From 90e6cf73793a746c559e49d106885af0a762528b Mon Sep 17 00:00:00 2001 From: Nidhi Jaiswal <35574348+nidhi0512@users.noreply.github.com> Date: Fri, 14 Jun 2024 11:21:25 +0530 Subject: [PATCH] Integration branch (#28) * GA Changes GA * GA changes 1.0.11 * code changes for encryption and decryption of access_token * code changes for encryption and decryption of access_token * code changes for encryption and decryption of access_token * updated scan summary name and update set * change log level to basic * Update Update_Set_GA_1.0.11.xml * Added Update set From Vendor Instance * Added changes for CxOne release 1.0.14 (#19) * CheckmarxOne Devops changes * CxOne 1.0.18 changes * Rename UpdateSet_GA.xml to UpdateSet_GA_1.0.18.xml * Cx_One_1.0.19 Features (#24) * Cx_One_1.0.19 Features * Updated resultHash in AVITID * Updated Update set * Updated update set and code changes * CxOne 1.0.21 release items * Latest changes * Update UpdateSet_GA.xml --------- Co-authored-by: Apoorva Co-authored-by: apoorvasingh5 <98940507+apoorvasingh5@users.noreply.github.com> --- ...clude_f60f0ee047131110328ca368436d43ba.xml | 89 +- ...clude_716c87ad471f1110328ca368436d438a.xml | 30 +- ...clude_891d8fed471f1110328ca368436d4334.xml | 281 +- ...clude_ba2b3da69769e510026f72021153af1b.xml | 80 +- ...clude_508f0d54471f1110328ca368436d43f8.xml | 10 +- ...clude_f171708947e431108a980178c26d434f.xml | 2 +- ...clude_b8934b914768b1108a980178c26d4313.xml | 2 +- ...clude_d7f2d2e447131110328ca368436d4321.xml | 176 +- ...clude_ec0e828f47f42110328ca368436d433b.xml | 61 +- ...clude_1980bcb147935110328ca368436d435a.xml | 607 +- Scripts/UpdateSet_GA.xml | 22568 +++++++--------- Scripts/UpdateSet_GA_1.0.17.xml | 18323 ------------- Scripts/UpdateSet_GA_1.0.18.xml | 1 - Scripts/UpdateSet_GA_1.0.19.xml | 16952 ------------ ...ction_6390cdd847db1110328ca368436d4361.xml | 26 +- 15 files changed, 11235 insertions(+), 47973 deletions(-) delete mode 100644 Scripts/UpdateSet_GA_1.0.17.xml delete mode 100644 Scripts/UpdateSet_GA_1.0.18.xml delete mode 100644 Scripts/UpdateSet_GA_1.0.19.xml diff --git a/Scripts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml b/Scripts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml index b6fc2d9..b145427 100644 --- a/Scripts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml +++ b/Scripts/CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.xml @@ -1,5 +1,5 @@ - + public true @@ -24,17 +24,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati // filteredcount, offset response = this.getAppList(Object.keys(params.run)[0], params.run[Object.keys(params.run)[0]]); } - params = this._serializeParameters(this._nextParameters(params)); - this.setNextRunParameters(params); - - //Saving delta_start_time - if (!params.run) { - var latest = this.LATEST ? this.LATEST : ''; - this.INTEGRATION.setValue('delta_start_time', latest); - this.INTEGRATION.update(); - this.hasMoreData(false); - } else - this.hasMoreData(true); + } catch (ex) { gs.error(this.MSG + "Error in retriving data for app list integration!" + ex); response = ''; @@ -44,7 +34,17 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati response = ''; } - + params = this._serializeParameters(this._nextParameters(params)); + this.setNextRunParameters(params); + + //Saving delta_start_time + if (!params.run) { + var latest = this.LATEST ? this.LATEST : ''; + this.INTEGRATION.setValue('delta_start_time', latest); + this.INTEGRATION.update(); + this.hasMoreData(false); + } else + this.hasMoreData(true); return { contents: new GlideSysAttachment().write(this.PROCESS, this.FILENAME, "xml", response), contentType: "sys_attachment", @@ -62,48 +62,47 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati var appListAll = ''; //to start offset from 0 and limit 50 var newoffset = offset - 50; - var response = this.UTIL.getNextProjectList(this.IMPLEMENTATION, newoffset); + var projects = this.UTIL.getNextProjectList(this.IMPLEMENTATION, newoffset); var groups = ''; var groupval = ' '; - var isPrimaryBranchEnabled = this.UTIL._getConfig(this.IMPLEMENTATION).sync_only_primary_branch.toString(); - for (var item in response.projects) { - var projectTags = this._getProjectTags(JSON.stringify(response.projects[item].tags)); - var applicationIds = ''; - var primaryBranch = ''; - var isProjectAllowed = 'true'; - groups = +response.projects[item].groups.toString(); - var projectResponse = this.UTIL.getProjectById(this.IMPLEMENTATION, response.projects[item].id); - if (null != projectResponse.applicationIds && projectResponse.applicationIds.length > 0) - applicationIds = projectResponse.applicationIds.toString(); - if (null != projectResponse.mainBranch && projectResponse.mainBranch.length > 0) - primaryBranch = projectResponse.mainBranch.toString(); - if (isPrimaryBranchEnabled == 'true' && (primaryBranch == null || primaryBranch == '')) - isProjectAllowed = 'false'; - if (isProjectAllowed == 'true') { + var createdDate = this._getCurrentDeltaStartTime(); + + for (var item in projects) { + if (projects[item].createdAt > createdDate) { + var projectTags = this._getProjectTags(JSON.stringify(projects[item].tags)); + var applicationIds = ''; + var primaryBranch = ''; + groups = +projects[item].groups.toString(); + + if (null != projects[item].applicationIds && projects[item].applicationIds.length > 0) + applicationIds = projects[item].applicationIds.toString(); + if (null != projects[item].mainBranch && projects[item].mainBranch.length > 0) + primaryBranch = projects[item].mainBranch.toString(); + if (groups == 0) { - appListAll += '<' + '![CDATA[' + primaryBranch + ']]' + '><' + '![CDATA[' + projectTags + ']]' + '><' + - '![CDATA[' + response.projects[item].name + ']]' + '>'; + '![CDATA[' + projects[item].name + ']]' + '>'; } else { - appListAll += '<' + + '" groups="' + projects[item].groups.toString() + '"><' + '![CDATA[' + primaryBranch + ']]' + '><' + '![CDATA[' + projectTags + ']]' + '><' + - '![CDATA[' + response.projects[item].name + ']]' + '>'; + '![CDATA[' + projects[item].name + ']]' + '>'; } } } var reportContent = appListRootNodeStart + appListAll + appListRootNodeEnd; } catch (err) { - gs.info(this.MSG + " getAppList : Error while getting the summary report." + err); + gs.error(this.MSG + " getAppList : Error occured while creating XML for project list: " + err); throw err; } return reportContent; @@ -134,10 +133,12 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati this.LATEST = new GlideDateTime(); var offsetId; var filteredCount; + var filter_project = this.UTIL._getConfig(this.IMPLEMENTATION).filter_project; var list_projects = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); - if (list_projects && list_projects.length > 0) { - offsetId = '0'; - filteredCount = '' + list_projects.length; + if (list_projects && list_projects.length > 0 && list_projects.indexOf('exclude') == -1 && filter_project == 'by_Id') { + var projectLengthUI = '' + list_projects.length; + offsetId = this._getoffsets(projectLengthUI, projectLengthUI); + filteredCount = projectLengthUI; } else { var projectJSON = this.UTIL.getNewProjectList(this.IMPLEMENTATION); filteredCount = projectJSON.filteredTotalCount; @@ -155,7 +156,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati } } } catch (err) { - gs.error(this.MSG + " _getParameters : Error while getting the integration parameters." + err); + gs.error(this.MSG + " _getParameters : Error while getting the integration parameters: " + err); throw err; } return params; @@ -185,7 +186,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati try { var delta = this.UTIL.parseTZDate(this.DELTA_START_TIME) || '1970-01-01T10:16:06.17544Z'; } catch (err) { - gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time." + err); + gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time: " + err); throw err; } return delta; @@ -224,13 +225,13 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati admin 2022-11-18 05:11:38 f60f0ee047131110328ca368436d43ba -179 +197 CheckmarxOneAppListIntegration 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_f60f0ee047131110328ca368436d43ba admin -2024-02-08 16:03:48 +2024-05-22 06:06:39 diff --git a/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml b/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml index fb48551..49c9d2b 100644 --- a/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml +++ b/Scripts/CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.xml @@ -1,5 +1,5 @@ - + public true @@ -46,29 +46,29 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application var infoObj = {}; var childIter = appNode.getChildNodeIterator(); - var projectTagsFlag = 'false'; - var primaryBranchFlag = 'false'; + var projectTagsFlag = 'false'; + var primaryBranchFlag = 'false'; while (childIter.hasNext) { var childNode = childIter.next(); if (childNode.getNodeName() == "projectTags") { projectTags = childNode.getTextContent(); - projectTagsFlag = 'true'; + projectTagsFlag = 'true'; } if (childNode.getNodeName() == "primaryBranch") { primaryBranch = childNode.getTextContent(); - primaryBranchFlag = 'true'; + primaryBranchFlag = 'true'; } - if(projectTagsFlag == 'true' && primaryBranchFlag == 'true') - break; + if (projectTagsFlag == 'true' && primaryBranchFlag == 'true') + break; } - if (appNode.getAttribute('applicationIds') && appNode.getAttribute('applicationIds') != {}) + if (appNode.getAttribute('applicationIds') && appNode.getAttribute('applicationIds') != {}) infoObj[gs.getMessage("Application Id ")] = appNode.getAttribute('applicationIds').toString(); - - if (null != primaryBranch && '' != primaryBranch) + + if (null != primaryBranch && '' != primaryBranch) infoObj[gs.getMessage("Primary Branch ")] = primaryBranch.toString(); - + if (infoObj == {}) - infoObj = ""; + infoObj = ""; //map attributes from Checkmarx into the servicenow expected format' var appObj = { @@ -78,7 +78,7 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application source_assigned_teams: attributes.groups, description: 'created at' + attributes.createdAt, source_additional_info: JSON.stringify(infoObj), - source_app_guid : primaryBranch.toString() + source_app_guid: primaryBranch.toString() }; //Updating the project information in ServiceNow table @@ -110,13 +110,13 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application admin 2022-11-21 12:03:00 716c87ad471f1110328ca368436d438a -74 +75 CheckmarxOneAppListProcessor 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_716c87ad471f1110328ca368436d438a admin -2024-02-08 06:23:20 +2024-05-22 05:08:04 diff --git a/Scripts/CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml b/Scripts/CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml index 437e688..74c9415 100644 --- a/Scripts/CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml +++ b/Scripts/CheckmarxOneAppVulItemIntegration_sys_script_include_891d8fed471f1110328ca368436d4334.xml @@ -1,5 +1,5 @@ - + public true @@ -24,9 +24,12 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic var branch = ''; var appId = ''; var applicationIds = []; + var primaryBranch = ''; var applicationIdsStr = ''; var engines = []; var engine = ''; + var scanDetailedRootNodeStart = ""; + var scanDetailedRootNodeEnd = ""; var reportLength = this.UTIL.getSASTVulcount(this.IMPLEMENTATION, Object.keys(params.run)[0]); var loopLength = reportLength / 50; var sast_offset = 0; @@ -42,6 +45,10 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic var projectResponse = this.UTIL.getProjectById(this.IMPLEMENTATION, jsonLastScanSummResp.scans[value].projectId); if (null != projectResponse.applicationIds && projectResponse.applicationIds.length > 0) applicationIds = applicationIds.concat(projectResponse.applicationIds); + + if (null != projectResponse.mainBranch && '' != projectResponse.mainBranch) + primaryBranch = projectResponse.mainBranch.toString(); + lastscandate += this.UTIL.parseDate(jsonLastScanSummResp.scans[value].updatedAt); appname += jsonLastScanSummResp.scans[value].projectName; branch += jsonLastScanSummResp.scans[value].branch; @@ -50,39 +57,66 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic engine = engines.toString(); } - var secondlastscan = this.UTIL.getSecondLastScan(this.IMPLEMENTATION, appId, Object.keys(params.run)[0]); + var date = new GlideDateTime(this.UTIL.parseDate(jsonLastScanSummResp.scans[value].updatedAt)); + if (!this.LATEST || date > this.LATEST) + this.LATEST = date; + var secondlastscan = this.UTIL.getSecondLastScan(this.IMPLEMENTATION, appId, Object.keys(params.run)[0], primaryBranch); + if (applicationIds.length > 0) { applicationIdsStr = applicationIds.toString(); } + var offset = params.run[Object.keys(params.run)[0]]; + var includesca = this.UTIL.importScaFlaw(this.IMPLEMENTATION); + var scaDeltascanDetailedAll = ''; + if (includesca && secondlastscan != -1 && offset == 1) { + var responseSCADeltaScanReport = this.UTIL.getSCADeltaVul(this.IMPLEMENTATION, appId, Object.keys(params.run)[0], secondlastscan); + if (responseSCADeltaScanReport != -1) { + var jsonSCADeltaScanReportResp = JSON.parse(responseSCADeltaScanReport.getBody()); + for (var item in jsonSCADeltaScanReportResp) { + var state = ''; + if (jsonSCADeltaScanReportResp[item].riskState && jsonSCADeltaScanReportResp[item].riskState == 'NotExploitable') { + state = 'NOT_EXPLOITABLE'; + } + if (jsonSCADeltaScanReportResp[item].riskStatus == 'fixed' || (jsonSCADeltaScanReportResp[item].riskState && jsonSCADeltaScanReportResp[item].riskState == 'NotExploitable')) { + scaDeltascanDetailedAll += ''; + } + } + scaDeltascanDetailedAll = '' + scaDeltascanDetailedAll + ''; + } + } } if (params.run) { // scanId, offset var scanId = Object.keys(params.run)[0]; response = this.getDetailedReport(scanId, params.run[Object.keys(params.run)[0]], lastscandate, secondlastscan, appname, branch, appId, applicationIdsStr, engine, delta_offset); gs.debug(this.MSG + ' getDetailedReport response:' + response); - + var xml_response = scanDetailedRootNodeStart + response + scaDeltascanDetailedAll + scanDetailedRootNodeEnd; } - params = this._serializeParameters(this._nextParameters(params)); - this.setNextRunParameters(params); - - //Saving delta_start_time - if (!params.run) { - var latest = this.LATEST ? this.LATEST : ''; - this.INTEGRATION.setValue('delta_start_time', latest); - this.INTEGRATION.update(); - this.hasMoreData(false); - } else - this.hasMoreData(true); + } catch (err) { - gs.error(this.MSG + " retrieveData : Error occured while getting report. Skipping buildId: " + scanId + err); - response = ''; + gs.error(this.MSG + " retrieveData : Error occured while getting report. Skipping buildId: " + scanId + " with error: " + err); + xml_response = ''; } if (response == "") { - response = ''; + xml_response = ''; } - + params = this._serializeParameters(this._nextParameters(params)); + this.setNextRunParameters(params); + + //Saving delta_start_time + if (!params.run) { + var latest = this.LATEST ? this.LATEST : ''; + this.INTEGRATION.setValue('delta_start_time', latest); + this.INTEGRATION.update(); + this.hasMoreData(false); + } else + this.hasMoreData(true); return { - contents: new GlideSysAttachment().write(this.PROCESS, this.FILENAME, "xml", response), + contents: new GlideSysAttachment().write(this.PROCESS, this.FILENAME, "xml", xml_response), contentType: "sys_attachment", extension: "xml" }; @@ -95,8 +129,6 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic var includekics = this.UTIL.importKicsFlaw(this.IMPLEMENTATION); var config = this.UTIL._getConfig(this.IMPLEMENTATION); var apibaseurl = config.checkmarxone_api_base_url; - var scanDetailedRootNodeStart = ""; - var scanDetailedRootNodeEnd = ""; var SCAscanDetailedAll = ''; var SASTscanDetailedAll = ''; var SASTDeltascanDetailedAll = ''; @@ -116,7 +148,7 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic var vulnerabilityCountThresholdLevel = config.vulnerability_threshold_level; var delta_ = 0; - if (includesast == true && engine.includes('sast')) { + if (includesast == true && engine.indexOf('sast') != -1) { if (secondlastscan != -1 && delta_offset > newoffset) { var responseDeltaScanReport = this.UTIL.getDeltaScan(this.IMPLEMENTATION, appId, scanId, secondlastscan, newoffset); if (responseDeltaScanReport != -1) { @@ -139,6 +171,13 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic } var owasp = this._getOWASPTop10(jsonDeltaScanReportResp.results[item].compliances); var sans = this._getSANSTop25(jsonDeltaScanReportResp.results[item].compliances); + var sastDeltaScanUrl = ''; + + if (!jsonDeltaScanReportResp.results[item].resultHash.indexOf('/') != -1) { + sastDeltaScanUrl = apibaseurl + '/results/' + scanId + '/' + appId + '/sast?result-id=' + encodeURIComponent(jsonDeltaScanReportResp.results[item].resultHash) + '&redirect=true'; + } else { + sastDeltaScanUrl = apibaseurl + '/results/' + scanId + '/' + appId + '/sast'; + } SASTDeltascanDetailedAll += ''; + return reportcontent; }, // Get all the OWASP Top 10 compliances as a concatenated string with comma. @@ -386,38 +433,39 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic this.LATEST = latest; } } else { + var app_list = []; + var scan_app_list = []; + var project_primary_branch_list = []; this.LATEST = new GlideDateTime(this.DELTA_START_TIME || '1970-01-01T10:16:06.17544Z').getDate(); var apps = this.AVR_API.getAppReleases(); + var scanJson = this.UTIL.getAllScanList(this.IMPLEMENTATION, this._getCurrentDeltaStartTime()); var isPrimaryBranchEnabled = this.UTIL._getConfig(this.IMPLEMENTATION).sync_only_primary_branch.toString(); - var app_list = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); - var app = ''; - var appId = ''; - var scanId = ''; var offsetId = ''; - var scans = []; - var appIds = []; - for (var i in apps) { - appIds.push(apps[i].source_app_id); + var config = this.UTIL._getConfig(this.IMPLEMENTATION); + var filter_project = config.filter_project; + var list_projects = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); + var list_projects_name = this.UTIL.getConfigProjectNameList(this.IMPLEMENTATION); + if (list_projects_name && list_projects_name.length > 0 && filter_project == 'by_name') + var projectIdsByNames = this.UTIL.getProjectIdsFromProjectNames(this.IMPLEMENTATION, list_projects_name); + + if (isPrimaryBranchEnabled == 'true') { + project_primary_branch_list = this.UTIL.getProjectPrimaryBranchList(this.IMPLEMENTATION); } - if (app_list && app_list.length > 0) { - for (var id in app_list) { - if (appIds.indexOf(app_list[id]) != -1 && app_list[id] !== "undefined") { - appId = app_list[id]; - scans = this._getScans(appId, isPrimaryBranchEnabled); - for (var item in scans) { - scanId = scans[item]; - offsetId = this._getoffsets(appId, scanId); - params.remaining[scanId] = offsetId; - } - } - } - } else { - for (var j in apps) { - appId = apps[j].source_app_id; - if (appId !== "undefined") { - scans = this._getScans(appId, isPrimaryBranchEnabled); - for (var k in scans) { - scanId = scans[k]; + for (var j in apps) { + app_list.push(apps[j].source_app_id); + } + for (var k in scanJson.scans) { + if (scan_app_list.indexOf(scanJson.scans[k].projectId) == -1) + scan_app_list.push(scanJson.scans[k].projectId); + } + for (var item in scan_app_list) { + var appId = scan_app_list[item]; + if (appId !== "undefined" && app_list.indexOf(appId) != -1) { + var includeProjectFlag = this.UTIL.isProjectIncluded(this.IMPLEMENTATION, filter_project, list_projects, list_projects_name, projectIdsByNames, appId); + + if (includeProjectFlag == 'true') { + var scanId = this._getScanIdFromJSON(scanJson, appId, isPrimaryBranchEnabled, project_primary_branch_list); + if (scanId && scanId != '' && scanId != 'undefined') { offsetId = this._getoffsets(appId, scanId); params.remaining[scanId] = offsetId; } @@ -431,70 +479,78 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic } } } catch (err) { - gs.error(this.MSG + " _getParameters : Error while getting the integration parameters." + err); + gs.error(this.MSG + " _getParameters : Error while getting the integration parameters: " + err); throw err; } return params; }, - // Gets the start time of the integration - _getCurrentDeltaStartTime: function() { - try { - var delta = this.UTIL.parseTZDate(this.DELTA_START_TIME) || '1970-01-01T10:16:06.17544Z'; - } catch (err) { - gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time." + err); - throw err; - } - return delta; - }, - - // Gets the scan list for the particular app - _getScans: function(appId, isPrimaryBranchEnabled) { + //get Scan IDs from JSON + _getScanIdFromJSON: function(scanJson, appId, isPrimaryBranchEnabled, project_primary_branch_list) { + var scanId = ''; + var isPrimaryBranchFound = 'false'; var includesca = this.UTIL.importScaFlaw(this.IMPLEMENTATION); var includesast = this.UTIL.importSastFlaw(this.IMPLEMENTATION); var includekics = this.UTIL.importKicsFlaw(this.IMPLEMENTATION); - var scans = []; - var scanId = ''; - try { - if (isPrimaryBranchEnabled == 'true') - var primaryBranch = this.UTIL.getProjectById(this.IMPLEMENTATION, appId).mainBranch.toString(); - var responseLastScan = this.UTIL.getScanList(this.IMPLEMENTATION, appId, this._getCurrentDeltaStartTime()); - var jsonLastScanResp = JSON.parse(responseLastScan.getBody()); - for (var item in jsonLastScanResp.scans) { - - if (null != jsonLastScanResp.scans[item] && null != jsonLastScanResp.scans[item].branch) - var scanBranch = jsonLastScanResp.scans[item].branch.toString(); - var isScanAllowed = 'true'; - if (isPrimaryBranchEnabled == 'true' && primaryBranch != scanBranch) - isScanAllowed = 'false'; - if (includesca && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("sca")) { - scanId = this._getScan(appId, jsonLastScanResp.scans[item].id); + if (isPrimaryBranchEnabled == 'true') + var primaryBranch = this.UTIL.getPrimaryBranchByProjectId(project_primary_branch_list, appId); + if (isPrimaryBranchEnabled == 'true' && null != primaryBranch && '' != primaryBranch) + isPrimaryBranchFound = 'true'; + + for (var item in scanJson.scans) { + var projectId = scanJson.scans[item].projectId; + var projectScanId = scanJson.scans[item].id; + var branch = scanJson.scans[item].branch; + var includeScan = 'false'; + if (projectId && projectId != '' && projectId != 'undefined' && projectId == appId) { + if (isPrimaryBranchEnabled == 'true' && isPrimaryBranchFound == 'true' && primaryBranch == branch && projectScanId != '' && projectScanId != 'undefined') { + if (includesca) { + if (scanJson.scans[item].engines.toString().indexOf("sca") != -1) + includeScan = 'true'; } - } - if (includesast && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("sast")) { - scanId = this._getScan(appId, jsonLastScanResp.scans[item].id); + if (includesast) { + if (scanJson.scans[item].engines.toString().indexOf("sast") != -1) + includeScan = 'true'; } - } - if (includekics && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("kics")) { - scanId = this._getScan(appId, jsonLastScanResp.scans[item].id); + if (includekics) { + if (scanJson.scans[item].engines.toString().indexOf("kics") != -1) + includeScan = 'true'; + } + } else if (!(isPrimaryBranchEnabled == 'true' && isPrimaryBranchFound == 'true') && projectScanId != '' && projectScanId != 'undefined') { + if (includesca) { + if (scanJson.scans[item].engines.toString().indexOf("sca") != -1) + includeScan = 'true'; + } + if (includesast) { + if (scanJson.scans[item].engines.toString().indexOf("sast") != -1) + includeScan = 'true'; + } + if (includekics) { + if (scanJson.scans[item].engines.toString().indexOf("kics") != -1) + includeScan = 'true'; } } - if (scanId && scanId != '') { - scans.push(scanId); - var date = new GlideDateTime(this.UTIL.parseDate(jsonLastScanResp.scans[item].updatedAt)); - if (!this.LATEST || date > this.LATEST) - this.LATEST = date; - } - } + if (includeScan == 'true') { + scanId = projectScanId; + break; + } + } + return scanId; + }, + + + // Gets the start time of the integration + _getCurrentDeltaStartTime: function() { + try { + var delta = this.UTIL.parseTZDate(this.DELTA_START_TIME) || '1970-01-01T10:16:06.17544Z'; } catch (err) { - gs.info(this.MSG + " _getScans : Error while getting scans." + err); + gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time: " + err); + throw err; } - return scans; + return delta; }, + //to get offset (50 items at a time) _getoffsets: function(appId, scanId) { var offsets = []; @@ -512,9 +568,6 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic } return offsets; }, - _getScan: function(appId, buildId) { - return buildId; - }, _getoffset: function(scanId, offsetId) { return offsetId; @@ -561,13 +614,13 @@ CheckmarxOneAppVulItemIntegration.prototype = Object.extendsObject(sn_vul.Applic admin 2022-11-21 12:06:20 891d8fed471f1110328ca368436d4334 -282 +316 CheckmarxOneAppVulItemIntegration 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_891d8fed471f1110328ca368436d4334 -admin -2024-02-28 10:15:20 +nidhikumari.jaiswal@checkmarx.com +2024-05-31 11:09:53 diff --git a/Scripts/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml b/Scripts/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml index 48b4799..d85e698 100644 --- a/Scripts/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml +++ b/Scripts/CheckmarxOneAppVulItemProcessor_sys_script_include_ba2b3da69769e510026f72021153af1b.xml @@ -1,5 +1,5 @@ - + public true @@ -24,7 +24,14 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat this.UTIL.validateXML(new GlideSysAttachment().getContent(attachment), 'error'); var doc = new XMLDocument2(); doc.parseXML(new GlideSysAttachment().getContent(attachment)); - var listNode = doc.getNode('/detailedreport/xml/results'); + var result_node = doc.getNode('/scanResults'); + if (result_node.toString().includes("Results")) { + var listNode = doc.getNode('/scanResults/Results'); + } + if (result_node.toString().includes("fixedSCAData")) { + var fixedNode = doc.getNode('/scanResults/fixedSCAData'); + } + } catch (ex) { gs.info("error reported" + new GlideSysAttachment().getContent(attachment)); gs.error(this.MSG + "Error occurred while validating or parsing the XML: " + ex); @@ -53,13 +60,17 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat var scan_type = node.getAttribute('scan_type'); var source_severity_string = node.getAttribute('source_severity'); if (source_severity_string == 'CRITICAL') { - source_severity = 0; + var source_severity = 0; } else if (source_severity_string == 'HIGH') { - var source_severity = 1; + source_severity = 1; } else if (source_severity_string == 'MEDIUM') { source_severity = 2; } else if (source_severity_string == 'LOW') { source_severity = 3; + } else if (source_severity_string == 'INFO') { + source_severity = 4; + } else { + source_severity = 5; } queryData['category_name'] = node.getAttribute('category_name'); @@ -137,6 +148,7 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat resultObj['package_unique_id'] = node.getAttribute('package_unique_id'); resultObj['package_name'] = node.getAttribute('package_name'); resultObj['location'] = node.getAttribute('location'); + resultObj['source_sdlc_status'] = 'Not Applicable'; resultObj['source_link'] = node.getAttribute('sourcefile'); if (node.getAttribute('line_no') != '') { resultObj['line_number'] = parseInt(node.getAttribute('line_no')); @@ -185,6 +197,40 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat } } + if (fixedNode) { + var fixedData = {}; + var sca_iter = fixedNode.getChildNodeIterator(); + while (sca_iter.hasNext()) { + try { + var sca_node = sca_iter.next(); + var scaattributes = sca_node.getAttributes(); + var avit_id = scaattributes.vulnerabilityId + scaattributes.id; + var id = 'Checkmarx One' + "-" + scaattributes.vulnerabilityId; + var severity = this._handleFixedVul(id); + fixedData['source_app_id'] = reportData.source_app_id; + fixedData['source_scan_id'] = reportData.source_scan_id; + fixedData['scan_type'] = 'sca'; + fixedData['source_avit_id'] = avit_id; + fixedData['source_entry_id'] = id; + if(scaattributes.riskState == 'NOT_EXPLOITABLE'){ + fixedData['source_remediation_status'] = scaattributes.riskState; + }else{ + fixedData['source_remediation_status'] = 'FIXED'; + } + fixedData['source_severity'] = severity; + fixedData['scan_summary_name'] = reportData.scan_summary_name; + fixedData['source_sdlc_status'] = 'Not Applicable'; + fixedData['package_unique_id'] = scaattributes.id; + this._upsertAVIT(fixedData); + + } catch (ex) { + errorMessage = gs.getMessage("Error in retriving data for app vulnerability item integration!"); + gs.error(this.MSG + " " + errorMessage + " " + ex.message); + errorProcess += " | " + ex.message; + + } + } + } if (!gs.nil(errorProcess)) gs.error(this.MSG + "All errors that occurred while processing Vulnerability lists: " + errorProcess); this.completeProcess(this.integrationProcessGr, this.import_counts); @@ -242,6 +288,28 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat } } }, + _handleFixedVul: function(id) { + var avit = new GlideRecord('sn_vul_app_vul_entry'); + avit.addQuery('id', id); + avit.query(); + while (avit.next()) { + var source_severity = avit.source_severity; + } + if (source_severity == 0) { + var source_severity_string = 'CRITICAL'; + } else if (source_severity == 1) { + source_severity_string = 'HIGH'; + } else if (source_severity == 2) { + source_severity_string = 'MEDIUM'; + } else if (source_severity == 3) { + source_severity_string = 'LOW'; + } else if (source_severity == 4) { + source_severity_string = 'INFO'; + } else { + source_severity_string = 'OTHERS'; + } + return source_severity_string; + }, _handleCVE: function(nvdData, resultObj, cve) { var name = cve; @@ -269,13 +337,13 @@ CheckmarxOneAppVulItemProcessor.prototype = Object.extendsObject(sn_vul.Applicat apoorva.singh@checkmarx.com 2023-03-16 05:04:10 ba2b3da69769e510026f72021153af1b -51 +61 CheckmarxOneAppVulItemProcessor 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_ba2b3da69769e510026f72021153af1b admin -2024-02-19 05:57:51 +2024-05-22 13:26:13 diff --git a/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml b/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml index 88dc730..0b57ccc 100644 --- a/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml +++ b/Scripts/CheckmarxOneConfigUtilBase_sys_script_include_508f0d54471f1110328ca368436d43f8.xml @@ -1,5 +1,5 @@ - + package_private true @@ -24,7 +24,6 @@ CheckmarxOneConfigUtilBase.prototype = { }; var response = new x_chec3_chexone.CheckmarxOneUtil().getProject(config.getValue("integration_instance")); var implConfig = new GlideRecord("sn_sec_int_impl_config"); - } catch (ex) { result = false; errorMessage = gs.getMessage("Credential validation failed!"); @@ -70,7 +69,10 @@ CheckmarxOneConfigUtilBase.prototype = { "triaging_in_snow": gr.getValue("triaging_in_snow") === "1", "vulnerability_threshold_level": gr.getValue("vulnerability_threshold_level"), "access_token": gr.access_token.getDecryptedValue(), + "sync_only_primary_branch": gr.getValue("sync_only_primary_branch") === "1", "list_projects": gr.getValue("list_of_project_id_s"), + "project_filter_by_name": gr.getValue("project_filter_by_name"), + "filter_project": gr.getValue("filter_project"), }; new sn_sec_int.Implementation().setConfiguration(instance, newconfig); @@ -85,13 +87,13 @@ CheckmarxOneConfigUtilBase.prototype = { admin 2022-11-17 05:45:19 508f0d54471f1110328ca368436d43f8 -49 +58 CheckmarxOneConfigUtilBase 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_508f0d54471f1110328ca368436d43f8 admin -2023-12-27 15:25:17 +2024-05-22 12:54:21 diff --git a/Scripts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml b/Scripts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml index 184e3a9..571cad5 100644 --- a/Scripts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml +++ b/Scripts/CheckmarxOneDevOpsIntegration_sys_script_include_f171708947e431108a980178c26d434f.xml @@ -1,5 +1,5 @@ - + package_private true diff --git a/Scripts/CheckmarxOneScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml b/Scripts/CheckmarxOneScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml index 1598835..706b831 100644 --- a/Scripts/CheckmarxOneScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml +++ b/Scripts/CheckmarxOneScanSummaryDetailsJSONProcessor_sys_script_include_b8934b914768b1108a980178c26d4313.xml @@ -1,5 +1,5 @@ - + package_private true diff --git a/Scripts/CheckmarxOneScanSummaryIntegration_sys_script_include_d7f2d2e447131110328ca368436d4321.xml b/Scripts/CheckmarxOneScanSummaryIntegration_sys_script_include_d7f2d2e447131110328ca368436d4321.xml index ec85c47..49d18e3 100644 --- a/Scripts/CheckmarxOneScanSummaryIntegration_sys_script_include_d7f2d2e447131110328ca368436d4321.xml +++ b/Scripts/CheckmarxOneScanSummaryIntegration_sys_script_include_d7f2d2e447131110328ca368436d4321.xml @@ -1,5 +1,5 @@ - + public true @@ -24,17 +24,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli var offsetId = params.run[Object.keys(params.run)[0]]; response = this.getSummaryReport(appId, offsetId); } - params = this._serializeParameters(this._nextParameters(params)); - this.setNextRunParameters(params); - //Saving delta_start_time - if (!params.run) { - var latest = this.LATEST ? this.LATEST : ''; - this.INTEGRATION.setValue('delta_start_time', latest); - this.INTEGRATION.update(); - this.hasMoreData(false); - } else - this.hasMoreData(true); } catch (err) { gs.error(this.MSG + " retrieveData : Error while retrieving the data. Skipping appId: " + appId + ", scanId: " + offsetId + err); response = ''; @@ -42,6 +32,17 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli if (response == "") { response = ''; } + params = this._serializeParameters(this._nextParameters(params)); + this.setNextRunParameters(params); + + //Saving delta_start_time + if (!params.run) { + var latest = this.LATEST ? this.LATEST : ''; + this.INTEGRATION.setValue('delta_start_time', latest); + this.INTEGRATION.update(); + this.hasMoreData(false); + } else + this.hasMoreData(true); return { contents: new GlideSysAttachment().write(this.PROCESS, this.FILENAME, "xml", response), contentType: "sys_attachment", @@ -63,24 +64,37 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli var includesca = this.UTIL.importScaFlaw(this.IMPLEMENTATION); var includesast = this.UTIL.importSastFlaw(this.IMPLEMENTATION); var includekics = this.UTIL.importKicsFlaw(this.IMPLEMENTATION); - var responseLastScanSummary = this.UTIL.getScanInfo(this.IMPLEMENTATION, appId, newoffset, this._getCurrentDeltaStartTime()); + var isPrimaryBranchEnabled = this.UTIL._getConfig(this.IMPLEMENTATION).sync_only_primary_branch.toString(); + var primaryBranch = ''; + var responseLastScanSummary = ''; + if (isPrimaryBranchEnabled == 'true') + primaryBranch = this.UTIL.getProjectById(this.IMPLEMENTATION, appId).mainBranch.toString(); + if (isPrimaryBranchEnabled == 'true' && null != primaryBranch && '' != primaryBranch) { + responseLastScanSummary = this.UTIL.getScanListFilterByBranch(this.IMPLEMENTATION, appId, this._getCurrentDeltaStartTime(), primaryBranch); + } else + responseLastScanSummary = this.UTIL.getScanInfo(this.IMPLEMENTATION, appId, newoffset, this._getCurrentDeltaStartTime()); var jsonLastScanSummResp = JSON.parse(responseLastScanSummary.getBody()); for (var item in jsonLastScanSummResp.scans) { //sca scan summary - if (includesca && jsonLastScanSummResp.scans[item].engines.toString().includes("sca")) { + if (includesca && jsonLastScanSummResp.scans[item].engines.toString().indexOf("sca") != -1) { var scaresponsevul = this.UTIL.getScanSummaryInfo(this.IMPLEMENTATION, jsonLastScanSummResp.scans[item].id); + var scaScanType = "Full Scan"; if (scaresponsevul != -1) { scaScanSummaryAll += ''; } } //sast scan summary - if (includesast && jsonLastScanSummResp.scans[item].engines.toString().includes("sast")) { + if (includesast && jsonLastScanSummResp.scans[item].engines.toString().indexOf("sast") != -1) { var sastresponsevul = this.UTIL.getSastScanSummaryInfo(this.IMPLEMENTATION, jsonLastScanSummResp.scans[item].id); + var sastScanType = jsonLastScanSummResp.scans[item].metadata.configs[0].value.incremental == "false" ? "Full Scan" : "Incremental Scan"; if (sastresponsevul != -1) { var loc = this._getLOCforSAST(jsonLastScanSummResp.scans[item].statusDetails); sastScanSummaryAll += ''; } } //kics scan summary - if (includekics && jsonLastScanSummResp.scans[item].engines.toString().includes("kics")) { + if (includekics && jsonLastScanSummResp.scans[item].engines.toString().indexOf("kics") != -1) { var kicsresponsevul = this.UTIL.getKicsScanSummaryInfo(this.IMPLEMENTATION, jsonLastScanSummResp.scans[item].id); + var scanType = "Full Scan"; if (kicsresponsevul != -1) { kicsScanSummaryAll += ''; } } @@ -119,7 +140,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli reportContent = scanSummaryRootNodeStart + includescanSummaryAll + scanSummaryRootNodeEnd; } catch (err) { - gs.info(this.MSG + " getSummaryReport : Error while getting the summary report." + err); + gs.error(this.MSG + " getSummaryReport : Error while getting the scan summary report: " + err); throw err; } return reportContent; @@ -131,14 +152,9 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli run: null, remaining: {} }; - var includesca = this.UTIL.importScaFlaw(this.IMPLEMENTATION); - var includesast = this.UTIL.importSastFlaw(this.IMPLEMENTATION); - var includekics = this.UTIL.importKicsFlaw(this.IMPLEMENTATION); - var appId = ''; - var app = ''; - var responseLastScan = ''; - var jsonLastScanResp = ''; var offsetId = ''; + var app_list = []; + var projectIdsByLastScanDate = []; try { if (parameters) { params = JSON.parse(parameters); @@ -152,96 +168,26 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli } else { this.LATEST = new GlideDateTime(this.DELTA_START_TIME || '1970-01-01T10:16:06.17544Z').getDate(); var apps = this.AVR_API.getAppReleases(); - var isPrimaryBranchEnabled = this.UTIL._getConfig(this.IMPLEMENTATION).sync_only_primary_branch.toString(); - var primaryBranch = ''; - var scanBranch = ''; - var isScanAllowed = ''; - var appIds = []; - for (var i in apps) { - appIds.push(apps[i].source_app_id); - } - var app_list = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); - if (app_list && app_list.length > 0) { - for (var id in app_list) { - if (appIds.indexOf(app_list[id]) != -1 && app_list[id] !== "undefined") { - appId = app_list[id]; - if (isPrimaryBranchEnabled == 'true') - primaryBranch = this.UTIL.getProjectById(this.IMPLEMENTATION, appId).mainBranch.toString(); - - responseLastScan = this.UTIL.getScanList(this.IMPLEMENTATION, appId, this._getCurrentDeltaStartTime()); - if (responseLastScan != -1) { - jsonLastScanResp = JSON.parse(responseLastScan.getBody()); - app = ''; - for (var item in jsonLastScanResp.scans) { - if (null != jsonLastScanResp.scans[item] && null != jsonLastScanResp.scans[item].branch) - scanBranch = jsonLastScanResp.scans[item].branch.toString(); - isScanAllowed = 'true'; - if (isPrimaryBranchEnabled == 'true' && primaryBranch != scanBranch) - isScanAllowed = 'false'; - if (includesca && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("sca")) { - app = jsonLastScanResp.scans[item].projectId; - } + projectIdsByLastScanDate = this.UTIL.getprojectScanList(this.IMPLEMENTATION, this._getCurrentDeltaStartTime()); - } - if (includesast && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("sast")) { - app = jsonLastScanResp.scans[item].projectId; - } - } - if (includekics && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[item].engines.toString().includes("kics")) { - app = jsonLastScanResp.scans[item].projectId; - } - } - } + var config = this.UTIL._getConfig(this.IMPLEMENTATION); + var filter_project = config.filter_project; + var list_projects = this.UTIL.getConfigProjectList(this.IMPLEMENTATION); + var list_projects_name = this.UTIL.getConfigProjectNameList(this.IMPLEMENTATION); + if (list_projects_name && list_projects_name.length > 0 && filter_project == 'by_name') + var projectIdsByNames = this.UTIL.getProjectIdsFromProjectNames(this.IMPLEMENTATION, list_projects_name); - if (app != '' && app == appId) { - offsetId = this._getoffsets(appId); - params.remaining[app] = offsetId; - } - } - } - } - } else { - for (var j in apps) { - appId = apps[j].source_app_id; - if (appId !== "undefined") { - if (isPrimaryBranchEnabled == 'true') - primaryBranch = this.UTIL.getProjectById(this.IMPLEMENTATION, appId).mainBranch.toString(); - - responseLastScan = this.UTIL.getScanList(this.IMPLEMENTATION, appId, this._getCurrentDeltaStartTime()); - if (responseLastScan != -1) { - jsonLastScanResp = JSON.parse(responseLastScan.getBody()); - app = ''; - for (var items in jsonLastScanResp.scans) { - if (null != jsonLastScanResp.scans[items] && null != jsonLastScanResp.scans[items].branch) - scanBranch = jsonLastScanResp.scans[items].branch.toString(); - isScanAllowed = 'true'; - if (isPrimaryBranchEnabled == 'true' && primaryBranch != scanBranch) - isScanAllowed = 'false'; - if (includesca && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[items].engines.toString().includes("sca")) { - app = jsonLastScanResp.scans[items].projectId; - } + for (var j in apps) { + app_list.push(apps[j].source_app_id); + } - } - if (includesast && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[items].engines.toString().includes("sast")) { - app = jsonLastScanResp.scans[items].projectId; - } - } - if (includekics && isScanAllowed == 'true') { - if (jsonLastScanResp.scans[items].engines.toString().includes("kics")) { - app = jsonLastScanResp.scans[items].projectId; - } - } - } - if (app != '' && app == appId) { - offsetId = this._getoffsets(appId); - params.remaining[app] = offsetId; - } - } + for (var item in projectIdsByLastScanDate) { + var appId = projectIdsByLastScanDate[item]; + if (appId !== "undefined" && app_list.indexOf(appId) != -1) { + var includeProjectFlag = this.UTIL.isProjectIncluded(this.IMPLEMENTATION, filter_project, list_projects, list_projects_name, projectIdsByNames, appId); + if (includeProjectFlag == 'true') { + offsetId = this._getoffsets(appId); + params.remaining[appId] = offsetId; } } } @@ -252,7 +198,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli } } } catch (err) { - gs.error(this.MSG + " _getParameters : Error while getting the integration parameters." + err); + gs.error(this.MSG + " _getParameters : Error while getting the integration parameters: " + err); // throw err; } return params; @@ -262,7 +208,7 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli try { var delta = this.UTIL.parseTZDate(this.DELTA_START_TIME) || '1970-01-01T10:16:06.17544Z'; } catch (err) { - gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time." + err); + gs.error(this.MSG + " _getCurrentDeltaStartTime : Error while getting the current delta start time: " + err); throw err; } return delta; @@ -340,13 +286,13 @@ CheckmarxOneScanSummaryIntegration.prototype = Object.extendsObject(sn_vul.Appli admin 2022-11-18 05:18:19 d7f2d2e447131110328ca368436d4321 -200 +216 CheckmarxOneScanSummaryIntegration 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_d7f2d2e447131110328ca368436d4321 -admin -2024-02-28 10:01:20 +apoorva.singh@checkmarx.com +2024-06-03 17:08:59 diff --git a/Scripts/CheckmarxOneScanSummaryProcessor_sys_script_include_ec0e828f47f42110328ca368436d433b.xml b/Scripts/CheckmarxOneScanSummaryProcessor_sys_script_include_ec0e828f47f42110328ca368436d433b.xml index 026064a..a2802a0 100644 --- a/Scripts/CheckmarxOneScanSummaryProcessor_sys_script_include_ec0e828f47f42110328ca368436d433b.xml +++ b/Scripts/CheckmarxOneScanSummaryProcessor_sys_script_include_ec0e828f47f42110328ca368436d433b.xml @@ -1,5 +1,5 @@ - + public true @@ -19,22 +19,26 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica this.UTIL.validateXML(new GlideSysAttachment().getContent(attachment), 'error'); var doc = new XMLDocument2(); doc.parseXML(new GlideSysAttachment().getContent(attachment)); - var Node = doc.getNode('/scanData'); + var node = doc.getNode('/scanData'); + if (node.toString().indexOf("sastScanData") != -1) { + var sastnodes = doc.getNode('/scanData/sastScanData/scans'); + } + if (node.toString().indexOf("scaScanData") != -1) { + var scanodes = doc.getNode('/scanData/scaScanData/scans'); + } + if (node.toString().indexOf("kicsScanData") != -1) { + var kicsnodes = doc.getNode('/scanData/kicsScanData/scans'); + } + } catch (ex) { gs.error(this.MSG + "Error occurred while validating or parsing the XML: " + ex); throw ex; } var errorProcess = ''; - if (Node.toString().includes("sastScanData")) { - try { - var sastnodes = doc.getNode('/scanData/sastScanData/scans'); - var iteration = sastnodes.getChildNodeIterator(); - } catch (ex) { - gs.error(this.MSG + "Error occurred while parsing the XML: " + ex); - throw ex; - } + if (sastnodes) { var sastdata = {}; + var iteration = sastnodes.getChildNodeIterator(); while (iteration.hasNext()) { try { var SastappNode = iteration.next(); @@ -45,8 +49,9 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica sastdata['detected_flaw_count'] = +Sastattributes.total_no_flaws; sastdata['last_scan_date'] = new GlideDateTime(Sastattributes.last_scan_date); sastdata['scan_summary_name'] = Sastattributes.id + ' ' + sastdata['last_scan_date']; - sastdata['scan_analysis_size'] = +Sastattributes.loc; - sastdata['tags'] = Sastattributes.branch; + sastdata['scan_analysis_size'] = +Sastattributes.loc; + sastdata['tags'] = Sastattributes.branch; + sastdata['scan_submitted_by'] = 'Scan Origin: ' + Sastattributes.scan_origin + '\n' + 'Scan Source: ' + Sastattributes.scan_source + '\n' + 'Scan Type: ' + Sastattributes.scan_type + '\n'; this._upsert(sastdata); } catch (ex) { errorMessage = gs.getMessage("Error in retriving data for scan list integration!"); @@ -56,15 +61,9 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica } } } - if (Node.toString().includes("scaScanData")) { - try { - var scanodes = doc.getNode('/scanData/scaScanData/scans'); - var iter = scanodes.getChildNodeIterator(); - } catch (ex) { - gs.error(this.MSG + "Error occurred while validating or parsing the XML: " + ex); - throw ex; - } + if (scanodes) { var data = {}; + var iter = scanodes.getChildNodeIterator(); while (iter.hasNext()) { try { var appNode = iter.next(); @@ -75,7 +74,8 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica data['detected_flaw_count'] = +attributes.total_no_flaws; data['last_scan_date'] = new GlideDateTime(attributes.last_scan_date); data['scan_summary_name'] = attributes.id + ' ' + data['last_scan_date']; - data['tags'] = attributes.branch; + data['tags'] = attributes.branch; + data['scan_submitted_by'] = 'Scan Origin: ' + attributes.scan_origin + '\n' + 'Scan Source: ' + attributes.scan_source + '\n' + 'Scan Type: ' + attributes.scan_type + '\n'; this._upsert(data); } catch (ex) { errorMessage = gs.getMessage("Error in retriving data for scan list integration!"); @@ -85,15 +85,9 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica } } } - if (Node.toString().includes("kicsScanData")) { - try { - var kicsnodes = doc.getNode('/scanData/kicsScanData/scans'); - var kicsiteration = kicsnodes.getChildNodeIterator(); - } catch (ex) { - gs.error(this.MSG + "Error occurred while parsing the XML: " + ex); - throw ex; - } + if (kicsnodes) { var kicsdata = {}; + var kicsiteration = kicsnodes.getChildNodeIterator(); while (kicsiteration.hasNext()) { try { var kicsappNode = kicsiteration.next(); @@ -104,7 +98,8 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica kicsdata['detected_flaw_count'] = +kicsattributes.total_no_flaws; kicsdata['last_scan_date'] = new GlideDateTime(kicsattributes.last_scan_date); kicsdata['scan_summary_name'] = kicsattributes.id + ' ' + kicsdata['last_scan_date']; - kicsdata['tags'] = kicsattributes.branch; + kicsdata['tags'] = kicsattributes.branch; + kicsdata['scan_submitted_by'] = 'Scan Origin: ' + kicsattributes.scan_origin + '\n' + 'Scan Source: ' + kicsattributes.scan_source + '\n' + 'Scan Type: ' + kicsattributes.scan_type + '\n'; this._upsert(kicsdata); } catch (ex) { errorMessage = gs.getMessage("Error in retriving data for scan list integration!"); @@ -166,13 +161,13 @@ CheckmarxOneScanSummaryProcessor.prototype = Object.extendsObject(sn_vul.Applica admin 2023-02-08 12:56:43 ec0e828f47f42110328ca368436d433b -14 +20 CheckmarxOneScanSummaryProcessor 3d20e92d47471110328ca368436d436a 3d20e92d47471110328ca368436d436a sys_script_include_ec0e828f47f42110328ca368436d433b -admin -2024-02-08 15:41:36 +apoorva.singh@checkmarx.com +2024-06-03 17:08:30 diff --git a/Scripts/CheckmarxOneUtilBase_sys_script_include_1980bcb147935110328ca368436d435a.xml b/Scripts/CheckmarxOneUtilBase_sys_script_include_1980bcb147935110328ca368436d435a.xml index 2a3efb9..ef9ad9b 100644 --- a/Scripts/CheckmarxOneUtilBase_sys_script_include_1980bcb147935110328ca368436d435a.xml +++ b/Scripts/CheckmarxOneUtilBase_sys_script_include_1980bcb147935110328ca368436d435a.xml @@ -1,5 +1,5 @@ - + public true @@ -11,6 +11,7 @@