chore: FoD command refactoring

fcli-core/fcli-app/src/main/java/com/fortify/cli/app/runner/util/FortifyCLIStaticInitializer.java

@@ -25,7 +25,7 @@
 import com.fortify.cli.common.http.ssl.truststore.helper.TrustStoreConfigHelper;
 import com.fortify.cli.common.i18n.helper.LanguageHelper;
 import com.fortify.cli.common.util.StringUtils;
-import com.fortify.cli.fod.scan.helper.FoDScanStatus;
+import com.fortify.cli.fod._common.scan.helper.FoDScanStatus;
 import com.fortify.cli.sc_dast.scan.helper.SCDastScanStatus;
 import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobArtifactState;
 import com.fortify.cli.sc_sast.scan.helper.SCSastControllerScanJobState;

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/output/mixin/FoDOutputHelperMixins.java

@@ -23,6 +23,9 @@
  * @author rsenden
  */
 public class FoDOutputHelperMixins {
+    public static class DownloadLatest extends OutputHelperMixins.TableNoQuery {
+        public static final String CMD_NAME = "download-latest";
+    }
     public static class SetupSast extends OutputHelperMixins.DetailsNoQuery {
         public static final String CMD_NAME = "setup-sast";
     }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanCancelCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanCancelCommand.java

@@ -11,50 +11,46 @@
  * without notice.
  *******************************************************************************/
 
-package com.fortify.cli.fod.scan.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
 import com.fasterxml.jackson.databind.JsonNode;
-import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
 import com.fortify.cli.common.output.transform.IActionCommandResultSupplier;
 import com.fortify.cli.common.output.transform.IRecordTransformer;
 import com.fortify.cli.fod._common.output.cli.AbstractFoDJsonNodeOutputCommand;
 import com.fortify.cli.fod._common.rest.FoDUrls;
-import com.fortify.cli.fod.scan.cli.mixin.FoDScanResolverMixin;
-import com.fortify.cli.fod.scan.helper.FoDScanDescriptor;
-import com.fortify.cli.fod.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.cli.mixin.FoDScanResolverMixin;
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
+import com.fortify.cli.fod._common.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
 
 import kong.unirest.UnirestInstance;
-import lombok.Getter;
-import picocli.CommandLine.Command;
 import picocli.CommandLine.Mixin;
 
-@Command(name = OutputHelperMixins.Cancel.CMD_NAME, hidden = false)
-public class FoDScanCancelCommand extends AbstractFoDJsonNodeOutputCommand implements IRecordTransformer, IActionCommandResultSupplier {
-    @Getter @Mixin private OutputHelperMixins.Cancel outputHelper;
-
+public abstract class AbstractFoDScanCancelCommand extends AbstractFoDJsonNodeOutputCommand implements IRecordTransformer, IActionCommandResultSupplier {
     @Mixin private FoDScanResolverMixin.PositionalParameter scanResolver;
 
-
     @Override
-    public JsonNode getJsonNode(UnirestInstance unirest) {
-        FoDScanDescriptor descriptor = scanResolver.getScanDescriptor(unirest);
+    public final JsonNode getJsonNode(UnirestInstance unirest) {
+        FoDScanDescriptor descriptor = scanResolver.getScanDescriptor(unirest, getScanType());
         unirest.post(FoDUrls.RELEASE + "/scans/{scanId}/cancel-scan")
                 .routeParam("relId", String.valueOf(descriptor.getReleaseId()))
                 .routeParam("scanId", String.valueOf(descriptor.getScanId()));
         return descriptor.asJsonNode();
     }
+
+    protected abstract FoDScanType getScanType();
 
-    public JsonNode transformRecord(JsonNode record) {
+    public final JsonNode transformRecord(JsonNode record) {
         return FoDScanHelper.renameFields(record);
     }
 
     @Override
-    public String getActionCommandResult() {
+    public final String getActionCommandResult() {
         return "CANCELLED";
     }
 
     @Override
-    public boolean isSingular() {
+    public final boolean isSingular() {
         return true;
     }
 }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/AbstractFoDScanConfigGetCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanConfigGetCommand.java

@@ -11,7 +11,7 @@
  * without notice.
  *******************************************************************************/
 
-package com.fortify.cli.fod.scan.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOSSScanDownloadCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanDownloadCommand.java

@@ -10,57 +10,57 @@
  * herein. The information contained herein is subject to change
  * without notice.
  *******************************************************************************/
-package com.fortify.cli.fod.oss_scan.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
+
+import java.nio.file.StandardCopyOption;
 
 import com.fasterxml.jackson.databind.JsonNode;
-import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
+import com.fortify.cli.common.cli.mixin.CommonOptionMixins;
 import com.fortify.cli.common.output.transform.IActionCommandResultSupplier;
 import com.fortify.cli.fod._common.cli.mixin.FoDDelimiterMixin;
 import com.fortify.cli.fod._common.output.cli.AbstractFoDJsonNodeOutputCommand;
-import com.fortify.cli.fod.scan.cli.mixin.FoDScanResolverMixin;
+import com.fortify.cli.fod._common.scan.cli.mixin.FoDScanResolverMixin;
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
+import com.fortify.cli.fod._common.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+
+import kong.unirest.GetRequest;
 import kong.unirest.UnirestInstance;
-import lombok.Getter;
 import lombok.SneakyThrows;
-import picocli.CommandLine.Command;
 import picocli.CommandLine.Mixin;
-import picocli.CommandLine.Option;
-
-import java.io.File;
-import java.nio.file.StandardCopyOption;
 
-@Command(name = OutputHelperMixins.Download.CMD_NAME)
-public class FoDOSSScanDownloadCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier {
-    @Getter @Mixin private OutputHelperMixins.Download outputHelper;
+public abstract class AbstractFoDScanDownloadCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier {
     @Mixin private FoDDelimiterMixin delimiterMixin; // Is automatically injected in resolver mixins
     @Mixin private FoDScanResolverMixin.PositionalParameter scanResolver;
-
-    @Option(names = {"-f", "--sbom"}, required = true)
-    private File outputFile;
+    @Mixin private CommonOptionMixins.RequiredFile outputFileMixin;
 
     @Override @SneakyThrows
-    public JsonNode getJsonNode(UnirestInstance unirest) {
-        var scanDescriptor = scanResolver.getScanDescriptor(unirest);
+    public final JsonNode getJsonNode(UnirestInstance unirest) {
+        FoDScanDescriptor scanDescriptor = scanResolver.getScanDescriptor(unirest, getScanType());
+        FoDScanHelper.validateScanDate(scanDescriptor, FoDScanHelper.MAX_RETENTION_PERIOD);
+        var file = outputFileMixin.getFile().getAbsolutePath();
+        GetRequest request = getDownloadRequest(unirest, scanDescriptor);
+
         int status = 202;
         while ( status==202 ) {
-            status = unirest.get("/api/v3/open-source-scans/{scanId}/sbom")
-                .routeParam("scanId", String.valueOf(scanDescriptor.getScanId()))
-                .accept("application/octet-stream")
-                .asFile(outputFile.getAbsolutePath(), StandardCopyOption.REPLACE_EXISTING)
+            status = request
+                .asFile(file, StandardCopyOption.REPLACE_EXISTING)
                 .getStatus();
             if ( status==202 ) { Thread.sleep(30000L); }
         }
-        return scanDescriptor.asObjectNode()
-                .put("scanType", "OpenSource")
-                .put("file", outputFile.getName());
+        return scanDescriptor.asObjectNode().put("file", file);
     }
 
+    protected abstract GetRequest getDownloadRequest(UnirestInstance unirest, FoDScanDescriptor scanDescriptor);
+    protected abstract FoDScanType getScanType();
+
     @Override
-    public String getActionCommandResult() {
-        return "SBOM_DOWNLOADED";
+    public final String getActionCommandResult() {
+        return "SCAN_DOWNLOADED";
     }
 
     @Override
-    public boolean isSingular() {
+    public final boolean isSingular() {
         return true;
     }
 }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/assessment_type/cli/cmd/FoDAssessmentTypeCommands.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanDownloadFprCommand.java

@@ -10,17 +10,19 @@
  * herein. The information contained herein is subject to change
  * without notice.
  *******************************************************************************/
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
-package com.fortify.cli.fod.assessment_type.cli.cmd;
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
 
-import com.fortify.cli.common.cli.cmd.AbstractContainerCommand;
+import kong.unirest.GetRequest;
+import kong.unirest.UnirestInstance;
 
-import picocli.CommandLine;
-
-@CommandLine.Command(name = "assessment-type",
-        subcommands = {
-            FoDAssessmentTypeListCommand.class,
-        }
-)
-public class FoDAssessmentTypeCommands extends AbstractContainerCommand {
+public abstract class AbstractFoDScanDownloadFprCommand extends AbstractFoDScanDownloadCommand {
+    @Override
+    protected GetRequest getDownloadRequest(UnirestInstance unirest, FoDScanDescriptor scanDescriptor) {
+        return unirest.get("GET /api/v3/scans/{scanId}/fpr")
+                .routeParam("scanId", scanDescriptor.getScanId())
+                .accept("application/octet-stream")
+                .queryString("scanType", scanDescriptor.getScanType());
+    }
 }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/release/cli/cmd/FoDReleaseDownloadResultsCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanDownloadLatestCommand.java

@@ -10,61 +10,61 @@
  * herein. The information contained herein is subject to change
  * without notice.
  *******************************************************************************/
-package com.fortify.cli.fod.release.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
-import java.io.File;
 import java.nio.file.StandardCopyOption;
 
 import com.fasterxml.jackson.databind.JsonNode;
+import com.fortify.cli.common.cli.mixin.CommonOptionMixins;
 import com.fortify.cli.common.output.transform.IActionCommandResultSupplier;
 import com.fortify.cli.fod._common.cli.mixin.FoDDelimiterMixin;
 import com.fortify.cli.fod._common.output.cli.AbstractFoDJsonNodeOutputCommand;
-import com.fortify.cli.fod._common.output.mixin.FoDOutputHelperMixins;
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
+import com.fortify.cli.fod._common.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
 import com.fortify.cli.fod.release.cli.mixin.FoDReleaseByQualifiedNameOrIdResolverMixin;
-import com.fortify.cli.fod.scan.helper.FoDScanType;
+import com.fortify.cli.fod.release.helper.FoDReleaseDescriptor;
 
+import kong.unirest.GetRequest;
 import kong.unirest.UnirestInstance;
-import lombok.Getter;
 import lombok.SneakyThrows;
-import picocli.CommandLine.Command;
 import picocli.CommandLine.Mixin;
-import picocli.CommandLine.Option;
 
-@Command(name = FoDOutputHelperMixins.DownloadResults.CMD_NAME)
-public class FoDReleaseDownloadResultsCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier {
-    @Mixin @Getter private FoDOutputHelperMixins.DownloadResults outputHelper;
+public abstract class AbstractFoDScanDownloadLatestCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier {
     @Mixin private FoDDelimiterMixin delimiterMixin; // Is automatically injected in resolver mixins
     @Mixin private FoDReleaseByQualifiedNameOrIdResolverMixin.RequiredOption releaseResolver;
-
-    @Option(names = {"-f", "--fpr"}, required = true)
-    private File outputFile;
-
-    @Option(names = {"-s", "--scan-type"}, required = true)
-    private FoDScanType scanType;
+    @Mixin private CommonOptionMixins.RequiredFile outputFileMixin;
 
     @Override @SneakyThrows
-    public JsonNode getJsonNode(UnirestInstance unirest) {
+    public final JsonNode getJsonNode(UnirestInstance unirest) {
         var releaseDescriptor = releaseResolver.getReleaseDescriptor(unirest);
+
+        FoDScanDescriptor scanDescriptor = FoDScanHelper.getLatestScanDescriptor(unirest, releaseDescriptor.getReleaseId(),
+                getScanType(), false);
+        FoDScanHelper.validateScanDate(scanDescriptor, FoDScanHelper.MAX_RETENTION_PERIOD);
+        var file = outputFileMixin.getFile().getAbsolutePath();
+        GetRequest request = getDownloadRequest(unirest, releaseDescriptor, scanDescriptor);
+
         int status = 202;
         while ( status==202 ) {
-            status = unirest.get("/api/v3/releases/{releaseId}/fpr")
-                .routeParam("releaseId", releaseDescriptor.getReleaseId())
-                .accept("application/octet-stream")
-                .queryString("scanType", scanType.name())
-                .asFile(outputFile.getAbsolutePath(), StandardCopyOption.REPLACE_EXISTING)
+            status = request
+                .asFile(file, StandardCopyOption.REPLACE_EXISTING)
                 .getStatus();
             if ( status==202 ) { Thread.sleep(30000L); }
         }
-        return releaseDescriptor.asJsonNode();
+        return scanDescriptor.asObjectNode().put("file", file);
     }
 
+    protected abstract GetRequest getDownloadRequest(UnirestInstance unirest, FoDReleaseDescriptor releaseDescriptor, FoDScanDescriptor scanDescriptor);
+    protected abstract FoDScanType getScanType();
+
     @Override
-    public String getActionCommandResult() {
-        return "FPR_DOWNLOADED";
+    public final String getActionCommandResult() {
+        return "SCAN_DOWNLOADED";
     }
 
     @Override
-    public boolean isSingular() {
+    public final boolean isSingular() {
         return true;
     }
 }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanDownloadLatestFprCommand.java

@@ -0,0 +1,29 @@
+/*******************************************************************************
+ * Copyright 2021, 2023 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ *******************************************************************************/
+package com.fortify.cli.fod._common.scan.cli.cmd;
+
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
+import com.fortify.cli.fod.release.helper.FoDReleaseDescriptor;
+
+import kong.unirest.GetRequest;
+import kong.unirest.UnirestInstance;
+
+public abstract class AbstractFoDScanDownloadLatestFprCommand extends AbstractFoDScanDownloadLatestCommand {
+    @Override
+    protected GetRequest getDownloadRequest(UnirestInstance unirest, FoDReleaseDescriptor releaseDescriptor, FoDScanDescriptor scanDescriptor) {
+        return unirest.get("/api/v3/releases/{releaseId}/fpr")
+                .routeParam("releaseId", releaseDescriptor.getReleaseId())
+                .accept("application/octet-stream")
+                .queryString("scanType", scanDescriptor.getScanType());
+    }
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanGetCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanGetCommand.java

@@ -11,30 +11,27 @@
  * without notice.
  *******************************************************************************/
 
-package com.fortify.cli.fod.scan.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
 import com.fasterxml.jackson.databind.JsonNode;
-import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
 import com.fortify.cli.common.output.transform.IRecordTransformer;
 import com.fortify.cli.fod._common.output.cli.AbstractFoDJsonNodeOutputCommand;
-import com.fortify.cli.fod.scan.cli.mixin.FoDScanResolverMixin;
-import com.fortify.cli.fod.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.cli.mixin.FoDScanResolverMixin;
+import com.fortify.cli.fod._common.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
 
 import kong.unirest.UnirestInstance;
-import lombok.Getter;
-import picocli.CommandLine.Command;
 import picocli.CommandLine.Mixin;
 
-@Command(name = OutputHelperMixins.Get.CMD_NAME, hidden = false)
-public class FoDScanGetCommand extends AbstractFoDJsonNodeOutputCommand implements IRecordTransformer {
-    @Getter @Mixin private OutputHelperMixins.Get outputHelper;
-
+public abstract class AbstractFoDScanGetCommand extends AbstractFoDJsonNodeOutputCommand implements IRecordTransformer {
     @Mixin private FoDScanResolverMixin.PositionalParameter scanResolver;
 
     @Override
     public JsonNode getJsonNode(UnirestInstance unirest) {
-        return scanResolver.getScanDescriptor(unirest).asJsonNode();
+        return scanResolver.getScanDescriptor(unirest, getScanType()).asJsonNode();
     }
+
+    protected abstract FoDScanType getScanType();
 
     @Override
     public JsonNode transformRecord(JsonNode record) {

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/AbstractFoDScanImportCommand.java → fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanImportCommand.java

@@ -11,7 +11,7 @@
  * without notice.
  *******************************************************************************/
 
-package com.fortify.cli.fod.scan.cli.cmd;
+package com.fortify.cli.fod._common.scan.cli.cmd;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
@@ -21,6 +21,7 @@
 import com.fortify.cli.fod._common.output.cli.AbstractFoDJsonNodeOutputCommand;
 import com.fortify.cli.fod._common.rest.FoDUrls;
 import com.fortify.cli.fod._common.rest.helper.FoDFileTransferHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
 import com.fortify.cli.fod.release.cli.mixin.FoDReleaseByQualifiedNameOrIdResolverMixin;
 
 import kong.unirest.HttpRequest;
@@ -44,12 +45,12 @@ public final JsonNode getJsonNode(UnirestInstance unirest) {
         FoDFileTransferHelper.uploadChunked(unirest, baseRequest, scanFileMixin.getFile());
         return releaseDescriptor.asObjectNode()
                 .put("importScanSessionId", importScanSessionId)
-                .put("scanType", getImportScanType());
+                .put("scanType", getScanType().name());
     }
 
     protected abstract HttpRequest<?> getBaseRequest(UnirestInstance unirest, String releaseId);
 
-    protected abstract String getImportScanType();
+    protected abstract FoDScanType getScanType();
 
     @Override
     public final String getActionCommandResult() {