PROXY = "cxGlobalIsProxy"; + public static final String GLOBAL_PROXY_HOST = "cxGlobalProxyHost"; + public static final String GLOBAL_PROXY_PORT = "cxGlobalProxyPort"; + public static final String GLOBAL_PROXY_USER = "cxGlobalProxyUser"; + public static final String GLOBAL_PROXY_PASSWORD = "cxGlobalProxyPassword"; + public static final String GLOBAL_PROXY_HTTPS = "cxGlobalProxyHttps"; public static final String GLOBAL_EXCLUDE_FOLDERS = "cxGlobalExcludeFolders"; public static final String GLOBAL_FILTER_PATTERNS = "cxGlobalFilterPatterns"; public static final String GLOBAL_SCAN_TIMEOUT_IN_MINUTES = "cxGlobalScanTimeoutInMinutes"; @@ -66,7 +73,7 @@ public abstract class CxParam { public static final String GLOBAL_OSA_LOW_THRESHOLD = "cxGlobalOsaLowThreshold"; public static final String GLOBAL_PROJECT_POLICY_VIOLATION = "cxGlobalProjectPolicyViolation"; public static final String GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS = "cxGlobalOsaArchiveIncludePatterns"; - public static final String GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS="CxGlobalDependencyScanFilterPatterns"; + public static final String GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS = "CxGlobalDependencyScanFilterPatterns"; public static final String GLOBAL_EXECUTE_DEPENDENCY_MANAGER = "cxGlobalExecuteDependencyManager"; public static final String GLOBAL_SCA_ENABLED = "cxGlobalScaEnabled"; public static final String GLOBAL_OSA_ENABLED = "cxGlobalOsaEnabled"; @@ -77,7 +84,7 @@ public abstract class CxParam { public static final String GLOBAL_SCA_USERNAME = "cxGlobalSCAUserName"; public static final String GLOBAL_SCA_PASSWORD = "cxGlobalSCAPassword"; public static final String GLOBAL_SCA_TENANT = "cxGlobalSCATenant"; - + public static final String GLOBAL_SCA_CONFIGFILE = "cxGlobalScaConfigFile"; public static final String GLOBAL_SCA_ENV_VARIABLE = "cxGlobalScaEnvVariable"; public static final String GLOBAL_IS_EXPLOITABLE_PATH = "cxGlobalIsExploitablePath"; @@ -108,7 +115,7 @@ public abstract class CxParam { public static final String SCA_SAST_SERVER_URL = "scaSASTServerUrl"; public static final String SCA_SAST_SERVER_USERNAME = "scaSASTUserName"; public static final String SCA_SAST_SERVER_PASSWORD = "scaSASTPassword"; - + public static final String SCA_HIGH = "ScaHigh"; public static final String SCA_MEDIUM = "ScaMedium"; public static final String SCA_LOW = "ScaLow"; @@ -127,15 +134,16 @@ public abstract class CxParam { "Validate the provided login credentials and server URL are correct."; public static final String[] GLOBAL_CONFIGS = { - GLOBAL_SERVER_URL, GLOBAL_USERNAME, GLOBAL_PASSWORD, GLOBAL_EXCLUDE_FOLDERS, GLOBAL_FILTER_PATTERNS, + GLOBAL_SERVER_URL, GLOBAL_USERNAME, GLOBAL_PASSWORD, GLOBAL_IS_PROXY, GLOBAL_PROXY_HOST, GLOBAL_PROXY_PORT, + GLOBAL_PROXY_USER, GLOBAL_PROXY_PASSWORD, GLOBAL_PROXY_HTTPS, GLOBAL_EXCLUDE_FOLDERS, GLOBAL_FILTER_PATTERNS, GLOBAL_SCAN_TIMEOUT_IN_MINUTES, GLOBAL_IS_SYNCHRONOUS, GLOBAL_THRESHOLD_ENABLED, GLOBAL_HIGH_THRESHOLD, GLOBAL_MEDIUM_THRESHOLD, GLOBAL_LOW_THRESHOLD, GLOBAL_OSA_THRESHOLD_ENABLED, GLOBAL_OSA_HIGH_THRESHOLD, - GLOBAL_OSA_MEDIUM_THRESHOLD, GLOBAL_OSA_LOW_THRESHOLD,GLOBAL_DEFINE_DEPENDENCY_SCAN_SETTINGS,GLOBAL_DEPENDENCY_SCANNER_TYPE, GLOBAL_PROJECT_POLICY_VIOLATION, - GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS,GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS, GLOBAL_EXECUTE_DEPENDENCY_MANAGER, - GLOBAL_SCA_ENABLED, GLOBAL_OSA_ENABLED, GLOBAL_SCA_API_URL, GLOBAL_SCA_ACCESS_CONTROL_URL, - GLOBAL_SCA_WEB_APP_URL, GLOBAL_SCA_USERNAME, GLOBAL_SCA_PASSWORD, GLOBAL_SCA_TENANT, GLOBAL_SCA_CONFIGFILE, GLOBAL_SCA_ENV_VARIABLE, GLOBAL_IS_EXPLOITABLE_PATH - , GLOBAL_SAST_SERVER_URL, GLOBAL_SAST_SERVER_USERNAME, GLOBAL_SAST_SERVER_PASSWORD + GLOBAL_OSA_MEDIUM_THRESHOLD, GLOBAL_OSA_LOW_THRESHOLD, GLOBAL_DEFINE_DEPENDENCY_SCAN_SETTINGS, + GLOBAL_DEPENDENCY_SCANNER_TYPE, GLOBAL_PROJECT_POLICY_VIOLATION, GLOBAL_OSA_ARCHIVE_INCLUDE_PATTERNS, + GLOBAL_DEPENDENCY_SCAN_FILTER_PATTERNS, GLOBAL_EXECUTE_DEPENDENCY_MANAGER, GLOBAL_SCA_ENABLED, + GLOBAL_OSA_ENABLED, GLOBAL_SCA_API_URL, GLOBAL_SCA_ACCESS_CONTROL_URL, GLOBAL_SCA_WEB_APP_URL, + GLOBAL_SCA_USERNAME, GLOBAL_SCA_PASSWORD, GLOBAL_SCA_TENANT, GLOBAL_SCA_CONFIGFILE, GLOBAL_SCA_ENV_VARIABLE, + GLOBAL_IS_EXPLOITABLE_PATH, GLOBAL_SAST_SERVER_URL, GLOBAL_SAST_SERVER_USERNAME, GLOBAL_SAST_SERVER_PASSWORD }; - } \ No newline at end of file diff --git a/cxplugin-server/pom.xml b/cxplugin-server/pom.xml index d16ab42..cbf96b1 100644 --- a/cxplugin-server/pom.xml +++ b/cxplugin-server/pom.xml @@ -5,7 +5,7 @@ cxplugin com.checkmarx.teamcity - 2022.2.1 + 2022.2.2 cxplugin-server jar diff --git a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxAdminPageController.java b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxAdminPageController.java index 24fbda4..13e559d 100644 --- a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxAdminPageController.java +++ b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxAdminPageController.java @@ -53,6 +53,9 @@ protected void doPost(@NotNull final HttpServletRequest request, @NotNull final String sastAndOsaPassword = ensurePasswordEncryption(request, "encryptedCxGlobalPassword"); cxAdminConfig.setConfiguration(GLOBAL_PASSWORD, sastAndOsaPassword); + String proxyPassword = ensurePasswordEncryption(request, "encryptedCxGlobalProxyPassword"); + cxAdminConfig.setConfiguration(GLOBAL_PROXY_PASSWORD, proxyPassword); + String scaPassword = ensurePasswordEncryption(request, "encryptedCxGlobalSCAPassword"); cxAdminConfig.setConfiguration(GLOBAL_SCA_PASSWORD, scaPassword); diff --git a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxOptions.java b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxOptions.java index 2846cf8..a6bde9c 100644 --- a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxOptions.java +++ b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/CxOptions.java @@ -5,6 +5,7 @@ import com.cx.restclient.CxSASTClient; import com.cx.restclient.configuration.CxScanConfig; import com.cx.restclient.dto.EngineConfiguration; +import com.cx.restclient.dto.ProxyConfig; import com.cx.restclient.dto.ScannerType; import com.cx.restclient.dto.Team; import com.cx.restclient.sast.dto.Preset; @@ -19,6 +20,7 @@ import java.util.Collections; import java.util.List; +import static com.checkmarx.teamcity.common.CxConstants.TRUE; import static com.checkmarx.teamcity.common.CxParam.*; import static com.checkmarx.teamcity.common.CxUtility.decrypt; @@ -60,6 +62,11 @@ public String getPassword() { return PASSWORD; } + @NotNull + public String getIsProxy() { + return IS_PROXY; + } + @NotNull public String getProjectName() { return PROJECT_NAME; @@ -90,6 +97,7 @@ public List getTeamList() { public String getEngineConfigId() { return ENGINE_CONFIG_ID; } + @NotNull public List getEngineConfigList() { return engineConfigList; @@ -130,7 +138,7 @@ public String getIsIncremental() { public String getIsPeriodicFullScan() { return PERIODIC_FULL_SCAN; } - + @NotNull public String getPeriodicFullScanAfter() { return PERIODIC_FULL_SCAN_AFTER; @@ -150,7 +158,7 @@ public String getGeneratePDFReport() { public String getDependencyScannerType() { return DEPENDENCY_SCANNER_TYPE; } - + @NotNull public String getDependencyScaScanType() { return DEPENDENCY_SCA_SCAN_TYPE; @@ -180,46 +188,47 @@ public String getOsaInstallBeforeScan() { public String getIsSynchronous() { return IS_SYNCHRONOUS; } - + @NotNull public String getIsIncludeSources() { return IS_INCLUDE_SOURCES; } - + @NotNull public String getIsExploitablePath() { return IS_EXPLOITABLE_PATH; } - + @NotNull public String getScaSASTUserName() { return SCA_SAST_SERVER_USERNAME; } - + @NotNull public String getScaSASTServerUrl() { return SCA_SAST_SERVER_URL; } - + @NotNull public String getScaSASTPassword() { return SCA_SAST_SERVER_PASSWORD; } + @NotNull public String getScaSASTProjectFullPath() { return SCA_SAST_PROJECT_FULLPATH; } - + @NotNull public String getScaSASTProjectID() { return SCA_SAST_PROJECT_ID; } - + @NotNull public String getUseSASTDefaultServer() { return USE_SAST_DEFAULT_SERVER; } - + @NotNull public String getThresholdEnabled() { return THRESHOLD_ENABLED; @@ -270,6 +279,36 @@ public String getGlobalUsername() { return GLOBAL_USERNAME; } + @NotNull + public String getGlobalIsProxy() { + return GLOBAL_IS_PROXY; + } + + @NotNull + public String getGlobalProxyHost() { + return GLOBAL_PROXY_HOST; + } + + @NotNull + public String getGlobalProxyPort() { + return GLOBAL_PROXY_PORT; + } + + @NotNull + public String getGlobalProxyUser() { + return GLOBAL_PROXY_USER; + } + + @NotNull + public String getGlobalProxyPassword() { + return GLOBAL_PROXY_PASSWORD; + } + + @NotNull + public String getGlobalProxyHttps() { + return GLOBAL_PROXY_HTTPS; + } + @NotNull public String getGlobalSastServerUrl() { return GLOBAL_SAST_SERVER_URL; @@ -279,6 +318,7 @@ public String getGlobalSastServerUrl() { public String getGlobalSastUsername() { return GLOBAL_SAST_SERVER_USERNAME; } + @NotNull public String getGlobalExcludeFolders() { return GLOBAL_EXCLUDE_FOLDERS; @@ -388,19 +428,20 @@ public String getScaPass() { public String getScaTenant() { return SCA_TENANT; } + @NotNull public String getScaTeampath() { return SCA_TEAMPATH; } - + @NotNull public String getScaConfigFile() { return SCA_CONFIGFILE; } - + @NotNull public String getScaEnvVariable() { - return SCA_ENV_VARIABLE; + return SCA_ENV_VARIABLE; } @NotNull @@ -479,17 +520,25 @@ public static String getGlobaldependencyScannerType() { } - public void testConnection(String serverUrl, String username, String pssd) { + public void testConnection(String serverUrl, String username, String pssd, String cxGlobalIsProxy, + String cxGlobalProxyHost, String cxGlobalProxyPort, String cxGlobalProxyUser, + String cxGlobalProxyPassword, String cxGlobalProxyHttps) { try { - CxClientDelegator delegator = delegatorBuilder(pssd, username, serverUrl); + ProxyConfig proxyConfig = null; + if (TRUE.equalsIgnoreCase(cxGlobalIsProxy) && StringUtils.isNotEmpty(cxGlobalProxyHost) && + StringUtils.isNotEmpty(cxGlobalProxyPort) && Integer.parseInt(cxGlobalProxyPort) > 0) { + proxyConfig = new ProxyConfig(cxGlobalProxyHost, Integer.parseInt(cxGlobalProxyPort), cxGlobalProxyUser, + cxGlobalProxyPassword, TRUE.equalsIgnoreCase(cxGlobalProxyHttps)); + } + CxClientDelegator delegator = delegatorBuilder(pssd, username, serverUrl, proxyConfig); CxSASTClient sastClient = delegator.getSastClient(); sastClient.login(); presetList = sastClient.getPresetList(); teamList = sastClient.getTeamList(); /* Getting list of Engine configurations and adding Project Default as extra engine configuration */ engineConfigList = sastClient.getEngineConfiguration(); - if(engineConfigList != null) { + if (engineConfigList != null) { EngineConfiguration sastEngineConfig = getProjectDefaultConfig(); engineConfigList.add(sastEngineConfig); } @@ -499,8 +548,8 @@ public void testConnection(String serverUrl, String username, String pssd) { } } - private CxClientDelegator delegatorBuilder(String pssd, String username, String serverUrl) throws MalformedURLException { - pssd = decrypt(pssd); + private CxClientDelegator delegatorBuilder(String pssd, String username, String serverUrl, ProxyConfig proxyConfig) throws MalformedURLException { + pssd = decrypt(pssd); CxScanConfig config = new CxScanConfig(); config.addScannerType(ScannerType.SAST); config.setUsername(username); @@ -510,21 +559,25 @@ private CxClientDelegator delegatorBuilder(String pssd, String username, String config.setDisableCertificateValidation(true); String isProxyVar = System.getProperty("cx.isproxy"); config.setProxy(StringUtils.isNotEmpty(isProxyVar) && isProxyVar.equalsIgnoreCase("true")); + if (proxyConfig != null) { + config.setProxy(true); + config.setProxyConfig(proxyConfig); + } CxClientDelegator clientDelegator = new CxClientDelegator(config, log); return clientDelegator; } - + public void testSASTConnection(String serverUrl, String username, String pssd) { try { - CxClientDelegator delegator = delegatorBuilder(pssd, username, serverUrl); + CxClientDelegator delegator = delegatorBuilder(pssd, username, serverUrl, null); CxSASTClient sastClient = delegator.getSastClient(); sastClient.login(); presetList = sastClient.getPresetList(); teamList = sastClient.getTeamList(); /* Getting list of Engine configurations and adding Project Default as extra engine configuration */ engineConfigList = sastClient.getEngineConfiguration(); - if(engineConfigList != null) { + if (engineConfigList != null) { EngineConfiguration sastEngineConfig = getProjectDefaultConfig(); engineConfigList.add(sastEngineConfig); } @@ -540,7 +593,7 @@ public void testSASTConnection(String serverUrl, String username, String pssd) { * * @return EngineConfiguration */ - private EngineConfiguration getProjectDefaultConfig(){ + private EngineConfiguration getProjectDefaultConfig() { EngineConfiguration sastEngineConfig = new EngineConfiguration(); sastEngineConfig.setId(PROJECT_DEFAULT_CONFIG_ID); sastEngineConfig.setName(PROJECT_DEFAULT); @@ -575,11 +628,11 @@ public static String decryptPasswordPlainText(String pssd, boolean global) { try { if (!global) { - try { - pssd = RSACipher.decryptWebRequestData(pssd); - }catch(Exception notAbleToDescrypt) { - //try with other decryption - } + try { + pssd = RSACipher.decryptWebRequestData(pssd); + } catch (Exception notAbleToDescrypt) { + //try with other decryption + } } return decrypt(pssd); diff --git a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionController.java b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionController.java index cb905a1..f61500b 100644 --- a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionController.java +++ b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionController.java @@ -6,15 +6,23 @@ import com.cx.restclient.CxSASTClient; import com.cx.restclient.configuration.CxScanConfig; import com.cx.restclient.dto.EngineConfiguration; +import com.cx.restclient.dto.ProxyConfig; import com.cx.restclient.dto.ScannerType; import com.cx.restclient.dto.Team; import com.cx.restclient.sast.dto.Preset; import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonSyntaxException; +import com.google.gson.TypeAdapter; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonToken; +import com.google.gson.stream.JsonWriter; import jetbrains.buildServer.controllers.BaseController; import jetbrains.buildServer.serverSide.SBuildServer; import jetbrains.buildServer.util.StringUtil; import jetbrains.buildServer.web.openapi.WebControllerManager; import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.math.NumberUtils; import org.apache.commons.lang3.StringUtils; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; @@ -39,7 +47,12 @@ class TestConnectionController extends BaseController { public static final Logger log = LoggerFactory.getLogger(TestConnectionController.class); private static final com.intellij.openapi.diagnostic.Logger LOG = jetbrains.buildServer.log.Loggers.SERVER; - private Gson gson = new Gson(); + private Gson gson = new GsonBuilder() + .registerTypeAdapter(int.class, new EmptyStringToNumberTypeAdapter()) + .registerTypeAdapter(Integer.class, new EmptyStringToNumberTypeAdapter()) + .registerTypeAdapter(double.class, new EmptyStringToNumberTypeAdapter()) + .registerTypeAdapter(Double.class, new EmptyStringToNumberTypeAdapter()) + .create(); private String result = ""; private List presets; @@ -70,10 +83,15 @@ protected ModelAndView doHandle(@NotNull HttpServletRequest httpServletRequest, TestConnectionRequest credi = extractRequestBody(httpServletRequest); + ProxyConfig proxyConfig = null; + if (credi.isProxy() && StringUtils.isNotEmpty(credi.getProxyHost()) && credi.getProxyPort() > 0) { + proxyConfig = new ProxyConfig(credi.getProxyHost(), credi.getProxyPort(), credi.getProxyUser(), + credi.getProxyPassword(), credi.isProxyHttps()); + } //create client and perform login try { - if (loginToServer(new URL(credi.getServerUrl()), credi.getUsername(), credi.getPssd())) { + if (loginToServer(new URL(credi.getServerUrl()), credi.getUsername(), credi.getPssd(), proxyConfig)) { CxSASTClient sastClient = clientDelegator.getSastClient(); try { teams = sastClient.getTeamList(); @@ -93,13 +111,13 @@ protected ModelAndView doHandle(@NotNull HttpServletRequest httpServletRequest, engineConfigurations = sastClient.getEngineConfiguration(); if (engineConfigurations == null) { throw new Exception("Error while getting Engine configurations."); - }else{ + } else { EngineConfiguration sastEngineConfig = new EngineConfiguration(); sastEngineConfig.setId(PROJECT_DEFAULT_CONFIG_ID); sastEngineConfig.setName(PROJECT_DEFAULT); engineConfigurations.add(sastEngineConfig); } - res = new TestConnectionResponse(true, CxConstants.CONNECTION_SUCCESSFUL_MESSAGE, presets, teams,engineConfigurations); + res = new TestConnectionResponse(true, CxConstants.CONNECTION_SUCCESSFUL_MESSAGE, presets, teams, engineConfigurations); writeHttpServletResponse(httpServletResponse, res); LOG.info("Checkmarx test connection: Connection successful"); return null; @@ -130,11 +148,13 @@ private TestConnectionRequest extractRequestBody(HttpServletRequest request) thr TestConnectionRequest ret = gson.fromJson(jsonString, TestConnectionRequest.class); ret.setServerUrl(StringUtil.trim(ret.getServerUrl())); ret.setUsername(StringUtil.trim(ret.getUsername())); + ret.setUsername(StringUtil.trim(ret.getUsername())); ret.setPssd(CxOptions.decryptPasswordPlainText(ret.getPssd(), ret.isGlobal())); + ret.setProxyPassword(CxOptions.decryptPasswordPlainText(ret.getProxyPassword(), ret.isGlobal())); return ret; } - private boolean loginToServer(URL url, String username, String pssd) { + private boolean loginToServer(URL url, String username, String pssd, ProxyConfig proxyConfig) { try { CxScanConfig config = new CxScanConfig(); config.addScannerType(ScannerType.SAST); @@ -145,6 +165,10 @@ private boolean loginToServer(URL url, String username, String pssd) { config.setDisableCertificateValidation(true); String isProxyVar = System.getProperty("cx.isproxy"); config.setProxy(StringUtils.isNotEmpty(isProxyVar) && isProxyVar.equalsIgnoreCase("true")); + if (proxyConfig != null){ + config.setProxy(true); + config.setProxyConfig(proxyConfig); + } clientDelegator = new CxClientDelegator(config, log); clientDelegator.getSastClient().login(); @@ -169,4 +193,33 @@ private void printProxyParams() { LOG.info("###############################"); } + public static class EmptyStringToNumberTypeAdapter extends TypeAdapter { + @Override + public void write(JsonWriter jsonWriter, Number number) throws IOException { + if (number == null) { + jsonWriter.nullValue(); + return; + } + jsonWriter.value(number); + } + + @Override + public Number read(JsonReader jsonReader) throws IOException { + if (jsonReader.peek() == JsonToken.NULL) { + jsonReader.nextNull(); + return null; + } + + try { + String value = jsonReader.nextString(); + if ("".equals(value)) { + return 0; + } + return NumberUtils.createNumber(value); + } catch (NumberFormatException e) { + throw new JsonSyntaxException(e); + } + } + } + } diff --git a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionRequest.java b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionRequest.java index 802bc45..08e7506 100644 --- a/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionRequest.java +++ b/cxplugin-server/src/main/java/com/checkmarx/teamcity/server/TestConnectionRequest.java @@ -9,6 +9,12 @@ public class TestConnectionRequest { private String serverUrl; private String username; private String pssd; + private boolean isProxy; + private String proxyHost; + private int proxyPort; + private String proxyUser; + private String proxyPassword; + private boolean proxyHttps; private boolean global; public String getServerUrl() { @@ -35,6 +41,54 @@ public void setPssd(String pssd) { this.pssd = pssd; } + public boolean isProxy() { + return isProxy; + } + + public void setProxy(boolean proxy) { + isProxy = proxy; + } + + public String getProxyHost() { + return proxyHost; + } + + public void setProxyHost(String proxyHost) { + this.proxyHost = proxyHost; + } + + public int getProxyPort() { + return proxyPort; + } + + public void setProxyPort(int proxyPort) { + this.proxyPort = proxyPort; + } + + public String getProxyUser() { + return proxyUser; + } + + public void setProxyUser(String proxyUser) { + this.proxyUser = proxyUser; + } + + public String getProxyPassword() { + return proxyPassword; + } + + public void setProxyPassword(String proxyPassword) { + this.proxyPassword = proxyPassword; + } + + public boolean isProxyHttps() { + return proxyHttps; + } + + public void setProxyHttps(boolean proxyHttps) { + this.proxyHttps = proxyHttps; + } + public boolean isGlobal() { return global; } diff --git a/cxplugin-server/src/main/resources/buildServerResources/adminPage.jsp b/cxplugin-server/src/main/resources/buildServerResources/adminPage.jsp index 61a1f9f..7b392ed 100644 --- a/cxplugin-server/src/main/resources/buildServerResources/adminPage.jsp +++ b/cxplugin-server/src/main/resources/buildServerResources/adminPage.jsp @@ -1,19 +1,18 @@ -<%@ page import="com.checkmarx.teamcity.common.CxParam" %> <%@ taglib prefix="props" tagdir="/WEB-INF/tags/props" %> <%@ taglib prefix="bs" tagdir="/WEB-INF/tags" %> <%@ taglib prefix="l" tagdir="/WEB-INF/tags/layout" %> <%@include file="/include.jsp" %> @@ -24,7 +23,7 @@ return temp.innerHTML; } - function updateGlobalDependencyScanSectionVisibility() { + function updateGlobalDependencyScanSectionVisibility() { var depScanEnabled = jQuery('#globalDependencyScanEnabled').prop('checked'), cxGlobalOsaEnabled = jQuery('#cxGlobalOsaEnabled').prop('checked'), cxGlobalScaEnabled = jQuery('#cxGlobalScaEnabled').prop('checked'), @@ -39,548 +38,637 @@ jQuery(updateGlobalDependencyScanSectionVisibility); - var SettingsForm = OO.extend(BS.AbstractPasswordForm, { - formElement: function () { - return $("globalSettingsForm") - }, - save: function () { - - BS.PasswordFormSaver.save(this, this.formElement().action, OO.extend(BS.ErrorsAwareListener, { - onInvalid_cxGlobalServerUrlError: function (elem) { - $("invalid_cxGlobalServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalServerUrl")); - }, - onInvalid_cxGlobalUsernameError: function (elem) { - $("invalid_cxGlobalUsername").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalUsername")); - }, - onInvalid_cxGlobalPasswordError: function (elem) { - $("invalid_cxGlobalPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalPassword")); - }, - - onInvalid_cxGlobalScanTimeoutInMinutesError: function (elem) { - $("invalid_cxGlobalScanTimeoutInMinutes").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalScanTimeoutInMinutes")); - }, - - onInvalid_cxGlobalHighThresholdError: function (elem) { - $("invalid_cxGlobalHighThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalHighThreshold")); - }, - - onInvalid_cxGlobalMediumThresholdError: function (elem) { - $("invalid_cxGlobalMediumThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalMediumThreshold")); - }, - - onInvalid_cxGlobalLowThresholdError: function (elem) { - $("invalid_cxGlobalLowThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalLowThreshold")); - }, - - onInvalid_cxGlobalOsaHighThresholdError: function (elem) { - $("invalid_cxGlobalOsaHighThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalOsaHighThreshold")); - }, - - onInvalid_cxGlobalOsaMediumThresholdError: function (elem) { - $("invalid_cxGlobalOsaMediumThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalOsaMediumThreshold")); - }, - - onInvalid_cxGlobalOsaLowThresholdError: function (elem) { - $("invalid_cxGlobalOsaLowThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalOsaLowThreshold")); - }, - - onInvalid_cxGlobalSCAServerUrlError: function (elem) { - $("invalid_cxGlobalSCAServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCAServerUrl")); - }, - onInvalid_cxGlobalSCAWebAppURLError: function (elem) { - $("invalid_cxGlobalSCAWebAppURL").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCAWebAppURL")); - }, - onInvalid_cxGlobalSCAAccessControlServerURLError: function (elem) { - $("invalid_cxGlobalSCAAccessControlServerURL").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCAAccessControlServerURL")); + var SettingsForm = OO.extend(BS.AbstractPasswordForm, { + formElement: function () { + return $("globalSettingsForm") }, - onInvalid_cxGlobalSCAUserNameError: function (elem) { - $("invalid_cxGlobalSCAUserName").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCAUserName")); - }, - onInvalid_cxGlobalSCAPasswordError: function (elem) { - $("invalid_cxGlobalSCAPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCAPassword")); - }, - onInvalid_cxGlobalSCATenantError: function (elem) { - $("invalid_cxGlobalSCATenant").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSCATenant")); - }, - - onInvalid_cxGlobalSastServerUrlError: function (elem) { - $("invalid_cxGlobalSastServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSastServerUrl")); - }, - onInvalid_cxGlobalSastUsernameError: function (elem) { - $("invalid_cxGlobalSastUsername").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSastUsername")); - }, - onInvalid_cxGlobalSastPasswordError: function (elem) { - $("invalid_cxGlobalSastPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); - SettingsForm.highlightErrorField($("cxGlobalSastPassword")); - }, - - - onSuccessfulSave: function () { - SettingsForm.enable(); - }, - onCompleteSave: function (form, responseXml, wereErrors) { - BS.ErrorsAwareListener.onCompleteSave(form, responseXml, wereErrors); - if (!wereErrors) { - $('generalSettings').refresh(); - window.scrollTo(0, 0); - } + save: function () { + + BS.PasswordFormSaver.save(this, this.formElement().action, OO.extend(BS.ErrorsAwareListener, { + onInvalid_cxGlobalServerUrlError: function (elem) { + $("invalid_cxGlobalServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalServerUrl")); + }, + onInvalid_cxGlobalUsernameError: function (elem) { + $("invalid_cxGlobalUsername").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalUsername")); + }, + onInvalid_cxGlobalPasswordError: function (elem) { + $("invalid_cxGlobalPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalPassword")); + }, + onInvalid_cxGlobalProxyHostError: function (elem) { + $("invalid_cxGlobalProxyHost").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalProxyHost")); + }, + onInvalid_cxGlobalProxyPortError: function (elem) { + $("invalid_cxGlobalProxyPort").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalProxyPort")); + }, + onInvalid_cxGlobalProxyUserError: function (elem) { + $("invalid_cxGlobalProxyUser").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalProxyUser")); + }, + onInvalid_cxGlobalProxyPasswordError: function (elem) { + $("invalid_cxGlobalProxyPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalProxyPassword")); + }, + onInvalid_cxGlobalScanTimeoutInMinutesError: function (elem) { + $("invalid_cxGlobalScanTimeoutInMinutes").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalScanTimeoutInMinutes")); + }, + onInvalid_cxGlobalHighThresholdError: function (elem) { + $("invalid_cxGlobalHighThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalHighThreshold")); + }, + onInvalid_cxGlobalMediumThresholdError: function (elem) { + $("invalid_cxGlobalMediumThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalMediumThreshold")); + }, + onInvalid_cxGlobalLowThresholdError: function (elem) { + $("invalid_cxGlobalLowThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalLowThreshold")); + }, + onInvalid_cxGlobalOsaHighThresholdError: function (elem) { + $("invalid_cxGlobalOsaHighThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalOsaHighThreshold")); + }, + onInvalid_cxGlobalOsaMediumThresholdError: function (elem) { + $("invalid_cxGlobalOsaMediumThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalOsaMediumThreshold")); + }, + onInvalid_cxGlobalOsaLowThresholdError: function (elem) { + $("invalid_cxGlobalOsaLowThreshold").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalOsaLowThreshold")); + }, + onInvalid_cxGlobalSCAServerUrlError: function (elem) { + $("invalid_cxGlobalSCAServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCAServerUrl")); + }, + onInvalid_cxGlobalSCAWebAppURLError: function (elem) { + $("invalid_cxGlobalSCAWebAppURL").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCAWebAppURL")); + }, + onInvalid_cxGlobalSCAAccessControlServerURLError: function (elem) { + $("invalid_cxGlobalSCAAccessControlServerURL").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCAAccessControlServerURL")); + }, + onInvalid_cxGlobalSCAUserNameError: function (elem) { + $("invalid_cxGlobalSCAUserName").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCAUserName")); + }, + onInvalid_cxGlobalSCAPasswordError: function (elem) { + $("invalid_cxGlobalSCAPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCAPassword")); + }, + onInvalid_cxGlobalSCATenantError: function (elem) { + $("invalid_cxGlobalSCATenant").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSCATenant")); + }, + + onInvalid_cxGlobalSastServerUrlError: function (elem) { + $("invalid_cxGlobalSastServerUrl").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSastServerUrl")); + }, + onInvalid_cxGlobalSastUsernameError: function (elem) { + $("invalid_cxGlobalSastUsername").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSastUsername")); + }, + onInvalid_cxGlobalSastPasswordError: function (elem) { + $("invalid_cxGlobalSastPassword").innerHTML = sanitizeJS(elem.firstChild.nodeValue); + SettingsForm.highlightErrorField($("cxGlobalSastPassword")); + }, + + onSuccessfulSave: function () { + SettingsForm.enable(); + }, + onCompleteSave: function (form, responseXml, wereErrors) { + BS.ErrorsAwareListener.onCompleteSave(form, responseXml, wereErrors); + if (!wereErrors) { + $('generalSettings').refresh(); + window.scrollTo(0, 0); + } + } + })); + return false; } - })); - return false; - } - }); + }); + + + - + - + - + - + - + + + + + + + +
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
Checkmarx Plugin Default Configuration
Checkmarx Server
- - -
- - - -
- - -
- - - - -
Checkmarx Scan CxSAST
-
- - -
Control Checkmarx Scan
-
- - - -
- - +
+ + + +
+ +
\ No newline at end of file diff --git a/cxplugin-server/src/main/resources/buildServerResources/editRunParams.jsp b/cxplugin-server/src/main/resources/buildServerResources/editRunParams.jsp index 58df2b2..0668802 100644 --- a/cxplugin-server/src/main/resources/buildServerResources/editRunParams.jsp +++ b/cxplugin-server/src/main/resources/buildServerResources/editRunParams.jsp @@ -5,8 +5,8 @@ <%@ taglib prefix="bs" tagdir="/WEB-INF/tags" %> - - + @@ -340,8 +344,8 @@ validateSCAParameters: function (credentials) { ${'true'.equals(cxUseDefaultServer) ? -optionsBean.testConnection(cxGlobalServerUrl, cxGlobalUsername, cxGlobalPassword) : -optionsBean.testConnection(cxServerUrl, cxUsername, cxPassword)} +optionsBean.testConnection(cxGlobalServerUrl,cxGlobalUsername,cxGlobalPassword,cxGlobalIsProxy,cxGlobalProxyHost,cxGlobalProxyPort,cxGlobalProxyUser,cxGlobalProxyPassword,cxGlobalProxyHttps) : +optionsBean.testConnection(cxServerUrl,cxUsername,cxPassword,cxIsProxy,cxGlobalProxyHost,cxGlobalProxyPort,cxGlobalProxyUser,cxGlobalProxyPassword,cxGlobalProxyHttps)} ${'true'.equals(useSASTDefaultServer) ? optionsBean.testSASTConnection(cxGlobalSastServerUrl, cxGlobalSastUsername, cxGlobalSastPassword) : @@ -361,6 +365,13 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor + + + + + + + @@ -418,8 +429,8 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor + Server URL: ${propertiesBean.properties[optionsBean.globalServerUrl]},
+ Username: ${propertiesBean.properties[optionsBean.globalUsername]} @@ -450,6 +461,10 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor +<%-- + + + --%>
- ` + + ` @@ -541,7 +557,8 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - @@ -571,7 +588,9 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - + @@ -597,9 +616,8 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - - - + @@ -608,7 +626,8 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - + @@ -617,15 +636,16 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - - + + @@ -647,7 +667,7 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - ${item.name} + ${item.name} @@ -673,25 +693,24 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor iconTitle="Enable dependency scan to choose between CxOSA and CxSCA"/> - - - + - + @@ -704,7 +723,8 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - + @@ -717,8 +737,9 @@ optionsBean.testSASTConnection(scaSASTServerUrl, scaSASTUserName, scaSASTPasswor - -