From 9edab4df5dc90b95fd89b5f0951f43505cb686c2 Mon Sep 17 00:00:00 2001 From: Ruud Senden Date: Tue, 29 Nov 2022 13:00:29 +0100 Subject: [PATCH 1/2] Refactoring to pass session data to commands, sc-sast scan start improvements --- .../unirest/AbstractUnirestOutputCommand.java | 36 ++++++++++++------- ...estWithSessionDataBaseRequestSupplier.java | 10 ++++++ ...nirestWithSessionDataJsonNodeSupplier.java | 10 ++++++ .../rest/cli/cmd/AbstractRestCallCommand.java | 3 +- .../cli/cmd/AbstractUnirestRunnerCommand.java | 19 +++++++--- .../rest/cli/cmd/AbstractWaitForCommand.java | 3 +- .../AbstractSimpleUnirestRunnerMixin.java | 7 ++-- .../cli/mixin/AbstractUnirestRunnerMixin.java | 16 +++++---- .../runner/IUnirestWithSessionDataRunner.java | 11 ++++++ .../output/cli/AbstractFoDOutputCommand.java | 3 +- .../fod/rest/cli/cmd/FoDRestCallCommand.java | 3 +- .../scan/cli/cmd/FoDScanWaitForCommand.java | 3 +- .../cli/cmd/AbstractSCDastOutputCommand.java | 3 +- .../rest/cli/cmd/SCDastRestCallCommand.java | 3 +- .../cli/cmd/SCDastScanWaitForCommand.java | 3 +- ...AbstractSCSastControllerOutputCommand.java | 14 ++++++-- .../cmd/AbstractSCSastSSCOutputCommand.java | 14 ++++++-- .../cmd/SCSastControllerRestCallCommand.java | 3 +- .../AbstractSCSastUnirestRunnerMixin.java | 6 ++-- .../SCSastControllerUnirestRunnerMixin.java | 5 +-- .../mixin/SCSastSSCUnirestRunnerMixin.java | 5 +-- .../cmd/SCSastControllerScanStartCommand.java | 27 +++++++++----- .../SCSastControllerScanWaitForCommand.java | 3 +- .../cli/mixin/SCSastSessionLoginOptions.java | 4 +++ .../SSCAppVersionArtifactWaitForCommand.java | 3 +- .../cli/cmd/AbstractSSCOutputCommand.java | 3 +- .../ssc/rest/cli/cmd/SSCRestCallCommand.java | 3 +- 27 files changed, 165 insertions(+), 58 deletions(-) create mode 100644 fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataBaseRequestSupplier.java create mode 100644 fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataJsonNodeSupplier.java create mode 100644 fcli-common/src/main/java/com/fortify/cli/common/rest/runner/IUnirestWithSessionDataRunner.java diff --git a/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/AbstractUnirestOutputCommand.java b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/AbstractUnirestOutputCommand.java index 8a5b5bbc01..478e6aedc9 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/AbstractUnirestOutputCommand.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/AbstractUnirestOutputCommand.java @@ -24,36 +24,48 @@ ******************************************************************************/ package com.fortify.cli.common.output.cli.cmd.unirest; +import java.util.Arrays; +import java.util.List; + import com.fortify.cli.common.output.cli.mixin.spi.unirest.IUnirestOutputHelper; import com.fortify.cli.common.output.spi.ISingularSupplier; import com.fortify.cli.common.rest.cli.cmd.AbstractUnirestRunnerCommand; +import com.fortify.cli.common.session.manager.api.ISessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @ReflectiveAccess -public abstract class AbstractUnirestOutputCommand extends AbstractUnirestRunnerCommand implements ISingularSupplier { +public abstract class AbstractUnirestOutputCommand extends AbstractUnirestRunnerCommand implements ISingularSupplier { + private static final List> supportedInterfaces = Arrays.asList( + IUnirestBaseRequestSupplier.class, + IUnirestWithSessionDataBaseRequestSupplier.class, + IUnirestJsonNodeSupplier.class, + IUnirestWithSessionDataJsonNodeSupplier.class); + @SuppressWarnings("unchecked") @Override - protected final Void run(UnirestInstance unirest) { + protected final Void run(UnirestInstance unirest, D sessionData) { IUnirestOutputHelper outputHelper = getOutputHelper(); - if ( isBaseHttpRequestSupplier() ) { + if ( isInstance(IUnirestBaseRequestSupplier.class) ) { outputHelper.write(unirest, ((IUnirestBaseRequestSupplier)this).getBaseRequest(unirest)); - } else if ( isJsonNodeSupplier() ) { + } else if ( isInstance(IUnirestWithSessionDataBaseRequestSupplier.class) ) { + outputHelper.write(unirest, ((IUnirestWithSessionDataBaseRequestSupplier)this).getBaseRequest(unirest, sessionData)); + } else if ( isInstance(IUnirestJsonNodeSupplier.class) ) { outputHelper.write(unirest, ((IUnirestJsonNodeSupplier)this).getJsonNode(unirest)); + } else if ( isInstance(IUnirestWithSessionDataJsonNodeSupplier.class) ) { + outputHelper.write(unirest, ((IUnirestWithSessionDataJsonNodeSupplier)this).getJsonNode(unirest, sessionData)); } else { - throw new IllegalStateException(this.getClass().getName()+" must implement exactly one of I[BaseHttpRequest|JsonNodeHolder|JsonNode]Supplier"); + throw new IllegalStateException(this.getClass().getName()+" must implement exactly one of "+supportedInterfaces); } return null; } - private boolean isBaseHttpRequestSupplier() { - return (this instanceof IUnirestBaseRequestSupplier) - && !(this instanceof IUnirestJsonNodeSupplier); + private boolean isInstance(Class clazz) { + return clazz.isAssignableFrom(this.getClass()) && + supportedInterfaces.stream() + .filter(c->!c.equals(clazz)) + .noneMatch(c->c.isAssignableFrom(this.getClass())); } - private boolean isJsonNodeSupplier() { - return !(this instanceof IUnirestBaseRequestSupplier) - && (this instanceof IUnirestJsonNodeSupplier); - } protected abstract IUnirestOutputHelper getOutputHelper(); } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataBaseRequestSupplier.java b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataBaseRequestSupplier.java new file mode 100644 index 0000000000..b39037b6e4 --- /dev/null +++ b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataBaseRequestSupplier.java @@ -0,0 +1,10 @@ +package com.fortify.cli.common.output.cli.cmd.unirest; + +import com.fortify.cli.common.session.manager.api.ISessionData; + +import kong.unirest.HttpRequest; +import kong.unirest.UnirestInstance; + +public interface IUnirestWithSessionDataBaseRequestSupplier { + HttpRequest getBaseRequest(UnirestInstance unirest, D sessionData); +} diff --git a/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataJsonNodeSupplier.java b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataJsonNodeSupplier.java new file mode 100644 index 0000000000..177bbaa1ec --- /dev/null +++ b/fcli-common/src/main/java/com/fortify/cli/common/output/cli/cmd/unirest/IUnirestWithSessionDataJsonNodeSupplier.java @@ -0,0 +1,10 @@ +package com.fortify.cli.common.output.cli.cmd.unirest; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fortify.cli.common.session.manager.api.ISessionData; + +import kong.unirest.UnirestInstance; + +public interface IUnirestWithSessionDataJsonNodeSupplier { + JsonNode getJsonNode(UnirestInstance unirest, D sessionData); +} diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractRestCallCommand.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractRestCallCommand.java index 3bfe7cd633..8715da1235 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractRestCallCommand.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractRestCallCommand.java @@ -26,6 +26,7 @@ import com.fortify.cli.common.output.cli.mixin.writer.StandardOutputWriterFactoryMixin; import com.fortify.cli.common.output.writer.output.standard.StandardOutputConfig; +import com.fortify.cli.common.session.manager.api.ISessionData; import io.micronaut.core.annotation.ReflectiveAccess; import io.micronaut.core.util.StringUtils; @@ -37,7 +38,7 @@ import picocli.CommandLine.Parameters; @ReflectiveAccess -public abstract class AbstractRestCallCommand extends AbstractUnirestRunnerCommand { +public abstract class AbstractRestCallCommand extends AbstractUnirestRunnerCommand { public static final String CMD_NAME = "call"; @Mixin private StandardOutputWriterFactoryMixin outputWriterFactory; @Parameters(index = "0", arity = "1..1", descriptionKey = "api.uri") String uri; diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractUnirestRunnerCommand.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractUnirestRunnerCommand.java index 85313156e3..fd63d7b83c 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractUnirestRunnerCommand.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractUnirestRunnerCommand.java @@ -25,14 +25,15 @@ package com.fortify.cli.common.rest.cli.cmd; import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; -import com.fortify.cli.common.rest.runner.IUnirestRunner; +import com.fortify.cli.common.rest.runner.IUnirestWithSessionDataRunner; +import com.fortify.cli.common.session.manager.api.ISessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; import lombok.SneakyThrows; @ReflectiveAccess -public abstract class AbstractUnirestRunnerCommand extends AbstractFortifyCLICommand implements Runnable { +public abstract class AbstractUnirestRunnerCommand extends AbstractFortifyCLICommand implements Runnable { @Override @SneakyThrows public final void run() { // TODO Do we want to do anything with the results, like formatting it based on output options? @@ -40,6 +41,16 @@ public final void run() { getUnirestRunner().run(this::run); } - protected abstract IUnirestRunner getUnirestRunner(); - protected abstract Void run(UnirestInstance unirest); + protected Void run(UnirestInstance unirest, D sessionData) { + return run(unirest); + } + + // TODO Eventually, we'll likely want to change all command implementations to implement + // the run(UnirestInstance, SessionData) method; we can then remove this method and + // make the run(UnirestInstance, Session) method abstract. + protected Void run(UnirestInstance unirest) { + throw new RuntimeException("Command must implement either run(UnirestInstance,SessionData) or run(UnirestInstance)"); + } + + protected abstract IUnirestWithSessionDataRunner getUnirestRunner(); } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractWaitForCommand.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractWaitForCommand.java index 672391b80f..81a3b5bb5e 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractWaitForCommand.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/cmd/AbstractWaitForCommand.java @@ -32,6 +32,7 @@ import com.fortify.cli.common.rest.cli.mixin.WaitHelperWaitOptions; import com.fortify.cli.common.rest.wait.WaitHelper; import com.fortify.cli.common.rest.wait.WaitHelper.WaitHelperBuilder; +import com.fortify.cli.common.session.manager.api.ISessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @@ -39,7 +40,7 @@ import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractWaitForCommand extends AbstractUnirestRunnerCommand implements IActionCommandResultSupplier, ISingularSupplier { +public abstract class AbstractWaitForCommand extends AbstractUnirestRunnerCommand implements IActionCommandResultSupplier, ISingularSupplier { @Getter @Mixin private BasicOutputHelperMixins.WaitFor outputHelper; @Mixin private WaitHelperControlOptions controlOptions; @Mixin private WaitHelperWaitOptions waitOptions; diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractSimpleUnirestRunnerMixin.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractSimpleUnirestRunnerMixin.java index 47e9a044ef..280abbe25f 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractSimpleUnirestRunnerMixin.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractSimpleUnirestRunnerMixin.java @@ -1,17 +1,16 @@ package com.fortify.cli.common.rest.cli.mixin; -import java.util.function.Function; +import java.util.function.BiFunction; import com.fortify.cli.common.session.manager.api.ISessionData; -import com.fortify.cli.common.util.FixInjection; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; -@ReflectiveAccess @FixInjection +@ReflectiveAccess public abstract class AbstractSimpleUnirestRunnerMixin extends AbstractUnirestRunnerMixin { @Override - public final R run(Function f) { + public final R run(BiFunction f) { return run(this::configure, f); } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractUnirestRunnerMixin.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractUnirestRunnerMixin.java index fc02cc4151..bab99a7e3e 100644 --- a/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractUnirestRunnerMixin.java +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/cli/mixin/AbstractUnirestRunnerMixin.java @@ -1,10 +1,10 @@ package com.fortify.cli.common.rest.cli.mixin; import java.util.function.BiConsumer; -import java.util.function.Function; +import java.util.function.BiFunction; import com.fortify.cli.common.rest.runner.GenericUnirestFactory; -import com.fortify.cli.common.rest.runner.IUnirestRunner; +import com.fortify.cli.common.rest.runner.IUnirestWithSessionDataRunner; import com.fortify.cli.common.session.cli.mixin.SessionNameMixin; import com.fortify.cli.common.session.manager.api.ISessionData; import com.fortify.cli.common.util.FixInjection; @@ -15,18 +15,22 @@ import picocli.CommandLine.Mixin; @ReflectiveAccess @FixInjection -public abstract class AbstractUnirestRunnerMixin implements IUnirestRunner { +public abstract class AbstractUnirestRunnerMixin implements IUnirestWithSessionDataRunner { @Inject private GenericUnirestFactory genericUnirestFactory; @Mixin private SessionNameMixin.OptionalOption sessionNameMixin; - protected final R run(BiConsumer configurer, Function f) { + protected final R run(BiConsumer configurer, BiFunction f) { if ( f == null ) { throw new IllegalStateException("Function may not be null"); } - D sessionData = getSessionData(sessionNameMixin.getSessionName()); + D sessionData = getSessionData(); try ( var unirest = genericUnirestFactory.createUnirestInstance() ) { configurer.accept(unirest, sessionData); - return f.apply(unirest); + return f.apply(unirest, sessionData); } } + public D getSessionData() { + return getSessionData(sessionNameMixin.getSessionName()); + } + protected abstract D getSessionData(String sessionName); } diff --git a/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/IUnirestWithSessionDataRunner.java b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/IUnirestWithSessionDataRunner.java new file mode 100644 index 0000000000..96e3989721 --- /dev/null +++ b/fcli-common/src/main/java/com/fortify/cli/common/rest/runner/IUnirestWithSessionDataRunner.java @@ -0,0 +1,11 @@ +package com.fortify.cli.common.rest.runner; + +import java.util.function.BiFunction; + +import com.fortify.cli.common.session.manager.api.ISessionData; + +import kong.unirest.UnirestInstance; + +public interface IUnirestWithSessionDataRunner { + R run(BiFunction f); +} \ No newline at end of file diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/output/cli/AbstractFoDOutputCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/output/cli/AbstractFoDOutputCommand.java index 0bd8e4b506..75a9669c3e 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/output/cli/AbstractFoDOutputCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/output/cli/AbstractFoDOutputCommand.java @@ -26,12 +26,13 @@ import com.fortify.cli.common.output.cli.cmd.unirest.AbstractUnirestOutputCommand; import com.fortify.cli.fod.rest.cli.mixin.FoDUnirestRunnerMixin; +import com.fortify.cli.fod.session.manager.FoDSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractFoDOutputCommand extends AbstractUnirestOutputCommand { +public abstract class AbstractFoDOutputCommand extends AbstractUnirestOutputCommand { @Getter @Mixin FoDUnirestRunnerMixin unirestRunner; } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/rest/cli/cmd/FoDRestCallCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/rest/cli/cmd/FoDRestCallCommand.java index 5bd6a14a87..fcc5d34d45 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/rest/cli/cmd/FoDRestCallCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/rest/cli/cmd/FoDRestCallCommand.java @@ -26,6 +26,7 @@ import com.fortify.cli.common.rest.cli.cmd.AbstractRestCallCommand; import com.fortify.cli.fod.rest.cli.mixin.FoDUnirestRunnerMixin; +import com.fortify.cli.fod.session.manager.FoDSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -34,6 +35,6 @@ @ReflectiveAccess @Command(name = AbstractRestCallCommand.CMD_NAME) -public final class FoDRestCallCommand extends AbstractRestCallCommand { +public final class FoDRestCallCommand extends AbstractRestCallCommand { @Getter @Mixin private FoDUnirestRunnerMixin unirestRunner; } \ No newline at end of file diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanWaitForCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanWaitForCommand.java index 9e5ab110ee..fb1465f56b 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanWaitForCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanWaitForCommand.java @@ -32,6 +32,7 @@ import com.fortify.cli.fod.scan.cli.mixin.FoDScanResolverMixin; import com.fortify.cli.fod.scan.helper.FoDScanHelper; import com.fortify.cli.fod.scan.helper.FoDScanStatus; +import com.fortify.cli.fod.session.manager.FoDSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -40,7 +41,7 @@ @ReflectiveAccess @Command(name = BasicOutputHelperMixins.WaitFor.CMD_NAME) -public class FoDScanWaitForCommand extends AbstractWaitForCommand { +public class FoDScanWaitForCommand extends AbstractWaitForCommand { @Getter @Mixin FoDUnirestRunnerMixin unirestRunner; @Mixin private FoDScanResolverMixin.PositionalParameterMulti scansResolver; diff --git a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/output/cli/cmd/AbstractSCDastOutputCommand.java b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/output/cli/cmd/AbstractSCDastOutputCommand.java index 860958ffbe..d4dc5707f2 100644 --- a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/output/cli/cmd/AbstractSCDastOutputCommand.java +++ b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/output/cli/cmd/AbstractSCDastOutputCommand.java @@ -2,12 +2,13 @@ import com.fortify.cli.common.output.cli.cmd.unirest.AbstractUnirestOutputCommand; import com.fortify.cli.sc_dast.rest.cli.mixin.SCDastUnirestRunnerMixin; +import com.fortify.cli.sc_dast.session.manager.ISCDastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractSCDastOutputCommand extends AbstractUnirestOutputCommand { +public abstract class AbstractSCDastOutputCommand extends AbstractUnirestOutputCommand { @Getter @Mixin SCDastUnirestRunnerMixin unirestRunner; } diff --git a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/rest/cli/cmd/SCDastRestCallCommand.java b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/rest/cli/cmd/SCDastRestCallCommand.java index 67444b0ba4..252e531a7c 100644 --- a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/rest/cli/cmd/SCDastRestCallCommand.java +++ b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/rest/cli/cmd/SCDastRestCallCommand.java @@ -26,6 +26,7 @@ import com.fortify.cli.common.rest.cli.cmd.AbstractRestCallCommand; import com.fortify.cli.sc_dast.rest.cli.mixin.SCDastUnirestRunnerMixin; +import com.fortify.cli.sc_dast.session.manager.ISCDastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -34,6 +35,6 @@ @ReflectiveAccess @Command(name = AbstractRestCallCommand.CMD_NAME) -public final class SCDastRestCallCommand extends AbstractRestCallCommand { +public final class SCDastRestCallCommand extends AbstractRestCallCommand { @Getter @Mixin private SCDastUnirestRunnerMixin unirestRunner; } \ No newline at end of file diff --git a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/scan/cli/cmd/SCDastScanWaitForCommand.java b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/scan/cli/cmd/SCDastScanWaitForCommand.java index 66470bfe3a..a736eff4ea 100644 --- a/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/scan/cli/cmd/SCDastScanWaitForCommand.java +++ b/fcli-sc-dast/src/main/java/com/fortify/cli/sc_dast/scan/cli/cmd/SCDastScanWaitForCommand.java @@ -30,6 +30,7 @@ import com.fortify.cli.sc_dast.rest.cli.mixin.SCDastUnirestRunnerMixin; import com.fortify.cli.sc_dast.scan.cli.mixin.SCDastScanResolverMixin; import com.fortify.cli.sc_dast.scan.helper.SCDastScanStatus; +import com.fortify.cli.sc_dast.session.manager.ISCDastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -38,7 +39,7 @@ @ReflectiveAccess @Command(name = BasicOutputHelperMixins.WaitFor.CMD_NAME) -public class SCDastScanWaitForCommand extends AbstractWaitForCommand { +public class SCDastScanWaitForCommand extends AbstractWaitForCommand { @Getter @Mixin SCDastUnirestRunnerMixin unirestRunner; @Mixin private SCDastScanResolverMixin.PositionalParameterMulti scansResolver; diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastControllerOutputCommand.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastControllerOutputCommand.java index 3c226143ce..c320ef6e8f 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastControllerOutputCommand.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastControllerOutputCommand.java @@ -1,9 +1,11 @@ package com.fortify.cli.sc_sast.output.cli.cmd; +import java.util.function.BiFunction; import java.util.function.Function; import com.fortify.cli.common.output.cli.cmd.unirest.AbstractUnirestOutputCommand; import com.fortify.cli.sc_sast.rest.cli.mixin.SCSastControllerUnirestRunnerMixin; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @@ -11,14 +13,22 @@ import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractSCSastControllerOutputCommand extends AbstractUnirestOutputCommand { +public abstract class AbstractSCSastControllerOutputCommand extends AbstractUnirestOutputCommand { @Getter @Mixin SCSastControllerUnirestRunnerMixin unirestRunner; public final R runOnSSC(Function f) { - return unirestRunner.runOnSSC(f); + return runOnSSC((u,d)->f.apply(u)); } public final R runOnController(Function f) { + return runOnController((u,d)->f.apply(u)); + } + + public final R runOnSSC(BiFunction f) { + return unirestRunner.runOnSSC(f); + } + + public final R runOnController(BiFunction f) { return unirestRunner.runOnController(f); } } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastSSCOutputCommand.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastSSCOutputCommand.java index b898a8b14b..16aed6ffef 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastSSCOutputCommand.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/output/cli/cmd/AbstractSCSastSSCOutputCommand.java @@ -1,9 +1,11 @@ package com.fortify.cli.sc_sast.output.cli.cmd; +import java.util.function.BiFunction; import java.util.function.Function; import com.fortify.cli.common.output.cli.cmd.unirest.AbstractUnirestOutputCommand; import com.fortify.cli.sc_sast.rest.cli.mixin.SCSastControllerUnirestRunnerMixin; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @@ -11,14 +13,22 @@ import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractSCSastSSCOutputCommand extends AbstractUnirestOutputCommand { +public abstract class AbstractSCSastSSCOutputCommand extends AbstractUnirestOutputCommand { @Getter @Mixin SCSastControllerUnirestRunnerMixin unirestRunner; public final R runOnSSC(Function f) { - return unirestRunner.runOnSSC(f); + return runOnSSC((u,d)->f.apply(u)); } public final R runOnController(Function f) { + return runOnController((u,d)->f.apply(u)); + } + + public final R runOnSSC(BiFunction f) { + return unirestRunner.runOnSSC(f); + } + + public final R runOnController(BiFunction f) { return unirestRunner.runOnController(f); } } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/cmd/SCSastControllerRestCallCommand.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/cmd/SCSastControllerRestCallCommand.java index 33293fd5d5..878ee0695c 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/cmd/SCSastControllerRestCallCommand.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/cmd/SCSastControllerRestCallCommand.java @@ -26,6 +26,7 @@ import com.fortify.cli.common.rest.cli.cmd.AbstractRestCallCommand; import com.fortify.cli.sc_sast.rest.cli.mixin.SCSastControllerUnirestRunnerMixin; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -34,6 +35,6 @@ @ReflectiveAccess @Command(name = AbstractRestCallCommand.CMD_NAME) -public final class SCSastControllerRestCallCommand extends AbstractRestCallCommand { +public final class SCSastControllerRestCallCommand extends AbstractRestCallCommand { @Getter @Mixin private SCSastControllerUnirestRunnerMixin unirestRunner; } \ No newline at end of file diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/AbstractSCSastUnirestRunnerMixin.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/AbstractSCSastUnirestRunnerMixin.java index 11aada43af..60e3d446e4 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/AbstractSCSastUnirestRunnerMixin.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/AbstractSCSastUnirestRunnerMixin.java @@ -1,6 +1,6 @@ package com.fortify.cli.sc_sast.rest.cli.mixin; -import java.util.function.Function; +import java.util.function.BiFunction; import com.fortify.cli.common.rest.cli.mixin.AbstractUnirestRunnerMixin; import com.fortify.cli.common.util.FixInjection; @@ -22,11 +22,11 @@ protected final SCSastSessionData getSessionData(String sessionName) { return sessionDataManager.get(sessionName, true); } - public final R runOnSSC(Function f) { + public final R runOnSSC(BiFunction f) { return run(SCSastUnirestHelper::configureSscUnirestInstance, f); } - public final R runOnController(Function f) { + public final R runOnController(BiFunction f) { return run(SCSastUnirestHelper::configureScSastControllerUnirestInstance, f); } } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastControllerUnirestRunnerMixin.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastControllerUnirestRunnerMixin.java index 6aca0130bb..1d3532b621 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastControllerUnirestRunnerMixin.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastControllerUnirestRunnerMixin.java @@ -1,8 +1,9 @@ package com.fortify.cli.sc_sast.rest.cli.mixin; -import java.util.function.Function; +import java.util.function.BiFunction; import com.fortify.cli.common.util.FixInjection; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @@ -10,7 +11,7 @@ @ReflectiveAccess @FixInjection public class SCSastControllerUnirestRunnerMixin extends AbstractSCSastUnirestRunnerMixin { @Override - public R run(Function f) { + public R run(BiFunction f) { return runOnController(f); } } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastSSCUnirestRunnerMixin.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastSSCUnirestRunnerMixin.java index 855916c5c8..3711e06dad 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastSSCUnirestRunnerMixin.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/rest/cli/mixin/SCSastSSCUnirestRunnerMixin.java @@ -1,8 +1,9 @@ package com.fortify.cli.sc_sast.rest.cli.mixin; -import java.util.function.Function; +import java.util.function.BiFunction; import com.fortify.cli.common.util.FixInjection; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.UnirestInstance; @@ -10,7 +11,7 @@ @ReflectiveAccess @FixInjection public class SCSastSSCUnirestRunnerMixin extends AbstractSCSastUnirestRunnerMixin { @Override - public R run(Function f) { + public R run(BiFunction f) { return runOnSSC(f); } } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanStartCommand.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanStartCommand.java index 08d66322b3..e6167e8864 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanStartCommand.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanStartCommand.java @@ -8,7 +8,7 @@ import java.util.zip.ZipOutputStream; import com.fasterxml.jackson.databind.JsonNode; -import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestJsonNodeSupplier; +import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestWithSessionDataJsonNodeSupplier; import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; import com.fortify.cli.common.util.StringUtils; import com.fortify.cli.sc_sast.output.cli.cmd.AbstractSCSastControllerOutputCommand; @@ -17,7 +17,9 @@ import com.fortify.cli.sc_sast.scan.helper.SCSastControllerJobType; import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobHelper; import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobHelper.StatusEndpointVersion; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import com.fortify.cli.ssc.appversion.cli.mixin.SSCAppVersionResolverMixin; +import com.fortify.cli.ssc.token.helper.SSCTokenConverter; import kong.unirest.MultipartBody; import kong.unirest.UnirestInstance; @@ -28,20 +30,20 @@ import picocli.CommandLine.Option; @Command(name = SCSastControllerOutputHelperMixins.Start.CMD_NAME) -public final class SCSastControllerScanStartCommand extends AbstractSCSastControllerOutputCommand implements IUnirestJsonNodeSupplier, IActionCommandResultSupplier { +public final class SCSastControllerScanStartCommand extends AbstractSCSastControllerOutputCommand implements IUnirestWithSessionDataJsonNodeSupplier, IActionCommandResultSupplier { @ArgGroup(exclusive = true) private SCSastScanStartOptionsArgGroup optionsProvider; @Getter @Mixin private SCSastControllerOutputHelperMixins.Start outputHelper; private String userName = System.getProperty("user.name", "unknown"); // TODO Do we want to give an option to override this? @Option(names = "--notify") private String email; // TODO Add email address validation @Mixin private SSCAppVersionResolverMixin.OptionalOption sscAppVersionResolver; @Option(names = "--no-upload", negatable = true) private boolean upload = true; - @Option(names = "--ci-token") private String ciToken; + @Option(names = "--ssc-ci-token") private String ciToken; // TODO Add options for specifying (custom) rules file(s), filter file(s) and project template // TODO Add options for pool selection @Override - public final JsonNode getJsonNode(UnirestInstance unirest) { + public final JsonNode getJsonNode(UnirestInstance unirest, SCSastSessionData sessionData) { String sensorVersion = normalizeSensorVersion(optionsProvider.getScanStartOptions().getSensorVersion()); MultipartBody body = unirest.post("/rest/v2/job") .multiPartContent() @@ -54,7 +56,7 @@ public final JsonNode getJsonNode(UnirestInstance unirest) { body = updateBody(body, "email", email); body = updateBody(body, "buildId", optionsProvider.getScanStartOptions().getBuildId()); body = updateBody(body, "pvId", getAppVersionId()); - body = updateBody(body, "uploadToken", getUploadToken()); + body = updateBody(body, "uploadToken", getUploadToken(sessionData)); body = updateBody(body, "dotNetRequired", String.valueOf(optionsProvider.getScanStartOptions().isDotNetRequired())); body = updateBody(body, "dotNetFrameworkRequiredVersion", optionsProvider.getScanStartOptions().getDotNetVersion()); JsonNode response = body.asObject(JsonNode.class).getBody(); @@ -81,12 +83,21 @@ private String getAppVersionId() { : null; } - private String getUploadToken() { + private String getUploadToken(SCSastSessionData sessionData) { String uploadToken = null; if ( upload ) { uploadToken = this.ciToken; - // TODO Get ciToken from session if not specified - if ( StringUtils.isBlank(uploadToken) ) { throw new IllegalArgumentException("--ci-token is required unless --no-upload is specified"); } + if ( StringUtils.isBlank(uploadToken) ) { + // We assume that the predefined token from the session is a CIToken as passed through + // the --ssc-ci-token option on the login command. If we ever add support for logging + // in with arbitrary SSC tokens, we should make sure we can distinguish between CIToken + // passed through --ssc-ci-token, and arbitrary token passed through --ssc-token on the + // login command; we should only reuse a token passed through the --ssc-ci-token login + // option. + char[] ciTokenFromSession = sessionData.getPredefinedSscToken(); + uploadToken = ciTokenFromSession==null ? null : SSCTokenConverter.toApplicationToken(String.valueOf(ciTokenFromSession)); + } + if ( StringUtils.isBlank(uploadToken) ) { throw new IllegalArgumentException("--ssc-ci-token is required unless --no-upload is specified or if --ssc-ci-token was passed to the 'sc-sast session login' command"); } } return uploadToken; } diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanWaitForCommand.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanWaitForCommand.java index fac4af32bc..335a0dbfe9 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanWaitForCommand.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/scan/cli/cmd/SCSastControllerScanWaitForCommand.java @@ -34,6 +34,7 @@ import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobArtifactState; import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobHelper.StatusEndpointVersion; import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobState; +import com.fortify.cli.sc_sast.session.manager.SCSastSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -44,7 +45,7 @@ @ReflectiveAccess @Command(name = SCSastControllerBasicOutputHelperMixins.WaitFor.CMD_NAME) -public class SCSastControllerScanWaitForCommand extends AbstractWaitForCommand { +public class SCSastControllerScanWaitForCommand extends AbstractWaitForCommand { @Getter @Mixin SCSastControllerUnirestRunnerMixin unirestRunner; @Mixin private SCSastScanJobResolverMixin.PositionalParameterMulti scanJobsResolver; @Option(names={"-s", "--status-type"}, defaultValue="processing", required=true) private WaitType waitType; diff --git a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastSessionLoginOptions.java b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastSessionLoginOptions.java index 507fdcdecc..a4be41cac3 100644 --- a/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastSessionLoginOptions.java +++ b/fcli-sc-sast/src/main/java/com/fortify/cli/sc_sast/session/cli/mixin/SCSastSessionLoginOptions.java @@ -44,6 +44,10 @@ public char[] getPredefinedToken() { } public static class SCDastTokenCredentialOptions { + // Note that the SCSastControllerScanStartCommand requires this predefined token to be + // a CIToken. If we ever add support for passing arbitrary tokens (i.e. through a new + // --ssc-token option), we should be sure that we can distinguish between token passed + // through --ssc-ci-token or --ssc-token. @Option(names = {"--ssc-ci-token", "-t"}, interactive = true, echo = false, arity = "0..1", required = true) @Getter private char[] token; } diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/SSCAppVersionArtifactWaitForCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/SSCAppVersionArtifactWaitForCommand.java index c25400af56..311a69b4a6 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/SSCAppVersionArtifactWaitForCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_artifact/cli/cmd/SSCAppVersionArtifactWaitForCommand.java @@ -31,6 +31,7 @@ import com.fortify.cli.ssc.appversion_artifact.helper.SSCAppVersionArtifactHelper; import com.fortify.cli.ssc.appversion_artifact.helper.SSCAppVersionArtifactStatus; import com.fortify.cli.ssc.rest.cli.mixin.SSCUnirestRunnerMixin; +import com.fortify.cli.ssc.session.manager.ISSCSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -39,7 +40,7 @@ @ReflectiveAccess @Command(name = BasicOutputHelperMixins.WaitFor.CMD_NAME) -public class SSCAppVersionArtifactWaitForCommand extends AbstractWaitForCommand { +public class SSCAppVersionArtifactWaitForCommand extends AbstractWaitForCommand { @Getter @Mixin SSCUnirestRunnerMixin unirestRunner; @Mixin private SSCAppVersionArtifactResolverMixin.PositionalParameterMulti artifactsResolver; diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/output/cli/cmd/AbstractSSCOutputCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/output/cli/cmd/AbstractSSCOutputCommand.java index 2ce7adb1aa..a3a7247822 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/output/cli/cmd/AbstractSSCOutputCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/output/cli/cmd/AbstractSSCOutputCommand.java @@ -2,12 +2,13 @@ import com.fortify.cli.common.output.cli.cmd.unirest.AbstractUnirestOutputCommand; import com.fortify.cli.ssc.rest.cli.mixin.SSCUnirestRunnerMixin; +import com.fortify.cli.ssc.session.manager.ISSCSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; import picocli.CommandLine.Mixin; @ReflectiveAccess -public abstract class AbstractSSCOutputCommand extends AbstractUnirestOutputCommand { +public abstract class AbstractSSCOutputCommand extends AbstractUnirestOutputCommand { @Getter @Mixin SSCUnirestRunnerMixin unirestRunner; } diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/rest/cli/cmd/SSCRestCallCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/rest/cli/cmd/SSCRestCallCommand.java index 9e91dd1c4e..fc7e4e3788 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/rest/cli/cmd/SSCRestCallCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/rest/cli/cmd/SSCRestCallCommand.java @@ -26,6 +26,7 @@ import com.fortify.cli.common.rest.cli.cmd.AbstractRestCallCommand; import com.fortify.cli.ssc.rest.cli.mixin.SSCUnirestRunnerMixin; +import com.fortify.cli.ssc.session.manager.ISSCSessionData; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; @@ -34,6 +35,6 @@ @ReflectiveAccess @Command(name = AbstractRestCallCommand.CMD_NAME) -public final class SSCRestCallCommand extends AbstractRestCallCommand { +public final class SSCRestCallCommand extends AbstractRestCallCommand { @Getter @Mixin private SSCUnirestRunnerMixin unirestRunner; } \ No newline at end of file From b0ff588409bdebd90d68e5bca88318aff8629073 Mon Sep 17 00:00:00 2001 From: Ruud Senden Date: Tue, 29 Nov 2022 14:32:50 +0100 Subject: [PATCH 2/2] Update option names for consistency, update resource bundles --- .../common/i18n/FortifyCLIMessages.properties | 3 ++ .../sc_dast/i18n/SCDastMessages.properties | 17 +++++---- .../sc_sast/i18n/SCSastMessages.properties | 5 +++ .../SSCAppVersionAuthEntityAddCommand.java | 2 +- .../SSCAppVersionAuthEntityDeleteCommand.java | 2 +- .../cmd/SSCIssueTemplateCreateCommand.java | 2 +- .../cli/cmd/SSCAuthEntityDeleteCommand.java | 2 +- .../cli/ssc/i18n/SSCMessages.properties | 37 +++++++++++++++++++ .../cli/tool/i18n/ToolMessages.properties | 1 + .../cli/util/i18n/UtilMessages.properties | 1 + 10 files changed, 60 insertions(+), 12 deletions(-) diff --git a/fcli-common/src/main/resources/com/fortify/cli/common/i18n/FortifyCLIMessages.properties b/fcli-common/src/main/resources/com/fortify/cli/common/i18n/FortifyCLIMessages.properties index fcaaef3d04..72b79d4905 100644 --- a/fcli-common/src/main/resources/com/fortify/cli/common/i18n/FortifyCLIMessages.properties +++ b/fcli-common/src/main/resources/com/fortify/cli/common/i18n/FortifyCLIMessages.properties @@ -53,6 +53,9 @@ while-any=Wait while any records match any of the given states until-all=Wait until all records match any of the given states until-any=Wait until any of the records match any of the given states +# StandardWaitHelperProgressMonitorMixin +no-progress=Don't show progress information + # Login and connection options arggroup.optional.session-name.heading = Session options:%n session-name[0] = Name for this session diff --git a/fcli-sc-dast/src/main/resources/com/fortify/cli/sc_dast/i18n/SCDastMessages.properties b/fcli-sc-dast/src/main/resources/com/fortify/cli/sc_dast/i18n/SCDastMessages.properties index e0c0d3b72c..3380afe68c 100644 --- a/fcli-sc-dast/src/main/resources/com/fortify/cli/sc_dast/i18n/SCDastMessages.properties +++ b/fcli-sc-dast/src/main/resources/com/fortify/cli/sc_dast/i18n/SCDastMessages.properties @@ -109,41 +109,42 @@ fcli.sc-dast.scan-policy.usage.header = Manage ScanCentral DAST scan policies # fcli sc-dast scan-policy get fcli.sc-dast.scan-policy.get.usage.header = Get the details for a single scan policy -# TODO options + # fcli sc-dast scan-policy list fcli.sc-dast.scan-policy.list.usage.header = List scan policies -# TODO options + # fcli sc-dast scan-settings fcli.sc-dast.scan-settings.usage.header = Manage ScanCentral DAST scan settings # fcli sc-dast scan-settings get fcli.sc-dast.scan-settings.get.usage.header = Get the details for a single scan settings definition -# TODO options + # fcli sc-dast scan-settings list fcli.sc-dast.scan-settings.list.usage.header = List scan settings -# TODO options +fcli.sc-dast.scan-settings.list.modified-after = List settings modified after the given date +fcli.sc-dast.scan-settings.list.modified-before = List settings modified before the given date # fcli sc-dast sensor fcli.sc-dast.sensor.usage.header = Manage ScanCentral DAST sensors # fcli sc-dast sensor disable fcli.sc-dast.sensor.disable.usage.header = Disable a sensor -# TODO options + # fcli sc-dast sensor enable fcli.sc-dast.sensor.enable.usage.header = enable a sensor -# TODO options + # fcli sc-dast sensor get fcli.sc-dast.sensor.get.usage.header = Get the details for a single sensor -# TODO options + # fcli sc-dast sensor list fcli.sc-dast.sensor.list.usage.header = List sensors -# TODO options + ################################################################################################################# diff --git a/fcli-sc-sast/src/main/resources/com/fortify/cli/sc_sast/i18n/SCSastMessages.properties b/fcli-sc-sast/src/main/resources/com/fortify/cli/sc_sast/i18n/SCSastMessages.properties index 7eef92f0c9..faf5927c3f 100644 --- a/fcli-sc-sast/src/main/resources/com/fortify/cli/sc_sast/i18n/SCSastMessages.properties +++ b/fcli-sc-sast/src/main/resources/com/fortify/cli/sc_sast/i18n/SCSastMessages.properties @@ -1,6 +1,9 @@ # fcli sc-sast fcli.sc-sast.usage.header = Commands for interacting with Fortify ScanCentral SAST +# SSCApplicationVersionResolver +ApplicationVersionMixin = Application version id or : name. + # fcli sc-sast session fcli.sc-sast.session.usage.header = Login, logout and manage Fortify ScanCentral SAST sessions # Shared login options @@ -42,6 +45,8 @@ fcli.sc-sast.scan.start.mbs.heading = Options for scanning an MBS file:%n fcli.sc-sast.scan.start.package.heading = Options for scanning a package file:%n fcli.sc-sast.scan.start.mbs-file = MBS file to scan fcli.sc-sast.scan.start.package-file = Package file to scan +fcli.sc-sast.scan.start.notify = Email address to which to send a scan completion notification +fcli.sc-sast.scan.start.no-upload = Don't upload scan results to SSC (enabled by default) fcli.sc-sast.scan.start.sensor-version = Version of the sensor on which the package should be scanned. Officially, you should select the same sensor version as the version of the ScanCentral Client used to create the package. fcli.sc-sast.scan.status.usage.header = Get status for a previously submitted scan request fcli.sc-sast.scan.wait-for.usage.header = Wait for one or more scans to reach or exit specified scan statuses diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityAddCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityAddCommand.java index 56d3a28a0e..5ff56b3e78 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityAddCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityAddCommand.java @@ -47,7 +47,7 @@ public class SSCAppVersionAuthEntityAddCommand extends AbstractSSCOutputCommand @Getter @Mixin private SSCOutputHelperMixins.Add outputHelper; @Mixin private SSCAppVersionAuthEntityMixin.RequiredPositionalParameter authEntityMixin; @Mixin private SSCAppVersionResolverMixin.RequiredOption parentResolver; - @Option(names="--allowMultiMatch", defaultValue = "false") + @Option(names="--allow-multi-match", defaultValue = "false") private boolean allowMultiMatch; @Override diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityDeleteCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityDeleteCommand.java index b8c60a632a..7e20078704 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityDeleteCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/appversion_user/cli/cmd/SSCAppVersionAuthEntityDeleteCommand.java @@ -47,7 +47,7 @@ public class SSCAppVersionAuthEntityDeleteCommand extends AbstractSSCOutputComma @Getter @Mixin private SSCOutputHelperMixins.Delete outputHelper; @Mixin private SSCAppVersionAuthEntityMixin.RequiredPositionalParameter authEntityMixin; @Mixin private SSCAppVersionResolverMixin.RequiredOption parentResolver; - @Option(names="--allowMultiMatch", defaultValue = "false") + @Option(names="--allow-multi-match", defaultValue = "false") private boolean allowMultiMatch; @Override diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/issue_template/cli/cmd/SSCIssueTemplateCreateCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/issue_template/cli/cmd/SSCIssueTemplateCreateCommand.java index a9ba3d228f..582012b250 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/issue_template/cli/cmd/SSCIssueTemplateCreateCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/issue_template/cli/cmd/SSCIssueTemplateCreateCommand.java @@ -48,7 +48,7 @@ public class SSCIssueTemplateCreateCommand extends AbstractSSCOutputCommand impl @Getter @Mixin private SSCOutputHelperMixins.Create outputHelper; @Parameters(index = "0", arity = "1", descriptionKey = "issueTemplateName") private String issueTemplateName; - @Option(names={"--issueTemplate","-f"}, required = true) + @Option(names={"--issue-template-file","-f"}, required = true) private String fileName; @Option(names={"--description","-d"}, required = false, defaultValue = "") private String description; diff --git a/fcli-ssc/src/main/java/com/fortify/cli/ssc/user/cli/cmd/SSCAuthEntityDeleteCommand.java b/fcli-ssc/src/main/java/com/fortify/cli/ssc/user/cli/cmd/SSCAuthEntityDeleteCommand.java index b31e220291..ba60515b41 100644 --- a/fcli-ssc/src/main/java/com/fortify/cli/ssc/user/cli/cmd/SSCAuthEntityDeleteCommand.java +++ b/fcli-ssc/src/main/java/com/fortify/cli/ssc/user/cli/cmd/SSCAuthEntityDeleteCommand.java @@ -51,7 +51,7 @@ public class SSCAuthEntityDeleteCommand extends AbstractSSCOutputCommand impleme @Getter @Mixin private SSCOutputHelperMixins.Delete outputHelper; @Parameters(index = "0..*", arity = "1..*") private String[] authEntitySpecs; - @Option(names="--allowMultiMatch", defaultValue = "false") + @Option(names="--allow-multi-match", defaultValue = "false") private boolean allowMultiMatch; @Override diff --git a/fcli-ssc/src/main/resources/com/fortify/cli/ssc/i18n/SSCMessages.properties b/fcli-ssc/src/main/resources/com/fortify/cli/ssc/i18n/SSCMessages.properties index b671a1c82e..ff3e5873ce 100644 --- a/fcli-ssc/src/main/resources/com/fortify/cli/ssc/i18n/SSCMessages.properties +++ b/fcli-ssc/src/main/resources/com/fortify/cli/ssc/i18n/SSCMessages.properties @@ -6,6 +6,12 @@ fcli.ssc.usage.header = Commands for interacting with Fortify Software Security ApplicationVersionMixin = Application version id or : name. download.destination = The output location for the file download. upload.filePath = The path to the file to be uploaded. +issue-template = Issue template name or id +attribute = Set one or more attribute values +useradd = Assign user or LDAP group to application version; accepts user id, entity name or email address. Option is repeatable. +userdel = Remove user or LDAP group from application version; accepts user id, entity name or email address. Option is repeatable. +allow-multi-match = Allow for multiple matches +filterset = Filter set title or id # fcli ssc session fcli.ssc.session.usage.header = Login, logout and manage Fortify Software Security Center (SSC) sessions @@ -57,23 +63,35 @@ fcli.ssc.alert.list.usage.header = List alerts # fcli ssc app fcli.ssc.app.usage.header = Commands for interacting with applications fcli.ssc.app.delete.usage.header = Delete an application and all contained versions +fcli.ssc.app.delete.delete-versions = Confirm deletion of all versions with the specified application fcli.ssc.app.get.usage.header = Get application details fcli.ssc.app.list.usage.header = List and query applications fcli.ssc.app.update.usage.header = Update an application +fcli.ssc.app.update.name = New name for the application +fcli.ssc.app.update.description = New description for the application # fcli ssc appversion fcli.ssc.appversion.usage.header = Commands for interacting with application versions fcli.ssc.appversion.create.usage.header = Create an application version +fcli.ssc.appversion.create.auto-required-attrs = Automatically set a default value for required application version attributes +fcli.ssc.appversion.create.description = Application version description +fcli.ssc.appversion.create.active = Whether to activate this application version; enabled by default +fcli.ssc.appversion.create.skip-if-exists = Skip application version creation if an application version with the specified name already exists fcli.ssc.appversion.delete.usage.header = Delete an application version fcli.ssc.appversion.get.usage.header = Get application version details fcli.ssc.appversion.list.usage.header = List and query application versions fcli.ssc.appversion.update.usage.header = Update an application version +fcli.ssc.appversion.update.name = Update application version name +fcli.ssc.appversion.update.description = Update application version description # fcli ssc appversion-artifact fcli.ssc.appversion-artifact.usage.header = Commands for interacting with application version artifacts fcli.ssc.appversion-artifact.approve.usage.header = Approve an artifact +fcli.ssc.appversion-artifact.approve.message = Approval message, default value '${DEFAULT-VALUE}' fcli.ssc.appversion-artifact.delete.usage.header = Delete an artifact fcli.ssc.appversion-artifact.download.usage.header = Download an artifact +fcli.ssc.appversion-artifact.download.no-include-sources = Don't include sources in downloaded artifact (enabled by default) +fcli.ssc.appversion-artifact.download.id = Artifact id to download fcli.ssc.appversion-artifact.get.usage.header = Get artifact details fcli.ssc.appversion-artifact.list.usage.header = List application version artifacts fcli.ssc.appversion-artifact.upload.usage.header = Upload an artifact @@ -85,6 +103,7 @@ fcli.ssc.appversion-artifact.wait-for.usage.description.3 = ${fcli.ssc.appversio fcli.ssc.appversion-artifact.purge.usage.header = Commands for purging artifacts fcli.ssc.appversion-artifact.purge.by-id.usage.header = Purge an artifact by id fcli.ssc.appversion-artifact.purge.by-date.usage.header = Purge artifacts by date +fcli.ssc.appversion-artifact.purge.by-date.older-than = Purge artifacts older than the specified value, in the format 30d (5 days), 1y (1 year) # fcli ssc appversion-attribute fcli.ssc.appversion-attribute.usage.header = Commands for interacting with application version attributes @@ -105,6 +124,7 @@ fcli.ssc.appversion-user.list.usage.header = List users assigned to an applicati # fcli ssc appversion-vuln fcli.ssc.appversion-vuln.usage.header = Commands for interacting with application version vulnerabilities fcli.ssc.appversion-vuln.count.usage.header = Count application version vulnerabilities by grouping +fcli.ssc.appversion-vuln.count.by = Vulnerability grouping type. See SSC REST API documentation for allowed values. Default value: ${DEFAULT-VALUE} # fcli ssc attribute-definition fcli.ssc.attribute-definition.usage.header = Commands for managing attribute definitions @@ -118,11 +138,17 @@ fcli.ssc.event.list.usage.header = List system events # fcli ssc issue-template fcli.ssc.issue-template.usage.header = Commands for interacting with issue templates fcli.ssc.issue-template.create.usage.header = Create/upload an issue template +fcli.ssc.issue-template.create.issue-template-file = File containing the issue template definition +fcli.ssc.issue-template.create.description = Issue template description +fcli.ssc.issue-template.create.set-as-default = Set this issue template as the default issue template fcli.ssc.issue-template.delete.usage.header = Delete an issue template fcli.ssc.issue-template.download.usage.header = Download an issue template fcli.ssc.issue-template.get.usage.header = Get issue template details fcli.ssc.issue-template.list.usage.header = List issue templates fcli.ssc.issue-template.update.usage.header = Update an issue template +fcli.ssc.issue-template.update.name = Update issue template name +fcli.ssc.issue-template.update.description = Update issue template description +fcli.ssc.issue-template.update.set-as-default = Set this issue template as the default issue template # fcli ssc job fcli.ssc.job.usage.header = Commands for interacting with jobs @@ -130,6 +156,7 @@ fcli.ssc.job.cancel.usage.header = Cancel a job fcli.ssc.job.get.usage.header = Get job details fcli.ssc.job.list.usage.header = List jobs fcli.ssc.job.update.usage.header = Update job priority +fcli.ssc.job.update.priority = New priority for this job # SSC plugins fcli.ssc.plugin.usage.header = Commands for interacting with 3rd party parser plugins @@ -151,6 +178,8 @@ fcli.ssc.report-template.create.file = A completed answer file with all the requ fcli.ssc.report-template.delete.usage.header = Delete a report template fcli.ssc.report-template.download.usage.header = Download a report template file fcli.ssc.report-template.generate-answerFile.usage.header = Generate a new answer file template +fcli.ssc.report-template.generate-answerFile.f = Output file +fcli.ssc.report-template.generate-answerFile.force = Overwrite otput file if it already exists fcli.ssc.report-template.generate-answerFile.usage.header = Generate a new answer file template that can be used for the creation of new report template definitions. For example, within the answer file, you can specify things like the name of the report definition, what parameters it accepts, and what are the types of those parameters. fcli.ssc.report-template.get.usage.header = Get report template details fcli.ssc.report-template.list.usage.header = List report template definitions @@ -160,6 +189,9 @@ reportTemplateNameOrId = The name or ID of the report template definition. # fcli ssc role fcli.ssc.role.usage.header = Commands for interacting with user roles fcli.ssc.role.create.usage.header = Create a role +fcli.ssc.role.create.description = Role description +fcli.ssc.role.create.universal-access = Set this role to have universal access to all SSC application versions +fcli.ssc.role.create.permission-id = Permission id's to assign to this role fcli.ssc.role.delete.usage.header = Delete a role fcli.ssc.role.get.usage.header = Get role details fcli.ssc.role.list.usage.header = List and query roles @@ -176,9 +208,14 @@ fcli.ssc.seed-bundle.upload.usage.header = Upload a seed bundle # fcli ssc token fcli.ssc.token.usage.header = Commands for interacting with user tokens fcli.ssc.token.create.usage.header = Create a token +fcli.ssc.token.create.expire-in = Expire token after the given time period, which is specified as 30m (30 minutes), 2h (2 hours), 1d (1 day) +fcli.ssc.token.create.description = Token description fcli.ssc.token.list.usage.header = List tokens fcli.ssc.token.revoke.usage.header = Revoke a token fcli.ssc.token.update.usage.header = Update a token +fcli.ssc.token.update.expire-in = Update token expiration period, specified as 30m (30 minutes), 2h (2 hours), 1d (1 day) +fcli.ssc.token.update.description = Update token description + # fcli ssc token-definition fcli.ssc.token-definition.usage.header = Commands for interacting with token definitions diff --git a/fcli-tool/src/main/resources/com/fortify/cli/tool/i18n/ToolMessages.properties b/fcli-tool/src/main/resources/com/fortify/cli/tool/i18n/ToolMessages.properties index b442033a4c..5ac588f855 100644 --- a/fcli-tool/src/main/resources/com/fortify/cli/tool/i18n/ToolMessages.properties +++ b/fcli-tool/src/main/resources/com/fortify/cli/tool/i18n/ToolMessages.properties @@ -17,6 +17,7 @@ fcli.tool.fod-uploader.uninstall.usage.header = Uninstall Fortify on Demand Uplo # fcli tool sc-client fcli.tool.sc-client.usage.header = Commands for installing and managing ScanCentral SAST Client fcli.tool.sc-client.install.usage.header = Download and install ScanCentral SAST Client +fcli.tool.sc-client.install.client-auth-token = ScanCentral SAST client_auth_token used for authenticating with ScanCentral SAST Controller fcli.tool.sc-client.list.usage.header = List ScanCentral SAST Client available and installed versions fcli.tool.sc-client.uninstall.usage.header = Uninstall ScanCentral SAST Client diff --git a/fcli-util/src/main/resources/com/fortify/cli/util/i18n/UtilMessages.properties b/fcli-util/src/main/resources/com/fortify/cli/util/i18n/UtilMessages.properties index 772caa1237..5cda3c6f39 100644 --- a/fcli-util/src/main/resources/com/fortify/cli/util/i18n/UtilMessages.properties +++ b/fcli-util/src/main/resources/com/fortify/cli/util/i18n/UtilMessages.properties @@ -3,6 +3,7 @@ fcli.util.usage.header = Various fcli utility commands that don't fit in any of fcli.util.all-commands.usage.header = Commands for listing information about all fcli commands fcli.util.all-commands.list.usage.header = List all fcli commands fcli.util.all-commands.list.include-hidden = Include hidden commands +fcli.util.all-commands.list.include-parents = Include parent (container) commands fcli.util.auto-complete.usage.header = Commands for generating fcli auto-completion scripts fcli.util.auto-complete.generate.usage.header = Generate fcli auto-completion script fcli.util.auto-complete.generate.usage.description.0 = Generate bash/zsh completion script for ${ROOT-COMMAND-NAME:-the root command of this command}.