-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* GA Changes GA * GA changes 1.0.11 * code changes for encryption and decryption of access_token * code changes for encryption and decryption of access_token * code changes for encryption and decryption of access_token * updated scan summary name and update set * change log level to basic * Update Update_Set_GA_1.0.11.xml * Added Update set From Vendor Instance * Added changes for CxOne release 1.0.14 (#19) * CheckmarxOne Devops changes * CxOne 1.0.18 changes * Rename UpdateSet_GA.xml to UpdateSet_GA_1.0.18.xml --------- Co-authored-by: Apoorva <[email protected]> Co-authored-by: apoorvasingh5 <[email protected]>
- Loading branch information
3 people
authored
Feb 6, 2024
1 parent
8c13670
commit 08e4b1c
Showing
10 changed files
with
336 additions
and
214 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <unload unload_date="2023-08-11 14:37:20"> | ||
| <unload unload_date="2024-02-05 11:24:07"> | ||
| <sys_script_include action="INSERT_OR_UPDATE"> | ||
| <access>public</access> | ||
| <active>true</active> | ||
|
|
@@ -16,25 +16,33 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| MSG: 'CheckmarxOne AppListIntegration:', | ||
| retrieveData: function() { | ||
| gs.debug(this.MSG + 'retrieveData'); | ||
| var params = this._getParameters(this.PROCESS.getValue('parameters')); | ||
| var response = "<null/>"; | ||
| if (params.run) { | ||
| // filteredcount, offset | ||
| response = this.getAppList(Object.keys(params.run)[0], params.run[Object.keys(params.run)[0]]); | ||
| try { | ||
| var params = this._getParameters(this.PROCESS.getValue('parameters')); | ||
| if (params.run) { | ||
| // filteredcount, offset | ||
| response = this.getAppList(Object.keys(params.run)[0], params.run[Object.keys(params.run)[0]]); | ||
| } | ||
| params = this._serializeParameters(this._nextParameters(params)); | ||
| this.setNextRunParameters(params); | ||
| //Saving delta_start_time | ||
| if (!params.run) { | ||
| var latest = this.LATEST ? this.LATEST : ''; | ||
| this.INTEGRATION.setValue('delta_start_time', latest); | ||
| this.INTEGRATION.update(); | ||
| this.hasMoreData(false); | ||
| } else | ||
| this.hasMoreData(true); | ||
| } catch (ex) { | ||
| gs.error(this.MSG + "Error in retriving data for app list integration!" + ex); | ||
| response = '<appInfoList><xml id="checkmarxone"><projects></projects></xml></appInfoList>'; | ||
| } | ||
| params = this._serializeParameters(this._nextParameters(params)); | ||
| this.setNextRunParameters(params); | ||
| //Saving delta_start_time | ||
| if (!params.run) { | ||
| var latest = this.LATEST ? this.LATEST : ''; | ||
| this.INTEGRATION.setValue('delta_start_time', latest); | ||
| this.INTEGRATION.update(); | ||
| this.hasMoreData(false); | ||
| } else | ||
| this.hasMoreData(true); | ||
| if (response == "<null/>") { | ||
| response = '<appInfoList><xml id="checkmarxone"><projects></projects></xml></appInfoList>'; | ||
| } | ||
| return { | ||
|
|
@@ -58,6 +66,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| var groups = ''; | ||
| var groupval = ' '; | ||
| for (var item in response.projects) { | ||
| var projectTags = this._getProjectTags(JSON.stringify(response.projects[item].tags)); | ||
| var applicationIds = ''; | ||
| groups = +response.projects[item].groups.toString(); | ||
| var projectResponse = this.UTIL.getProjectById(this.IMPLEMENTATION, response.projects[item].id); | ||
|
|
@@ -67,15 +76,17 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| appListAll += '<project id="' + response.projects[item].id + | ||
| '" createdAt="' + response.projects[item].createdAt + | ||
| '" applicationIds="' + applicationIds + | ||
| '" groups="' + groupval + '">' + | ||
| '<name><' + '![CDATA[' + response.projects[item].name + ']]' + '></name></project>'; | ||
| '" groups="' + groupval + '"><projectTags><' + | ||
| '![CDATA[' + projectTags + ']]' + '></projectTags><name><' + | ||
| '![CDATA[' + response.projects[item].name + ']]' + '></name></project>'; | ||
| } else { | ||
| appListAll += '<project id="' + response.projects[item].id + | ||
| '" createdAt="' + response.projects[item].createdAt + | ||
| '" applicationIds="' + applicationIds + | ||
| '" groups="' + response.projects[item].groups.toString() + '">' + | ||
| '<name><' + '![CDATA[' + response.projects[item].name + ']]' + '></name></project>'; | ||
| '" groups="' + response.projects[item].groups.toString() + '"><projectTags><' + | ||
| '![CDATA[' + projectTags + ']]' + '></projectTags><name><' + | ||
| '![CDATA[' + response.projects[item].name + ']]' + '></name></project>'; | ||
| } | ||
| } | ||
| } | ||
|
|
@@ -88,6 +99,12 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| return reportContent; | ||
| }, | ||
| _getProjectTags: function(tags) { | ||
| if (tags == null || tags.length < 3) | ||
| return ''; | ||
| return tags.substring(1, tags.length - 1); | ||
| }, | ||
| // Gets the integration parameters as a map | ||
| _getParameters: function(parameters) { | ||
| var params = { | ||
|
|
@@ -105,12 +122,19 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| } | ||
| } else { | ||
| this.LATEST = new GlideDateTime(); | ||
| var projectJSON = this.UTIL.getNewProjectList(this.IMPLEMENTATION); | ||
| var filteredCount = projectJSON.filteredTotalCount; | ||
| if (filteredCount !== "undefined") { | ||
| var offsetId = this._getoffsets(filteredCount); | ||
| params.remaining[filteredCount] = offsetId; | ||
| var offsetId; | ||
| var list_projects = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); | ||
| if (list_projects && list_projects.length > 0) { | ||
| offsetId = '0'; | ||
| } else { | ||
| var projectJSON = this.UTIL.getNewProjectList(this.IMPLEMENTATION); | ||
| var filteredCount = projectJSON.filteredTotalCount; | ||
| var totalCount = projectJSON.totalCount; | ||
| if (filteredCount !== "undefined") { | ||
| offsetId = this._getoffsets(filteredCount, totalCount); | ||
| } | ||
| } | ||
| params.remaining[filteredCount] = offsetId; | ||
| gs.debug(this.MSG + 'for appreleases complete'); | ||
| params = this._nextParameters(params); | ||
| if (params.run) { | ||
|
|
@@ -125,10 +149,9 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| return params; | ||
| }, | ||
| //to get offset value from total length | ||
| _getoffsets: function(filteredCount) { | ||
| _getoffsets: function(filteredCount, totalCount) { | ||
| var offsets = []; | ||
| var projectJSON = this.UTIL.getNewProjectList(this.IMPLEMENTATION); | ||
| var loopLength = projectJSON.projects.length / 50; | ||
| var loopLength = totalCount / 50; | ||
| var offset = 0; | ||
| for (var i = 0; i <= parseInt(loopLength); i++) { | ||
| offset += 50; | ||
|
|
@@ -189,13 +212,13 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati | |
| <sys_created_by>admin</sys_created_by> | ||
| <sys_created_on>2022-11-18 05:11:38</sys_created_on> | ||
| <sys_id>f60f0ee047131110328ca368436d43ba</sys_id> | ||
| <sys_mod_count>133</sys_mod_count> | ||
| <sys_mod_count>173</sys_mod_count> | ||
| <sys_name>CheckmarxOneAppListIntegration</sys_name> | ||
| <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package> | ||
| <sys_policy/> | ||
| <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope> | ||
| <sys_update_name>sys_script_include_f60f0ee047131110328ca368436d43ba</sys_update_name> | ||
| <sys_updated_by>[email protected]</sys_updated_by> | ||
| <sys_updated_on>2023-08-08 11:25:54</sys_updated_on> | ||
| <sys_updated_by>admin</sys_updated_by> | ||
| <sys_updated_on>2024-01-05 14:48:25</sys_updated_on> | ||
| </sys_script_include> | ||
| </unload> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <unload unload_date="2023-08-11 14:38:22"> | ||
| <unload unload_date="2024-02-05 11:24:12"> | ||
| <sys_script_include action="INSERT_OR_UPDATE"> | ||
| <access>public</access> | ||
| <active>true</active> | ||
|
|
@@ -41,18 +41,42 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application | |
| var attributes = appNode.getAttributes(); | ||
| var applicationId = ''; | ||
| var appId; | ||
| var projectTags = ''; | ||
| var childIter = appNode.getChildNodeIterator(); | ||
| while (childIter.hasNext) { | ||
| var childNode = childIter.next(); | ||
| if (childNode.getNodeName() == "projectTags") { | ||
| projectTags = childNode.getTextContent(); | ||
| break; | ||
| } | ||
| } | ||
| /* if (projectTags != null && projectTags != '') { | ||
| var sourceAPMIDObj = {}; | ||
| var projectTagsArr = projectTags.split(',', -1); | ||
| for (var item in projectTagsArr) { | ||
| var projectTagArr = projectTagsArr[item].split(':', -1); | ||
| sourceAPMIDObj[projectTagArr[0]] = projectTagArr[1]; | ||
| } | ||
| if (sourceAPMIDObj != null) | ||
| appObj['apm_app_id'] = sourceAPMIDObj.toString(); | ||
| } */ | ||
| if (appNode.getAttribute('applicationIds') && appNode.getAttribute('applicationIds') != {}) { | ||
| appId ={}; | ||
| appId[gs.getMessage("Application Id: ")] = appNode.getAttribute('applicationIds').toString(); | ||
| } else | ||
| appId = ''; | ||
| //map attributes from Checkmarx into the servicenow expected format' | ||
| var appObj = { | ||
| source_app_id: attributes.id, | ||
| app_name: appNode.getLastChild().getTextContent().toString(), | ||
| apm_app_id: projectTags, | ||
| source_assigned_teams: attributes.groups, | ||
| description: 'created at' + attributes.createdAt, | ||
| source_additional_info: JSON.stringify(appId), | ||
| }; | ||
| //Updating the project information in ServiceNow table | ||
| var result = this.AVR_API.createOrUpdateApp(appObj); | ||
|
|
@@ -83,13 +107,13 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application | |
| <sys_created_by>admin</sys_created_by> | ||
| <sys_created_on>2022-11-21 12:03:00</sys_created_on> | ||
| <sys_id>716c87ad471f1110328ca368436d438a</sys_id> | ||
| <sys_mod_count>49</sys_mod_count> | ||
| <sys_mod_count>62</sys_mod_count> | ||
| <sys_name>CheckmarxOneAppListProcessor</sys_name> | ||
| <sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package> | ||
| <sys_policy/> | ||
| <sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope> | ||
| <sys_update_name>sys_script_include_716c87ad471f1110328ca368436d438a</sys_update_name> | ||
| <sys_updated_by>[email protected]</sys_updated_by> | ||
| <sys_updated_on>2023-08-08 11:22:07</sys_updated_on> | ||
| <sys_updated_by>admin</sys_updated_by> | ||
| <sys_updated_on>2023-12-21 15:21:18</sys_updated_on> | ||
| </sys_script_include> | ||
| </unload> | ||
Oops, something went wrong.