From 266cf37ec1feef5e16d76e9bad5bd9f1c2482914 Mon Sep 17 00:00:00 2001 From: kadraman Date: Thu, 16 Mar 2023 15:30:59 +0000 Subject: [PATCH] fix: FoD: refactor scan commands to be under single entity (fixes #262) feat: FoD: add `fcli fod scan start-mobile` (implements #260) --- .../cli/fod/_main/cli/cmd/FoDCommands.java | 7 - .../cli/cmd/FoDDastScanGetCommand.java | 13 -- .../cli/cmd/FoDDastScanListCommand.java | 91 --------- .../cli/cmd/FoDDastScanWaitForCommand.java | 13 -- .../lookup/cli/cmd/FoDLookupListCommand.java | 2 +- .../cli/cmd/FoDOssScanListCommand.java | 91 --------- .../output/mixin/FoDOutputHelperMixins.java | 121 +++++++---- .../com/fortify/cli/fod/rest/FoDUrls.java | 4 +- .../cli/cmd/FoDSastScanCommands.java | 47 ----- .../cli/cmd/FoDSastScanGetCommand.java | 13 -- .../cli/cmd/FoDSastScanListCommand.java | 91 --------- .../cli/cmd/FoDSastScanWaitForCommand.java | 13 -- .../cli/fod/scan/cli/cmd/FoDScanCommands.java | 21 ++ .../cli/cmd/FoDScanImportCommand.java} | 31 +-- .../fod/scan/cli/cmd/FoDScanListCommand.java | 11 +- .../cli/mixin/FoDSbomFormatOptions.java | 4 +- .../helper/FoDAssessmentTypeDescriptor.java | 4 +- .../cli/cmd/FoDDastScanImportCommand.java} | 15 +- .../cli/cmd/FoDDastScanListCommand.java} | 20 +- .../cli/cmd/FoDDastScanStartCommand.java | 13 +- .../helper/FoDDastScanDescriptor.java | 2 +- .../helper/FoDDastScanHelper.java | 32 +-- .../helper/FoDDastScanSetupDescriptor.java | 2 +- .../helper/FoDSetupDastScanRequest.java | 2 +- .../helper/FoDStartDastScanRequest.java | 2 +- .../cli/cmd/FoDMobileScanImportCommand.java} | 26 +-- .../cli/cmd/FoDMobileScanListCommand.java | 41 ++++ .../cli/cmd/FoDMobileScanStartCommand.java | 169 ++++++++++++++++ .../helper/FoDMobileScanHelper.java | 109 ++++++++++ .../helper/FoDMobileScanSetupDescriptor.java | 45 +++++ .../helper/FoDStartMobileScanRequest.java | 129 ++++++++++++ .../cli/cmd/FoDOssScanImportCommand.java | 18 +- .../cli/cmd/FoDOssScanListCommand.java | 41 ++++ .../helper/FoDOssHelper.java | 32 +-- .../cli/cmd/FoDSastScanImportCommand.java | 6 +- .../cli/cmd/FoDSastScanListCommand.java} | 31 ++- .../cli/cmd/FoDSastScanSetupCommand.java | 13 +- .../cli/cmd/FoDSastScanStartCommand.java | 15 +- .../helper/FoDSastScanDescriptor.java | 2 +- .../helper/FoDSastScanHelper.java | 37 ++-- .../helper/FoDSastScanSetupDescriptor.java | 2 +- .../helper/FoDSetupSastScanRequest.java | 2 +- .../helper/FoDStartSastScanRequest.java | 2 +- .../cli/fod/i18n/FoDMessages.properties | 190 +++++------------- 44 files changed, 855 insertions(+), 720 deletions(-) delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanGetCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanListCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanWaitForCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanListCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanGetCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanListCommand.java delete mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanWaitForCommand.java rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan/cli/cmd/FoDDastScanImportCommand.java => scan/cli/cmd/FoDScanImportCommand.java} (84%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{oss_scan => scan}/cli/mixin/FoDSbomFormatOptions.java (98%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan/cli/cmd/FoDSastScanCancelCommand.java => scan_dast/cli/cmd/FoDDastScanImportCommand.java} (79%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan/cli/cmd/FoDDastScanCancelCommand.java => scan_dast/cli/cmd/FoDDastScanListCommand.java} (68%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/cli/cmd/FoDDastScanStartCommand.java (95%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/helper/FoDDastScanDescriptor.java (97%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/helper/FoDDastScanHelper.java (87%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/helper/FoDDastScanSetupDescriptor.java (97%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/helper/FoDSetupDastScanRequest.java (99%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan => scan_dast}/helper/FoDStartDastScanRequest.java (98%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{oss_scan/cli/cmd/FoDOssScanCommands.java => scan_mobile/cli/cmd/FoDMobileScanImportCommand.java} (70%) create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanListCommand.java create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanStartCommand.java create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanHelper.java create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanSetupDescriptor.java create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDStartMobileScanRequest.java rename fcli-fod/src/main/java/com/fortify/cli/fod/{oss_scan => scan_oss}/cli/cmd/FoDOssScanImportCommand.java (93%) create mode 100644 fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanListCommand.java rename fcli-fod/src/main/java/com/fortify/cli/fod/{oss_scan => scan_oss}/helper/FoDOssHelper.java (73%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/cli/cmd/FoDSastScanImportCommand.java (96%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{dast_scan/cli/cmd/FoDDastScanCommands.java => scan_sast/cli/cmd/FoDSastScanListCommand.java} (65%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/cli/cmd/FoDSastScanSetupCommand.java (95%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/cli/cmd/FoDSastScanStartCommand.java (93%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/helper/FoDSastScanDescriptor.java (97%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/helper/FoDSastScanHelper.java (87%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/helper/FoDSastScanSetupDescriptor.java (97%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/helper/FoDSetupSastScanRequest.java (98%) rename fcli-fod/src/main/java/com/fortify/cli/fod/{sast_scan => scan_sast}/helper/FoDStartSastScanRequest.java (98%) diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/_main/cli/cmd/FoDCommands.java b/fcli-fod/src/main/java/com/fortify/cli/fod/_main/cli/cmd/FoDCommands.java index 4b0fa08fca..6c729be21a 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/_main/cli/cmd/FoDCommands.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/_main/cli/cmd/FoDCommands.java @@ -2,18 +2,14 @@ import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; import com.fortify.cli.fod.app.cli.cmd.FoDAppCommands; -import com.fortify.cli.fod.dast_scan.cli.cmd.FoDDastScanCommands; import com.fortify.cli.fod.lookup.cli.cmd.FoDLookupCommands; import com.fortify.cli.fod.microservice.cli.cmd.FoDAppMicroserviceCommands; -import com.fortify.cli.fod.oss_scan.cli.cmd.FoDOssScanCommands; import com.fortify.cli.fod.release.cli.cmd.FoDAppRelCommands; import com.fortify.cli.fod.rest.cli.cmd.FoDRestCommands; -import com.fortify.cli.fod.sast_scan.cli.cmd.FoDSastScanCommands; import com.fortify.cli.fod.scan.cli.cmd.FoDScanCommands; import com.fortify.cli.fod.session.cli.cmd.FoDSessionCommands; import com.fortify.cli.fod.user.cli.cmd.FoDUserCommands; import com.fortify.cli.fod.user_group.cli.cmd.FoDUserGroupCommands; - import picocli.CommandLine.Command; @Command( @@ -28,10 +24,7 @@ FoDAppCommands.class, FoDAppRelCommands.class, FoDAppMicroserviceCommands.class, - FoDDastScanCommands.class, FoDLookupCommands.class, - FoDOssScanCommands.class, - FoDSastScanCommands.class, FoDScanCommands.class, FoDUserCommands.class, FoDUserGroupCommands.class diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanGetCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanGetCommand.java deleted file mode 100644 index 9b9160d914..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanGetCommand.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.fortify.cli.fod.dast_scan.cli.cmd; - -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanGetCommand; - -import io.micronaut.core.annotation.ReflectiveAccess; -import picocli.CommandLine.Command; - -// TODO See comments in FoDDastScanCancelCommand -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Get.CMD_NAME) -public class FoDDastScanGetCommand extends FoDScanGetCommand { -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanListCommand.java deleted file mode 100644 index 42394ce9f6..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanListCommand.java +++ /dev/null @@ -1,91 +0,0 @@ -/******************************************************************************* - * (c) Copyright 2020 Micro Focus or one of its affiliates - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following - * conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - ******************************************************************************/ - -package com.fortify.cli.fod.dast_scan.cli.cmd; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestBaseRequestSupplier; -import com.fortify.cli.common.output.spi.transform.IRecordTransformer; -import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; -import com.fortify.cli.fod.rest.FoDUrls; -import com.fortify.cli.fod.rest.helper.FoDFilterResultsTransformer; -import com.fortify.cli.fod.rest.query.FoDFilterParamGenerator; -import com.fortify.cli.fod.rest.query.FoDFiltersParamValueGenerators; -import com.fortify.cli.fod.rest.query.IFoDFilterParamGeneratorSupplier; -import com.fortify.cli.fod.scan.cli.mixin.FoDAnalysisStatusTypeOptions; -import com.fortify.cli.fod.scan.helper.FoDScanHelper; - -import io.micronaut.core.annotation.ReflectiveAccess; -import kong.unirest.HttpRequest; -import kong.unirest.UnirestInstance; -import lombok.Getter; -import picocli.CommandLine.Command; -import picocli.CommandLine.Mixin; -import picocli.CommandLine.Option; - -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.List.CMD_NAME) -public class FoDDastScanListCommand extends AbstractFoDOutputCommand implements IUnirestBaseRequestSupplier, IRecordTransformer, IFoDFilterParamGeneratorSupplier { - @Getter @Mixin private FoDOutputHelperMixins.List outputHelper; - - @Getter private FoDFilterParamGenerator filterParamGenerator = new FoDFilterParamGenerator() - .add("id","scanId", FoDFiltersParamValueGenerators::plain) - .add("type", "scanType", FoDFiltersParamValueGenerators::plain); - - @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; - - // TODO Consider standardizing sorting options across fcli modules, also see https://github.com/fortify/fcli/issues/86 - @Option(names = {"--latest-first"}) - private Boolean latestFirst; - - @Mixin private FoDAnalysisStatusTypeOptions.OptionalOption analysisStatus; - - @Override - public HttpRequest getBaseRequest(UnirestInstance unirest) { - return updateRequest( - unirest.get(FoDUrls.RELEASE + "/scans") - .routeParam("relId", appMicroserviceRelResolver.getAppMicroserviceRelId(unirest)) - ); - } - - private HttpRequest updateRequest(HttpRequest request) { - request.queryString("orderByDirection", (latestFirst != null && latestFirst ? "DESC" : "ASC")); - return request; - } - @Override - public JsonNode transformRecord(JsonNode record) { - String aStatusStr = (analysisStatus != null && analysisStatus.getAnalysisStatusType() != null? String.valueOf(analysisStatus.getAnalysisStatusType()) : "*"); - return new FoDFilterResultsTransformer(new String[] { - "scanType:Dynamic", "analysisStatusType:"+aStatusStr - }).transform(FoDScanHelper.renameFields(record)); - } - - @Override - public boolean isSingular() { - return false; - } -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanWaitForCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanWaitForCommand.java deleted file mode 100644 index 35fc70dd12..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanWaitForCommand.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.fortify.cli.fod.dast_scan.cli.cmd; - -import com.fortify.cli.common.output.cli.mixin.BasicOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanWaitForCommand; - -import io.micronaut.core.annotation.ReflectiveAccess; -import picocli.CommandLine.Command; - -//TODO See comments in FoDDastScanCancelCommand -@ReflectiveAccess -@Command(name = BasicOutputHelperMixins.WaitFor.CMD_NAME) -public class FoDDastScanWaitForCommand extends FoDScanWaitForCommand { -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/lookup/cli/cmd/FoDLookupListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/lookup/cli/cmd/FoDLookupListCommand.java index f938258525..889927baf8 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/lookup/cli/cmd/FoDLookupListCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/lookup/cli/cmd/FoDLookupListCommand.java @@ -64,7 +64,7 @@ public HttpRequest getBaseRequest(UnirestInstance unirest) { public JsonNode transformRecord(JsonNode record) { return FoDLookupHelper.renameFields(record); } - + @Override public boolean isSingular() { return false; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanListCommand.java deleted file mode 100644 index 689347a7a9..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanListCommand.java +++ /dev/null @@ -1,91 +0,0 @@ -/******************************************************************************* - * (c) Copyright 2020 Micro Focus or one of its affiliates - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following - * conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - ******************************************************************************/ - -package com.fortify.cli.fod.oss_scan.cli.cmd; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestBaseRequestSupplier; -import com.fortify.cli.common.output.spi.transform.IRecordTransformer; -import com.fortify.cli.fod.oss_scan.helper.FoDOssHelper; -import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; -import com.fortify.cli.fod.rest.FoDUrls; -import com.fortify.cli.fod.rest.helper.FoDFilterResultsTransformer; -import com.fortify.cli.fod.rest.query.FoDFilterParamGenerator; -import com.fortify.cli.fod.rest.query.FoDFiltersParamValueGenerators; -import com.fortify.cli.fod.rest.query.IFoDFilterParamGeneratorSupplier; -import com.fortify.cli.fod.scan.cli.mixin.FoDAnalysisStatusTypeOptions; - -import io.micronaut.core.annotation.ReflectiveAccess; -import kong.unirest.HttpRequest; -import kong.unirest.UnirestInstance; -import lombok.Getter; -import picocli.CommandLine.Command; -import picocli.CommandLine.Mixin; -import picocli.CommandLine.Option; - -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.List.CMD_NAME) -public class FoDOssScanListCommand extends AbstractFoDOutputCommand implements IUnirestBaseRequestSupplier, IRecordTransformer, IFoDFilterParamGeneratorSupplier { - @Getter @Mixin private FoDOutputHelperMixins.List outputHelper; - - @Getter private FoDFilterParamGenerator filterParamGenerator = new FoDFilterParamGenerator() - .add("id","scanId", FoDFiltersParamValueGenerators::plain) - .add("type", "scanType", FoDFiltersParamValueGenerators::plain); - - @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; - - // TODO Consider standardizing sorting options across fcli modules, also see https://github.com/fortify/fcli/issues/86 - @Option(names = {"--latest-first"}) - private Boolean latestFirst; - - @Mixin private FoDAnalysisStatusTypeOptions.OptionalOption analysisStatus; - - @Override - public HttpRequest getBaseRequest(UnirestInstance unirest) { - return updateRequest( - unirest.get(FoDUrls.RELEASE + "/scans") - .routeParam("relId", appMicroserviceRelResolver.getAppMicroserviceRelId(unirest)) - ); - } - - private HttpRequest updateRequest(HttpRequest request) { - request.queryString("orderByDirection", (latestFirst != null && latestFirst ? "DESC" : "ASC")); - return request; - } - @Override - public JsonNode transformRecord(JsonNode record) { - String aStatusStr = (analysisStatus != null && analysisStatus.getAnalysisStatusType() != null? String.valueOf(analysisStatus.getAnalysisStatusType()) : "*"); - return new FoDFilterResultsTransformer(new String[] { - "scanType:OpenSource", "analysisStatusType:"+aStatusStr - }).transform(FoDOssHelper.renameFields(record)); - } - - @Override - public boolean isSingular() { - return false; - } -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/output/mixin/FoDOutputHelperMixins.java b/fcli-fod/src/main/java/com/fortify/cli/fod/output/mixin/FoDOutputHelperMixins.java index 20c4f687f0..48fb8bb923 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/output/mixin/FoDOutputHelperMixins.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/output/mixin/FoDOutputHelperMixins.java @@ -23,12 +23,12 @@ /** *

This class provides standard, FoD-specific {@link IUnirestOutputHelper} implementations, - * replicating the product-agnostic {@link IUnirestOutputHelper} implementations provided in + * replicating the product-agnostic {@link IUnirestOutputHelper} implementations provided in * {@link UnirestOutputHelperMixins}, adding product-specific functionality through the * {@link ProductHelperClass} annotation on this enclosing class. In addition to the * {@link IUnirestOutputHelper} implementations provided by the common {@link UnirestOutputHelperMixins}, * this class may define some additional implementations specific for FoD.

- * + * * @author rsenden */ @ReflectiveAccess @@ -37,62 +37,62 @@ public class FoDOutputHelperMixins { public static class FoDProductHelper implements IProductHelper, IInputTransformerSupplier, INextPageUrlProducerSupplier { @Getter @Setter private IUnirestOutputHelper outputHelper; @Getter private UnaryOperator inputTransformer = FoDInputTransformer::getItems; - + @Override public INextPageUrlProducer getNextPageUrlProducer(UnirestInstance unirest, HttpRequest originalRequest) { return FoDPagingHelper.nextPageUrlProducer(originalRequest); } } - - @ReflectiveAccess public static class Create + + @ReflectiveAccess public static class Create extends UnirestOutputHelperMixins.Create {} - - @ReflectiveAccess public static class Delete + + @ReflectiveAccess public static class Delete extends UnirestOutputHelperMixins.Delete {} - - @ReflectiveAccess public static class List + + @ReflectiveAccess public static class List extends UnirestOutputHelperMixins.List {} - - @ReflectiveAccess public static class Get + + @ReflectiveAccess public static class Get extends UnirestOutputHelperMixins.Get {} - - @ReflectiveAccess public static class Set + + @ReflectiveAccess public static class Set extends UnirestOutputHelperMixins.Set {} - - @ReflectiveAccess public static class Update + + @ReflectiveAccess public static class Update extends UnirestOutputHelperMixins.Update {} - - @ReflectiveAccess public static class Enable + + @ReflectiveAccess public static class Enable extends UnirestOutputHelperMixins.Enable {} - - @ReflectiveAccess public static class Disable + + @ReflectiveAccess public static class Disable extends UnirestOutputHelperMixins.Disable {} - - @ReflectiveAccess public static class Start + + @ReflectiveAccess public static class Start extends UnirestOutputHelperMixins.Start {} - - @ReflectiveAccess public static class Pause + + @ReflectiveAccess public static class Pause extends UnirestOutputHelperMixins.Pause {} - - @ReflectiveAccess public static class Resume + + @ReflectiveAccess public static class Resume extends UnirestOutputHelperMixins.Resume {} - - @ReflectiveAccess public static class Cancel + + @ReflectiveAccess public static class Cancel extends UnirestOutputHelperMixins.Cancel {} @ReflectiveAccess public static class WaitFor extends BasicOutputHelperMixins.WaitFor {} - @ReflectiveAccess public static class Upload + @ReflectiveAccess public static class Upload extends UnirestOutputHelperMixins.Upload {} - - @ReflectiveAccess public static class Download + + @ReflectiveAccess public static class Download extends UnirestOutputHelperMixins.Download {} - - @ReflectiveAccess public static class Install + + @ReflectiveAccess public static class Install extends UnirestOutputHelperMixins.Install {} - - @ReflectiveAccess public static class Uninstall + + @ReflectiveAccess public static class Uninstall extends UnirestOutputHelperMixins.Uninstall {} @ReflectiveAccess public static class Import @@ -103,4 +103,57 @@ public INextPageUrlProducer getNextPageUrlProducer(UnirestInstance unirest, Http @ReflectiveAccess public static class Setup extends UnirestOutputHelperMixins.Setup {} + + @ReflectiveAccess public static class ListSast extends UnirestOutputHelperMixins.TableWithQuery { + public static final String CMD_NAME = "list-sast"; + } + @ReflectiveAccess public static class ListDast extends UnirestOutputHelperMixins.TableWithQuery { + public static final String CMD_NAME = "list-dast"; + } + @ReflectiveAccess public static class ListOss extends UnirestOutputHelperMixins.TableWithQuery { + public static final String CMD_NAME = "list-oss"; + } + @ReflectiveAccess public static class ListMobile extends UnirestOutputHelperMixins.TableWithQuery { + public static final String CMD_NAME = "list-mobile"; + } + + @ReflectiveAccess public static class SetupSast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "setup-sast"; + } + @ReflectiveAccess public static class SetupDast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "setup-dast"; + } + @ReflectiveAccess public static class SetupOss extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "setup-oss"; + } + @ReflectiveAccess public static class SetupMobile extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "setup-mobile"; + } + + @ReflectiveAccess public static class StartSast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "start-sast"; + } + @ReflectiveAccess public static class StartDast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "start-dast"; + } + @ReflectiveAccess public static class StartOss extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "start-oss"; + } + @ReflectiveAccess public static class StartMobile extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "start-mobile"; + } + + @ReflectiveAccess public static class ImportSast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "import-sast"; + } + @ReflectiveAccess public static class ImportDast extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "import-dast"; + } + @ReflectiveAccess public static class ImportOss extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "import-oss"; + } + @ReflectiveAccess public static class ImportMobile extends UnirestOutputHelperMixins.TableNoQuery { + public static final String CMD_NAME = "import-mobile"; + } + } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/rest/FoDUrls.java b/fcli-fod/src/main/java/com/fortify/cli/fod/rest/FoDUrls.java index f44925abc2..21c0b8a64b 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/rest/FoDUrls.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/rest/FoDUrls.java @@ -57,5 +57,7 @@ public class FoDUrls { public static final String DYNAMIC_SCANS_IMPORT = DYNAMIC_SCANS + "/import-scan"; public static final String MOBILE_SCANS = ApiBase + "/releases/{relId}/mobile-scans"; public static final String MOBILE_SCANS_IMPORT = MOBILE_SCANS + "/import-scan"; + public static final String MOBILE_SCANS_SETUP = MOBILE_SCANS + "/scan-setup"; + public static final String MOBILE_SCANS_START = MOBILE_SCANS + "/start-scan"; -} \ No newline at end of file +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java b/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java deleted file mode 100644 index b7a75e86ac..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java +++ /dev/null @@ -1,47 +0,0 @@ -/******************************************************************************* - * (c) Copyright 2020 Micro Focus or one of its affiliates - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following - * conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - ******************************************************************************/ - -package com.fortify.cli.fod.sast_scan.cli.cmd; - -import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; -import com.fortify.cli.common.variable.DefaultVariablePropertyName; - -import picocli.CommandLine; - -@CommandLine.Command(name = "sast", - aliases = {"sast-scan"}, - subcommands = { - FoDSastScanStartCommand.class, - FoDSastScanCancelCommand.class, - FoDSastScanGetCommand.class, - FoDSastScanListCommand.class, - FoDSastScanImportCommand.class, - FoDSastScanSetupCommand.class, - FoDSastScanWaitForCommand.class - } -) -@DefaultVariablePropertyName("scanId") -public class FoDSastScanCommands extends AbstractFortifyCLICommand { -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanGetCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanGetCommand.java deleted file mode 100644 index 946aa91638..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanGetCommand.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.fortify.cli.fod.sast_scan.cli.cmd; - -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanGetCommand; - -import io.micronaut.core.annotation.ReflectiveAccess; -import picocli.CommandLine.Command; - -//TODO See comments in FoDDastScanCancelCommand -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Get.CMD_NAME) -public class FoDSastScanGetCommand extends FoDScanGetCommand { -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanListCommand.java deleted file mode 100644 index 7b94d9d13f..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanListCommand.java +++ /dev/null @@ -1,91 +0,0 @@ -/******************************************************************************* - * (c) Copyright 2020 Micro Focus or one of its affiliates - * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following - * conditions: - * - * The above copyright notice and this permission notice shall be included - * in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS - * IN THE SOFTWARE. - ******************************************************************************/ - -package com.fortify.cli.fod.sast_scan.cli.cmd; - -import com.fasterxml.jackson.databind.JsonNode; -import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestBaseRequestSupplier; -import com.fortify.cli.common.output.spi.transform.IRecordTransformer; -import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; -import com.fortify.cli.fod.rest.FoDUrls; -import com.fortify.cli.fod.rest.helper.FoDFilterResultsTransformer; -import com.fortify.cli.fod.rest.query.FoDFilterParamGenerator; -import com.fortify.cli.fod.rest.query.FoDFiltersParamValueGenerators; -import com.fortify.cli.fod.rest.query.IFoDFilterParamGeneratorSupplier; -import com.fortify.cli.fod.scan.cli.mixin.FoDAnalysisStatusTypeOptions; -import com.fortify.cli.fod.scan.helper.FoDScanHelper; - -import io.micronaut.core.annotation.ReflectiveAccess; -import kong.unirest.HttpRequest; -import kong.unirest.UnirestInstance; -import lombok.Getter; -import picocli.CommandLine.Command; -import picocli.CommandLine.Mixin; -import picocli.CommandLine.Option; - -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.List.CMD_NAME) -public class FoDSastScanListCommand extends AbstractFoDOutputCommand implements IUnirestBaseRequestSupplier, IRecordTransformer, IFoDFilterParamGeneratorSupplier { - @Getter @Mixin private FoDOutputHelperMixins.List outputHelper; - - @Getter private FoDFilterParamGenerator filterParamGenerator = new FoDFilterParamGenerator() - .add("id","scanId", FoDFiltersParamValueGenerators::plain) - .add("type", "scanType", FoDFiltersParamValueGenerators::plain); - - @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; - - // TODO Consider standardizing sorting options across fcli modules, also see https://github.com/fortify/fcli/issues/86 - @Option(names = {"--latest-first"}) - private Boolean latestFirst; - - @Mixin private FoDAnalysisStatusTypeOptions.OptionalOption analysisStatus; - - @Override - public HttpRequest getBaseRequest(UnirestInstance unirest) { - return updateRequest( - unirest.get(FoDUrls.RELEASE + "/scans") - .routeParam("relId", appMicroserviceRelResolver.getAppMicroserviceRelId(unirest)) - ); - } - - private HttpRequest updateRequest(HttpRequest request) { - request.queryString("orderByDirection", (latestFirst != null && latestFirst ? "DESC" : "ASC")); - return request; - } - @Override - public JsonNode transformRecord(JsonNode record) { - String aStatusStr = (analysisStatus != null && analysisStatus.getAnalysisStatusType() != null? String.valueOf(analysisStatus.getAnalysisStatusType()) : "*"); - return new FoDFilterResultsTransformer(new String[] { - "scanType:Static", "analysisStatusType:"+aStatusStr - }).transform(FoDScanHelper.renameFields(record)); - } - - @Override - public boolean isSingular() { - return false; - } -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanWaitForCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanWaitForCommand.java deleted file mode 100644 index 353d580724..0000000000 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanWaitForCommand.java +++ /dev/null @@ -1,13 +0,0 @@ -package com.fortify.cli.fod.sast_scan.cli.cmd; - -import com.fortify.cli.common.output.cli.mixin.BasicOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanWaitForCommand; - -import io.micronaut.core.annotation.ReflectiveAccess; -import picocli.CommandLine.Command; - -//TODO See comments in FoDDastScanCancelCommand -@ReflectiveAccess -@Command(name = BasicOutputHelperMixins.WaitFor.CMD_NAME) -public class FoDSastScanWaitForCommand extends FoDScanWaitForCommand { -} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanCommands.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanCommands.java index ddd4c95882..b44bd94eef 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanCommands.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanCommands.java @@ -28,6 +28,14 @@ import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; import com.fortify.cli.common.variable.DefaultVariablePropertyName; +import com.fortify.cli.fod.scan_dast.cli.cmd.FoDDastScanImportCommand; +import com.fortify.cli.fod.scan_dast.cli.cmd.FoDDastScanStartCommand; +import com.fortify.cli.fod.scan_mobile.cli.cmd.FoDMobileScanImportCommand; +import com.fortify.cli.fod.scan_mobile.cli.cmd.FoDMobileScanStartCommand; +import com.fortify.cli.fod.scan_oss.cli.cmd.FoDOssScanImportCommand; +import com.fortify.cli.fod.scan_sast.cli.cmd.FoDSastScanImportCommand; +import com.fortify.cli.fod.scan_sast.cli.cmd.FoDSastScanSetupCommand; +import com.fortify.cli.fod.scan_sast.cli.cmd.FoDSastScanStartCommand; import picocli.CommandLine; @CommandLine.Command(name = "scan", @@ -35,6 +43,19 @@ FoDScanCancelCommand.class, FoDScanGetCommand.class, FoDScanListCommand.class, + // commented out as single list command is probably sufficient + //FoDSastScanListCommand.class, + //FoDOssScanListCommand.class, + //FoDDastScanListCommand.class, + //FoDMobileScanListCommand.class, + FoDSastScanImportCommand.class, + FoDDastScanImportCommand.class, + FoDOssScanImportCommand.class, + FoDMobileScanImportCommand.class, + FoDSastScanSetupCommand.class, + FoDSastScanStartCommand.class, + FoDDastScanStartCommand.class, + FoDMobileScanStartCommand.class, FoDScanWaitForCommand.class } ) diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanImportCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanImportCommand.java similarity index 84% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanImportCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanImportCommand.java index 446ef401bd..65e4a94788 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanImportCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanImportCommand.java @@ -23,36 +23,31 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.cli.cmd; - -import java.io.File; +package com.fortify.cli.fod.scan.cli.cmd; import com.fasterxml.jackson.databind.JsonNode; import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestJsonNodeSupplier; import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; import com.fortify.cli.common.output.spi.transform.IRecordTransformer; import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; import com.fortify.cli.fod.rest.FoDUrls; import com.fortify.cli.fod.rest.helper.FoDUploadResponse; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; import com.fortify.cli.fod.scan.helper.FoDImportScan; import com.fortify.cli.fod.scan.helper.FoDScanDescriptor; import com.fortify.cli.fod.scan.helper.FoDScanHelper; import com.fortify.cli.fod.util.FoDConstants; - -import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.HttpRequest; import kong.unirest.UnirestInstance; import lombok.Getter; import picocli.CommandLine; -import picocli.CommandLine.Command; import picocli.CommandLine.Mixin; -@ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Import.CMD_NAME) -public class FoDDastScanImportCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { +import java.io.File; + +public class FoDScanImportCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { @Getter @Mixin private FoDOutputHelperMixins.Import outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; @@ -62,11 +57,19 @@ public class FoDDastScanImportCommand extends AbstractFoDOutputCommand implement @CommandLine.Option(names = {"-f", "--file"}, required = true) private File scanFile; - // TODO Consider splitting into two methods; one for actual upload, one for generating output + public String getImportUrl() { + return FoDUrls.STATIC_SCANS_IMPORT; + } + + public String getScanMethod() { + return "FPRImport"; + } + + // TODO Split method in multiple methods for upload and generating output @Override public JsonNode getJsonNode(UnirestInstance unirest) { String relId = appMicroserviceRelResolver.getAppMicroserviceRelId(unirest); - HttpRequest request = unirest.put(FoDUrls.DYNAMIC_SCANS_IMPORT).routeParam("relId", relId); + HttpRequest request = unirest.put(getImportUrl()).routeParam("relId", relId); FoDImportScan importScanHelper = new FoDImportScan( unirest, relId, request, scanFile ); @@ -75,10 +78,10 @@ public JsonNode getJsonNode(UnirestInstance unirest) { if (response != null) { // get latest scan as we cannot use the referenceId from import anywhere FoDScanDescriptor descriptor = FoDScanHelper.getLatestScanDescriptor(unirest, relId, - FoDScanFormatOptions.FoDScanType.Dynamic, true); + FoDScanFormatOptions.FoDScanType.Static, true); return descriptor.asObjectNode() .put("releaseId", relId) - .put("scanMethod", "FPRImport") + .put("scanMethod", getScanMethod()) .put("importReferenceId", (response != null ? response.getReferenceId() : "N/A")); } return null; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanListCommand.java index 4ab5e4c347..0dec93c688 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanListCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/cmd/FoDScanListCommand.java @@ -62,7 +62,7 @@ public class FoDScanListCommand extends AbstractFoDOutputCommand implements IUni // TODO Consider standardizing sorting options across fcli modules, also see https://github.com/fortify/fcli/issues/86 @Option(names = {"--latest-first"}) private Boolean latestFirst; - + // TODO Can we re-use existing -q option for these filters? Likely need to improve -q option to handle dates and such. @Option(names = {"--started-on-start-date"}) private String startedOnStartDate; @@ -74,11 +74,16 @@ public class FoDScanListCommand extends AbstractFoDOutputCommand implements IUni private String completedOnEndDate; @Option(names = {"--modified-start-date"}) private String modifiedStartDate; - + @Mixin private FoDAnalysisStatusTypeOptions.OptionalOption analysisStatus; @Mixin private FoDScanFormatOptions.OptionalOption scanType; @Mixin private FoDTimePeriodOptions.OptionalOption timePeriod; + public String getScanType() { + String sTypeStr = (scanType != null && scanType.getScanType() != null ? String.valueOf(scanType.getScanType()) : "*"); + return sTypeStr; + } + @Override public HttpRequest getBaseRequest(UnirestInstance unirest) { return updateRequest(unirest.get(FoDUrls.SCANS)); @@ -113,7 +118,7 @@ public JsonNode transformRecord(JsonNode record) { String aStatusStr = (analysisStatus != null && analysisStatus.getAnalysisStatusType() != null ? String.valueOf(analysisStatus.getAnalysisStatusType()) : "*"); String sTypeStr = (scanType != null && scanType.getScanType() != null ? String.valueOf(scanType.getScanType()) : "*"); return new FoDFilterResultsTransformer(new String[]{ - "scanType:" + sTypeStr, "analysisStatusType:" + aStatusStr + "scanType:" + getScanType(), "analysisStatusType:" + aStatusStr }).transform(FoDScanHelper.renameFields(record)); } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/mixin/FoDSbomFormatOptions.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/mixin/FoDSbomFormatOptions.java similarity index 98% rename from fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/mixin/FoDSbomFormatOptions.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/mixin/FoDSbomFormatOptions.java index d5ad9925bd..fa584a903e 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/mixin/FoDSbomFormatOptions.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/cli/mixin/FoDSbomFormatOptions.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.oss_scan.cli.mixin; +package com.fortify.cli.fod.scan.cli.mixin; import java.util.ArrayList; import java.util.stream.Collectors; @@ -34,7 +34,7 @@ import picocli.CommandLine.Option; // TODO Change description keys to be more like picocli convention -// TODO Do we even need description keys, or this class at all? At least +// TODO Do we even need description keys, or this class at all? At least // for now, this mixin is only used by a single command, so we could // consider moving the option directly into that command, and remove // description keys in order to use standard picocli lookup. diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/helper/FoDAssessmentTypeDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/helper/FoDAssessmentTypeDescriptor.java index 794242239a..709f1776c0 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/scan/helper/FoDAssessmentTypeDescriptor.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan/helper/FoDAssessmentTypeDescriptor.java @@ -25,8 +25,8 @@ package com.fortify.cli.fod.scan.helper; -import com.fortify.cli.fod.dast_scan.helper.FoDDastScanSetupDescriptor; -import com.fortify.cli.fod.sast_scan.helper.FoDSastScanSetupDescriptor; +import com.fortify.cli.fod.scan_dast.helper.FoDDastScanSetupDescriptor; +import com.fortify.cli.fod.scan_sast.helper.FoDSastScanSetupDescriptor; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Data; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCancelCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanImportCommand.java similarity index 79% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCancelCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanImportCommand.java index be4b2695df..5e52def42f 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCancelCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanImportCommand.java @@ -23,16 +23,19 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.cli.cmd; +package com.fortify.cli.fod.scan_dast.cli.cmd; +import com.fortify.cli.fod.rest.FoDUrls; +import com.fortify.cli.fod.scan.cli.cmd.FoDScanImportCommand; import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanCancelCommand; - import io.micronaut.core.annotation.ReflectiveAccess; import picocli.CommandLine.Command; -//TODO See comments in FoDDastScanCancelCommand @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Cancel.CMD_NAME) -public class FoDSastScanCancelCommand extends FoDScanCancelCommand { +@Command(name = FoDOutputHelperMixins.ImportDast.CMD_NAME) +public class FoDDastScanImportCommand extends FoDScanImportCommand { + @Override + public String getImportUrl() { + return FoDUrls.DYNAMIC_SCANS_IMPORT; + } } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCancelCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanListCommand.java similarity index 68% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCancelCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanListCommand.java index 5478150601..f93307aee8 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCancelCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanListCommand.java @@ -23,21 +23,19 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.cli.cmd; +package com.fortify.cli.fod.scan_dast.cli.cmd; +import com.fortify.cli.fod.scan.cli.cmd.FoDScanListCommand; import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; -import com.fortify.cli.fod.scan.cli.cmd.FoDScanCancelCommand; - +import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; import io.micronaut.core.annotation.ReflectiveAccess; import picocli.CommandLine.Command; -// TODO Instead of defining a subclass, can't we have FoDDastScanCommands simply -// reference the FoDScanCancelCommand class? @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Cancel.CMD_NAME) -public class FoDDastScanCancelCommand extends FoDScanCancelCommand { - // TODO Ideally, leaf commands should define outputHelper mixin: - // - To make sure that mixin name matches CMD_NAME in Command annotation - // - Aliases defined on mixins in superclasses may not be applied - // In this case, we probably can't, as our parent already defines the outputHelper mixin. +@Command(name = FoDOutputHelperMixins.ListDast.CMD_NAME) +public class FoDDastScanListCommand extends FoDScanListCommand { + @Override + public String getScanType() { + return FoDScanFormatOptions.FoDScanType.Dynamic.name(); + } } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanStartCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanStartCommand.java similarity index 95% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanStartCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanStartCommand.java index df48422322..9465f8096d 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanStartCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/cli/cmd/FoDDastScanStartCommand.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.cli.cmd; +package com.fortify.cli.fod.scan_dast.cli.cmd; import java.time.LocalDateTime; import java.time.format.DateTimeFormatter; @@ -36,9 +36,9 @@ import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; import com.fortify.cli.common.output.spi.transform.IRecordTransformer; import com.fortify.cli.common.util.FcliBuildPropertiesHelper; -import com.fortify.cli.fod.dast_scan.helper.FoDDastScanHelper; -import com.fortify.cli.fod.dast_scan.helper.FoDDastScanSetupDescriptor; -import com.fortify.cli.fod.dast_scan.helper.FoDStartDastScanRequest; +import com.fortify.cli.fod.scan_dast.helper.FoDDastScanHelper; +import com.fortify.cli.fod.scan_dast.helper.FoDDastScanSetupDescriptor; +import com.fortify.cli.fod.scan_dast.helper.FoDStartDastScanRequest; import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; @@ -63,11 +63,10 @@ import picocli.CommandLine.Option; @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Start.CMD_NAME) +@Command(name = FoDOutputHelperMixins.StartDast.CMD_NAME) public class FoDDastScanStartCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { DateTimeFormatter dtf = DateTimeFormatter.ofPattern("MM/dd/yyyy HH:mm"); - // TODO Mixin class 'Create' doesn't match 'Start.CMD_NAME' above - @Getter @Mixin private FoDOutputHelperMixins.Create outputHelper; + @Getter @Mixin private FoDOutputHelperMixins.StartDast outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; @Option(names = {"--entitlement-id"}) private Integer entitlementId; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanDescriptor.java similarity index 97% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanDescriptor.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanDescriptor.java index 35aacabffb..e6c5099134 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanDescriptor.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanDescriptor.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.helper; +package com.fortify.cli.fod.scan_dast.helper; import com.fortify.cli.common.json.JsonNodeHolder; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanHelper.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanHelper.java similarity index 87% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanHelper.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanHelper.java index d74d7b7aa7..51b298f4e1 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanHelper.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanHelper.java @@ -1,29 +1,29 @@ /******************************************************************************* * (c) Copyright 2020 Micro Focus or one of its affiliates * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following * conditions: * - * The above copyright notice and this permission notice shall be included + * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.helper; +package com.fortify.cli.fod.scan_dast.helper; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanSetupDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanSetupDescriptor.java similarity index 97% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanSetupDescriptor.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanSetupDescriptor.java index 30a1e8ffe5..4d403c5345 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDDastScanSetupDescriptor.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDDastScanSetupDescriptor.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.helper; +package com.fortify.cli.fod.scan_dast.helper; import com.fortify.cli.common.json.JsonNodeHolder; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDSetupDastScanRequest.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDSetupDastScanRequest.java similarity index 99% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDSetupDastScanRequest.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDSetupDastScanRequest.java index 9f3beba227..52dad8edd8 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDSetupDastScanRequest.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDSetupDastScanRequest.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.helper; +package com.fortify.cli.fod.scan_dast.helper; import java.util.ArrayList; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDStartDastScanRequest.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDStartDastScanRequest.java similarity index 98% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDStartDastScanRequest.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDStartDastScanRequest.java index c788136f05..c58a0f90fb 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/helper/FoDStartDastScanRequest.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_dast/helper/FoDStartDastScanRequest.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.helper; +package com.fortify.cli.fod.scan_dast.helper; import com.fasterxml.jackson.annotation.JsonFormat; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanImportCommand.java similarity index 70% rename from fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanImportCommand.java index 4d1fc1491a..c2337f8dcf 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanImportCommand.java @@ -23,19 +23,19 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.oss_scan.cli.cmd; +package com.fortify.cli.fod.scan_mobile.cli.cmd; -import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; -import com.fortify.cli.common.variable.DefaultVariablePropertyName; +import com.fortify.cli.fod.rest.FoDUrls; +import com.fortify.cli.fod.scan.cli.cmd.FoDScanImportCommand; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; +import io.micronaut.core.annotation.ReflectiveAccess; +import picocli.CommandLine.Command; -import picocli.CommandLine; - -@CommandLine.Command(name = "oss-scan", - subcommands = { - FoDOssScanListCommand.class, - FoDOssScanImportCommand.class - } -) -@DefaultVariablePropertyName("scanId") -public class FoDOssScanCommands extends AbstractFortifyCLICommand { +@ReflectiveAccess +@Command(name = FoDOutputHelperMixins.ImportMobile.CMD_NAME) +public class FoDMobileScanImportCommand extends FoDScanImportCommand { + @Override + public String getImportUrl() { + return FoDUrls.MOBILE_SCANS_IMPORT; + } } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanListCommand.java new file mode 100644 index 0000000000..543bd1d10b --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanListCommand.java @@ -0,0 +1,41 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_mobile.cli.cmd; + +import com.fortify.cli.fod.scan.cli.cmd.FoDScanListCommand; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; +import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; +import io.micronaut.core.annotation.ReflectiveAccess; +import picocli.CommandLine.Command; + +@ReflectiveAccess +@Command(name = FoDOutputHelperMixins.ListMobile.CMD_NAME) +public class FoDMobileScanListCommand extends FoDScanListCommand { + @Override + public String getScanType() { + return FoDScanFormatOptions.FoDScanType.Mobile.name(); + } +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanStartCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanStartCommand.java new file mode 100644 index 0000000000..a74c9e9750 --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/cli/cmd/FoDMobileScanStartCommand.java @@ -0,0 +1,169 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_mobile.cli.cmd; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonNode; +import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestJsonNodeSupplier; +import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; +import com.fortify.cli.common.output.spi.transform.IRecordTransformer; +import com.fortify.cli.common.util.FcliBuildPropertiesHelper; +import com.fortify.cli.fod.lookup.cli.mixin.FoDLookupTypeOptions; +import com.fortify.cli.fod.lookup.helper.FoDLookupDescriptor; +import com.fortify.cli.fod.lookup.helper.FoDLookupHelper; +import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; +import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; +import com.fortify.cli.fod.scan.cli.mixin.FoDAssessmentTypeOptions; +import com.fortify.cli.fod.scan.cli.mixin.FoDEntitlementPreferenceTypeOptions; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; +import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; +import com.fortify.cli.fod.scan.helper.FoDAssessmentTypeDescriptor; +import com.fortify.cli.fod.scan.helper.FoDScanHelper; +import com.fortify.cli.fod.scan_mobile.helper.FoDMobileScanHelper; +import com.fortify.cli.fod.scan_mobile.helper.FoDStartMobileScanRequest; +import com.fortify.cli.fod.util.FoDConstants; +import io.micronaut.core.annotation.ReflectiveAccess; +import kong.unirest.UnirestInstance; +import lombok.Getter; +import picocli.CommandLine.Command; +import picocli.CommandLine.Mixin; +import picocli.CommandLine.Option; + +import javax.validation.ValidationException; +import java.io.File; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; +import java.util.Properties; + +@ReflectiveAccess +@Command(name = FoDOutputHelperMixins.StartMobile.CMD_NAME) +public class FoDMobileScanStartCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { + DateTimeFormatter dtf = DateTimeFormatter.ofPattern("MM/dd/yyyy HH:mm"); + @Getter @Mixin private FoDOutputHelperMixins.StartMobile outputHelper; + @Mixin + private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; + @Option(names = {"--entitlement-id"}) + private Integer entitlementId; + private enum MobileFrameworks { iOS, Android } + @Option(names = {"--framework"}, required = true) + private MobileFrameworks mobileFramework; + @Option(names = {"--timezone"}) + private String timezone; + @Option(names = {"--start-date"}) + private String startDate; + @Option(names = {"--notes"}) + private String notes; + @Option(names = {"--chunk-size"}) + private int chunkSize = FoDConstants.DEFAULT_CHUNK_SIZE; + @Option(names = {"-f", "--file"}, required = true) + private File scanFile; + + @Mixin + private FoDEntitlementPreferenceTypeOptions.OptionalOption entitlementType; + @Mixin + private FoDAssessmentTypeOptions.OptionalOption assessmentType; + + // TODO Split into multiple methods + @Override + public JsonNode getJsonNode(UnirestInstance unirest) { + + Properties fcliProperties = FcliBuildPropertiesHelper.getBuildProperties(); + FoDAssessmentTypeDescriptor entitlementToUse = new FoDAssessmentTypeDescriptor(); + + String relId = appMicroserviceRelResolver.getAppMicroserviceRelId(unirest); + + // TODO: should we check if scan is already running ? + + /** + * Logic for finding/using "entitlement" and "remediation" scanning is as follows: + * - if "entitlement id" is specified directly then use it + * - if an "assessment type" (Mobile/Mobile+) and "entitlement type" (Static/Subscription) then find an + * appropriate entitlement to use + * - otherwise fail + */ + if (entitlementId != null && entitlementId > 0) { + //entitlementToUse.copyFromCurrentSetup(currentSetup); + entitlementToUse.setEntitlementId(entitlementId); + } else if (assessmentType.getAssessmentType() != null && entitlementType.getEntitlementPreferenceType() != null) { + // if assessment and entitlement type are both specified, find entitlement to use + entitlementToUse = FoDMobileScanHelper.getEntitlementToUse(unirest, relId, + assessmentType.getAssessmentType(), entitlementType.getEntitlementPreferenceType(), + FoDScanFormatOptions.FoDScanType.Mobile); + } else { + throw new ValidationException("Please specify an 'entitlement id' or an 'entitlement preference' and 'assessment type'."); + } + + if (entitlementToUse.getEntitlementId() == null || entitlementToUse.getEntitlementId() <= 0) { + throw new ValidationException("Could not find a valid FoD entitlement to use."); + } + + // find/check timeZone if specified + if (timezone != null && !timezone.isEmpty()) { + try { + FoDLookupDescriptor lookupDescriptor = FoDLookupHelper.getDescriptor(unirest, FoDLookupTypeOptions.FoDLookupType.TimeZones, timezone, true); + } catch (JsonProcessingException ex) { + throw new ValidationException(ex.getMessage()); + } + // else default to UTC + } else { + timezone = "UTC"; + } + + String startDateStr = (startDate == null || startDate.isEmpty()) + ? LocalDateTime.now().format(dtf) + : LocalDateTime.parse(startDate, dtf).toString(); + + FoDStartMobileScanRequest startScanRequest = new FoDStartMobileScanRequest() + .setStartDate(startDateStr) + .setAssessmentTypeId(entitlementToUse.getAssessmentTypeId()) + .setEntitlementId(entitlementToUse.getEntitlementId()) + .setEntitlementFrequencyType(entitlementToUse.getFrequencyType()) + .setTimeZone(timezone) + .setFrameworkType(mobileFramework.name()) + .setScanMethodType("Other") + .setNotes(notes != null && !notes.isEmpty() ? notes : "") + .setScanTool(fcliProperties.getProperty("projectName", "fcli")) + .setScanToolVersion(fcliProperties.getProperty("projectVersion", "unknown")); + + return FoDMobileScanHelper.startScan(unirest, relId, startScanRequest, scanFile, chunkSize).asJsonNode(); + } + + @Override + public JsonNode transformRecord(JsonNode record) { + return FoDScanHelper.renameFields(record); + } + + @Override + public String getActionCommandResult() { + return "STARTED"; + } + + @Override + public boolean isSingular() { + return true; + } + +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanHelper.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanHelper.java new file mode 100644 index 0000000000..afa394a3ca --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanHelper.java @@ -0,0 +1,109 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_mobile.helper; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ObjectNode; +import com.fortify.cli.common.json.JsonHelper; +import com.fortify.cli.fod.release.helper.FoDAppRelDescriptor; +import com.fortify.cli.fod.release.helper.FoDAppRelHelper; +import com.fortify.cli.fod.rest.FoDUrls; +import com.fortify.cli.fod.rest.helper.FoDUploadResponse; +import com.fortify.cli.fod.scan.helper.FoDScanDescriptor; +import com.fortify.cli.fod.scan.helper.FoDScanHelper; +import com.fortify.cli.fod.scan.helper.FoDScanNotFoundException; +import com.fortify.cli.fod.scan.helper.FoDStartScan; +import kong.unirest.GetRequest; +import kong.unirest.HttpRequest; +import kong.unirest.UnirestInstance; +import lombok.Getter; + +import java.io.File; + +public class FoDMobileScanHelper extends FoDScanHelper { + @Getter + private static final ObjectMapper objectMapper = new ObjectMapper(); + + /*public static final FoDMobileScanSetupDescriptor setupScan(UnirestInstance unirest, Integer relId, FoDSetupMobileScanRequest setupMobileScanRequest) { + ObjectNode body = objectMapper.valueToTree(setupMobileScanRequest); + FoDQueryHelper.stripNulls(body); + unirest.put(FoDUrls.STATIC_SCANS + "/scan-setup") + .routeParam("relId", String.valueOf(relId)) + .body(body).asObject(JsonNode.class).getBody(); + return getSetupDescriptor(unirest, String.valueOf(relId)); + }*/ + + // TODO Split into multiple methods + public static final FoDScanDescriptor startScan(UnirestInstance unirest, String relId, FoDStartMobileScanRequest req, + File scanFile, int chunkSize) { + FoDAppRelDescriptor appRelDescriptor = FoDAppRelHelper.getAppRelDescriptor(unirest, relId, ":", true); + HttpRequest request = unirest.post(FoDUrls.MOBILE_SCANS_START).routeParam("relId", relId) + .queryString("startDate", (req.getStartDate())) + .queryString("assessmentTypeId", req.getAssessmentTypeId()) + .queryString("frameworkType", req.getFrameworkType()) + .queryString("timeZone", req.getTimeZone()) + .queryString("entitlementFrequencyType", req.getEntitlementFrequencyType()); + + if (req.getEntitlementId() != null && req.getEntitlementId() > 0) { + request = request.queryString("entitlementId", req.getEntitlementId()); + } + + FoDStartScan startScan = new FoDStartScan(unirest, relId, request, scanFile); + startScan.setChunkSize(chunkSize); + FoDUploadResponse startScanResponse = startScan.upload(); + if (startScanResponse == null || startScanResponse.getScanId() <= 0) { + throw new RuntimeException("Unable to retrieve scan id from response when starting Static scan."); + } + JsonNode node = objectMapper.createObjectNode(); + ((ObjectNode) node).put("scanId", startScanResponse.getScanId()); + ((ObjectNode) node).put("analysisStatusType", "Pending"); + FoDScanDescriptor scanDescriptor = JsonHelper.treeToValue(node, FoDScanDescriptor.class); + try { + scanDescriptor = getScanDescriptor(unirest, String.valueOf(startScanResponse.getScanId())); + } catch (FoDScanNotFoundException ex) { + scanDescriptor.setStatus("Unavailable"); + } + scanDescriptor.setMicroserviceName(appRelDescriptor.getMicroserviceName()); + return scanDescriptor; + } + + public static final FoDMobileScanSetupDescriptor getSetupDescriptor(UnirestInstance unirest, String relId) { + GetRequest request = unirest.get(FoDUrls.MOBILE_SCANS + "/scan-setup") + .routeParam("relId", relId); + JsonNode setup = request.asObject(ObjectNode.class).getBody(); + return JsonHelper.treeToValue(setup, FoDMobileScanSetupDescriptor.class); + } + + // TODO Consider having a generic abbreviate method in StringUtils + // TODO Consider adding commons-lang as fcli dependency, which already provides abbreviate method + private static String abbreviateString(String input, int maxLength) { + if (input.length() <= maxLength) + return input; + else + return input.substring(0, maxLength); + } +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanSetupDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanSetupDescriptor.java new file mode 100644 index 0000000000..caad34b5cb --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDMobileScanSetupDescriptor.java @@ -0,0 +1,45 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_mobile.helper; + +import com.fortify.cli.common.json.JsonNodeHolder; +import io.micronaut.core.annotation.ReflectiveAccess; +import lombok.Data; +import lombok.EqualsAndHashCode; + +@ReflectiveAccess +@Data +@EqualsAndHashCode(callSuper=false) +public class FoDMobileScanSetupDescriptor extends JsonNodeHolder { + private Integer releaseId; + private Integer assessmentTypeId; + private Integer entitlementId; + private String entitlementDescription; + private String entitlementFrequencyType; + private Integer entitlementFrequencyTypeId; + private Integer technologyStackId; + private String technologyStack; +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDStartMobileScanRequest.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDStartMobileScanRequest.java new file mode 100644 index 0000000000..5741717b1c --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_mobile/helper/FoDStartMobileScanRequest.java @@ -0,0 +1,129 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_mobile.helper; + +import com.fasterxml.jackson.annotation.JsonFormat; +import io.micronaut.core.annotation.ReflectiveAccess; +import lombok.Getter; +import lombok.ToString; + +//TODO Consider using @Builder instead of manually implementing setter methods +@ReflectiveAccess +@Getter +@ToString +public class FoDStartMobileScanRequest { + @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "MM/dd/yyyy HH:mm") + + private String startDate; + private Integer assessmentTypeId; + private Integer entitlementId; + private String entitlementFrequencyType; + + private String timeZone; + + private String frameworkType; + private Boolean isRemediationScan; + //private Boolean isBundledAssessment; + //private Integer parentAssessmentTypeId; + //private Boolean applyPreviousScanSettings; + private String scanMethodType; + private String scanTool; + private String scanToolVersion; + + private String notes; + + public FoDStartMobileScanRequest setStartDate(String startDate) { + this.startDate = startDate; + return this; + } + + public FoDStartMobileScanRequest setAssessmentTypeId(Integer assessmentTypeId) { + this.assessmentTypeId = assessmentTypeId; + return this; + } + + public FoDStartMobileScanRequest setEntitlementId(Integer entitlementId) { + this.entitlementId = entitlementId; + return this; + } + + public FoDStartMobileScanRequest setEntitlementFrequencyType(String entitlementFrequencyType) { + this.entitlementFrequencyType = entitlementFrequencyType; + return this; + } + + public FoDStartMobileScanRequest setRemediationScan(Boolean remediationScan) { + this.isRemediationScan = remediationScan; + return this; + } + + public FoDStartMobileScanRequest setTimeZone(String timeZone) { + this.timeZone = timeZone; + return this; + } + + public FoDStartMobileScanRequest setFrameworkType(String frameworkType) { + this.frameworkType = frameworkType; + return this; + } +/* + public FoDStartDastScanRequest setBundledAssessment(Boolean bundledAssessment) { + isBundledAssessment = bundledAssessment; + return this; + } + + public FoDStartDastScanRequest setParentAssessmentTypeId(Integer parentAssessmentTypeId) { + this.parentAssessmentTypeId = parentAssessmentTypeId; + return this; + } + + public FoDStartMobileScanRequest setApplyPreviousScanSettings(Boolean applyPreviousScanSettings) { + this.applyPreviousScanSettings = applyPreviousScanSettings; + return this; + } +*/ + public FoDStartMobileScanRequest setScanMethodType(String scanMethodType) { + this.scanMethodType = scanMethodType; + return this; + + } + + public FoDStartMobileScanRequest setScanTool(String scanTool) { + this.scanTool = (scanTool == null ? "Other" : scanTool); + return this; + + } + + public FoDStartMobileScanRequest setScanToolVersion(String scanToolVersion) { + this.scanToolVersion = (scanToolVersion == null ? "N/A" : scanToolVersion); + return this; + } + + public FoDStartMobileScanRequest setNotes(String notes) { + this.notes = (notes == null ? "" : notes); + return this; + } +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanImportCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanImportCommand.java similarity index 93% rename from fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanImportCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanImportCommand.java index e408b3b198..212c470d6c 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanImportCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanImportCommand.java @@ -23,27 +23,23 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.oss_scan.cli.cmd; - -import java.io.File; +package com.fortify.cli.fod.scan_oss.cli.cmd; import com.fasterxml.jackson.databind.JsonNode; import com.fortify.cli.common.output.cli.cmd.unirest.IUnirestJsonNodeSupplier; import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; import com.fortify.cli.common.output.spi.transform.IRecordTransformer; -import com.fortify.cli.fod.oss_scan.cli.mixin.FoDSbomFormatOptions; -import com.fortify.cli.fod.oss_scan.helper.FoDOssHelper; +import com.fortify.cli.fod.scan.cli.mixin.FoDSbomFormatOptions; import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; -import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; import com.fortify.cli.fod.rest.FoDUrls; import com.fortify.cli.fod.rest.helper.FoDUploadResponse; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; import com.fortify.cli.fod.scan.helper.FoDImportScan; import com.fortify.cli.fod.scan.helper.FoDScanDescriptor; import com.fortify.cli.fod.scan.helper.FoDScanHelper; import com.fortify.cli.fod.util.FoDConstants; - import io.micronaut.core.annotation.ReflectiveAccess; import kong.unirest.HttpRequest; import kong.unirest.UnirestInstance; @@ -52,10 +48,12 @@ import picocli.CommandLine.Command; import picocli.CommandLine.Mixin; +import java.io.File; + @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Import.CMD_NAME) +@Command(name = FoDOutputHelperMixins.ImportOss.CMD_NAME) public class FoDOssScanImportCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { - @Getter @Mixin private FoDOutputHelperMixins.Import outputHelper; + @Getter @Mixin private FoDOutputHelperMixins.ImportOss outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; @Mixin private FoDSbomFormatOptions.OptionalOption sbomFormat; @@ -97,7 +95,7 @@ public JsonNode getJsonNode(UnirestInstance unirest) { } public JsonNode transformRecord(JsonNode record) { - return FoDOssHelper.renameFields(record); + return FoDScanHelper.renameFields(record); } @Override diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanListCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanListCommand.java new file mode 100644 index 0000000000..9c707c33dc --- /dev/null +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/cli/cmd/FoDOssScanListCommand.java @@ -0,0 +1,41 @@ +/******************************************************************************* + * (c) Copyright 2020 Micro Focus or one of its affiliates + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + ******************************************************************************/ + +package com.fortify.cli.fod.scan_oss.cli.cmd; + +import com.fortify.cli.fod.scan.cli.cmd.FoDScanListCommand; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; +import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; +import io.micronaut.core.annotation.ReflectiveAccess; +import picocli.CommandLine.Command; + +@ReflectiveAccess +@Command(name = FoDOutputHelperMixins.ListOss.CMD_NAME) +public class FoDOssScanListCommand extends FoDScanListCommand { + @Override + public String getScanType() { + return FoDScanFormatOptions.FoDScanType.OpenSource.name(); + } +} diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/helper/FoDOssHelper.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/helper/FoDOssHelper.java similarity index 73% rename from fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/helper/FoDOssHelper.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/helper/FoDOssHelper.java index ed203fa566..5798dacadb 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/helper/FoDOssHelper.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_oss/helper/FoDOssHelper.java @@ -1,29 +1,29 @@ /******************************************************************************* * (c) Copyright 2020 Micro Focus or one of its affiliates * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following * conditions: * - * The above copyright notice and this permission notice shall be included + * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.oss_scan.helper; +package com.fortify.cli.fod.scan_oss.helper; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanImportCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanImportCommand.java similarity index 96% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanImportCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanImportCommand.java index 52560ea443..98a4b90bd8 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanImportCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanImportCommand.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.cli.cmd; +package com.fortify.cli.fod.scan_sast.cli.cmd; import java.io.File; @@ -51,9 +51,9 @@ import picocli.CommandLine.Mixin; @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Import.CMD_NAME) +@Command(name = FoDOutputHelperMixins.ImportSast.CMD_NAME) public class FoDSastScanImportCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { - @Getter @Mixin private FoDOutputHelperMixins.Import outputHelper; + @Getter @Mixin private FoDOutputHelperMixins.ImportSast outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanListCommand.java similarity index 65% rename from fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanListCommand.java index 1f13d6fbd8..2efe23325a 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanListCommand.java @@ -23,24 +23,19 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.dast_scan.cli.cmd; +package com.fortify.cli.fod.scan_sast.cli.cmd; -import com.fortify.cli.common.cli.cmd.AbstractFortifyCLICommand; -import com.fortify.cli.common.variable.DefaultVariablePropertyName; +import com.fortify.cli.fod.scan.cli.cmd.FoDScanListCommand; +import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; +import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; +import io.micronaut.core.annotation.ReflectiveAccess; +import picocli.CommandLine.Command; -import picocli.CommandLine; - -@CommandLine.Command(name = "dast", - aliases = {"dast-scan"}, - subcommands = { - FoDDastScanStartCommand.class, - FoDDastScanCancelCommand.class, - FoDDastScanGetCommand.class, - FoDDastScanListCommand.class, - FoDDastScanImportCommand.class, - FoDDastScanWaitForCommand.class - } -) -@DefaultVariablePropertyName("scanId") -public class FoDDastScanCommands extends AbstractFortifyCLICommand { +@ReflectiveAccess +@Command(name = FoDOutputHelperMixins.ListSast.CMD_NAME) +public class FoDSastScanListCommand extends FoDScanListCommand { + @Override + public String getScanType() { + return FoDScanFormatOptions.FoDScanType.Static.name(); + } } diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanSetupCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanSetupCommand.java similarity index 95% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanSetupCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanSetupCommand.java index 15bf2a90e5..d3805e5ad3 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanSetupCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanSetupCommand.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.cli.cmd; +package com.fortify.cli.fod.scan_sast.cli.cmd; import javax.validation.ValidationException; @@ -40,9 +40,9 @@ import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; import com.fortify.cli.fod.release.helper.FoDAppRelAssessmentTypeDescriptor; import com.fortify.cli.fod.release.helper.FoDAppRelHelper; -import com.fortify.cli.fod.sast_scan.helper.FoDSastScanHelper; -import com.fortify.cli.fod.sast_scan.helper.FoDSastScanSetupDescriptor; -import com.fortify.cli.fod.sast_scan.helper.FoDSetupSastScanRequest; +import com.fortify.cli.fod.scan_sast.helper.FoDSastScanHelper; +import com.fortify.cli.fod.scan_sast.helper.FoDSastScanSetupDescriptor; +import com.fortify.cli.fod.scan_sast.helper.FoDSetupSastScanRequest; import com.fortify.cli.fod.scan.cli.mixin.FoDAssessmentTypeOptions; import com.fortify.cli.fod.scan.cli.mixin.FoDScanFormatOptions; import com.fortify.cli.fod.scan.helper.FoDAssessmentTypeDescriptor; @@ -57,10 +57,9 @@ import picocli.CommandLine.Option; @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Setup.CMD_NAME) +@Command(name = FoDOutputHelperMixins.SetupSast.CMD_NAME) public class FoDSastScanSetupCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { - // TODO Mixin class 'Create' doesn't match 'Setup.CMD_NAME' above - @Getter @Mixin private FoDOutputHelperMixins.Create outputHelper; + @Getter @Mixin private FoDOutputHelperMixins.SetupSast outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanStartCommand.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanStartCommand.java similarity index 93% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanStartCommand.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanStartCommand.java index 22d0de2110..41e14edee6 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanStartCommand.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/cli/cmd/FoDSastScanStartCommand.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.cli.cmd; +package com.fortify.cli.fod.scan_sast.cli.cmd; import java.io.File; import java.util.Properties; @@ -35,13 +35,13 @@ import com.fortify.cli.common.output.spi.transform.IActionCommandResultSupplier; import com.fortify.cli.common.output.spi.transform.IRecordTransformer; import com.fortify.cli.common.util.FcliBuildPropertiesHelper; -import com.fortify.cli.fod.dast_scan.helper.FoDDastScanHelper; +import com.fortify.cli.fod.scan_dast.helper.FoDDastScanHelper; import com.fortify.cli.fod.output.cli.AbstractFoDOutputCommand; import com.fortify.cli.fod.output.mixin.FoDOutputHelperMixins; import com.fortify.cli.fod.release.cli.mixin.FoDAppMicroserviceRelResolverMixin; -import com.fortify.cli.fod.sast_scan.helper.FoDSastScanHelper; -import com.fortify.cli.fod.sast_scan.helper.FoDSastScanSetupDescriptor; -import com.fortify.cli.fod.sast_scan.helper.FoDStartSastScanRequest; +import com.fortify.cli.fod.scan_sast.helper.FoDSastScanHelper; +import com.fortify.cli.fod.scan_sast.helper.FoDSastScanSetupDescriptor; +import com.fortify.cli.fod.scan_sast.helper.FoDStartSastScanRequest; import com.fortify.cli.fod.scan.cli.mixin.FoDEntitlementPreferenceTypeOptions; import com.fortify.cli.fod.scan.cli.mixin.FoDInProgressScanActionTypeOptions; import com.fortify.cli.fod.scan.cli.mixin.FoDRemediationScanPreferenceTypeOptions; @@ -60,10 +60,9 @@ import picocli.CommandLine.Option; @ReflectiveAccess -@Command(name = FoDOutputHelperMixins.Start.CMD_NAME) +@Command(name = FoDOutputHelperMixins.StartSast.CMD_NAME) public class FoDSastScanStartCommand extends AbstractFoDOutputCommand implements IUnirestJsonNodeSupplier, IRecordTransformer, IActionCommandResultSupplier { - // TODO Mixin class 'Create' doesn't match 'Start.CMD_NAME' above - @Getter @Mixin private FoDOutputHelperMixins.Create outputHelper; + @Getter @Mixin private FoDOutputHelperMixins.StartSast outputHelper; @Mixin private FoDAppMicroserviceRelResolverMixin.PositionalParameter appMicroserviceRelResolver; @Option(names = {"--entitlement-id"}) diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanDescriptor.java similarity index 97% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanDescriptor.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanDescriptor.java index 8e6d5f75c3..1ddfcd407c 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanDescriptor.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanDescriptor.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.helper; +package com.fortify.cli.fod.scan_sast.helper; import com.fortify.cli.common.json.JsonNodeHolder; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanHelper.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanHelper.java similarity index 87% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanHelper.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanHelper.java index ac37d9596d..a4fbf83ca7 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanHelper.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanHelper.java @@ -1,29 +1,29 @@ /******************************************************************************* * (c) Copyright 2020 Micro Focus or one of its affiliates * - * Permission is hereby granted, free of charge, to any person obtaining a - * copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including without - * limitation the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to permit persons to - * whom the Software is furnished to do so, subject to the following + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including without + * limitation the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to permit persons to + * whom the Software is furnished to do so, subject to the following * conditions: * - * The above copyright notice and this permission notice shall be included + * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, - * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.helper; +package com.fortify.cli.fod.scan_sast.helper; import java.io.File; @@ -35,10 +35,7 @@ import com.fortify.cli.fod.release.helper.FoDAppRelHelper; import com.fortify.cli.fod.rest.FoDUrls; import com.fortify.cli.fod.rest.helper.FoDUploadResponse; -import com.fortify.cli.fod.scan.helper.FoDScanDescriptor; -import com.fortify.cli.fod.scan.helper.FoDScanHelper; -import com.fortify.cli.fod.scan.helper.FoDScanNotFoundException; -import com.fortify.cli.fod.scan.helper.FoDStartScan; +import com.fortify.cli.fod.scan.helper.*; import com.fortify.cli.fod.util.FoDConstants; import com.fortify.cli.fod.util.FoDEnums; import com.fortify.cli.fod.util.FoDQueryHelper; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanSetupDescriptor.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanSetupDescriptor.java similarity index 97% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanSetupDescriptor.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanSetupDescriptor.java index 0c06eafc14..178b34ac0c 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSastScanSetupDescriptor.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSastScanSetupDescriptor.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.helper; +package com.fortify.cli.fod.scan_sast.helper; import com.fortify.cli.common.json.JsonNodeHolder; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSetupSastScanRequest.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSetupSastScanRequest.java similarity index 98% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSetupSastScanRequest.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSetupSastScanRequest.java index d0ee90d81f..305436adaa 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDSetupSastScanRequest.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDSetupSastScanRequest.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.helper; +package com.fortify.cli.fod.scan_sast.helper; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; diff --git a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDStartSastScanRequest.java b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDStartSastScanRequest.java similarity index 98% rename from fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDStartSastScanRequest.java rename to fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDStartSastScanRequest.java index 481d407f16..e7845910e5 100644 --- a/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/helper/FoDStartSastScanRequest.java +++ b/fcli-fod/src/main/java/com/fortify/cli/fod/scan_sast/helper/FoDStartSastScanRequest.java @@ -23,7 +23,7 @@ * IN THE SOFTWARE. ******************************************************************************/ -package com.fortify.cli.fod.sast_scan.helper; +package com.fortify.cli.fod.scan_sast.helper; import io.micronaut.core.annotation.ReflectiveAccess; import lombok.Getter; diff --git a/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties b/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties index d6b2f984d1..92363511b1 100644 --- a/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties +++ b/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties @@ -153,7 +153,7 @@ fcli.fod.scan.cancel.usage.header = Cancel a scan from Fortify on Demand (FoD). # For the "fod scan get" command fcli.fod.scan.get.usage.header = Get a specific scan from Fortify on Demand (FoD). -# For the "fod scan list" command +# For the "fod scan list" commands fcli.fod.scan.list.usage.header = List scans on Fortify on Demand (FoD). fcli.fod.scan.list.latest-first = List latest scans first. fcli.fod.scan.list.started-on-start-date = Include scans started on or after the date specified (in MM/dd/yyyy HH:mm format). @@ -163,104 +163,55 @@ fcli.fod.scan.list.completed-on-end-date = Only include scans completed before t fcli.fod.scan.list.modified-start-date = Include scans modified on or after the date specified (in MM/dd/yyyy HH:mm format). # For the "fod scan wait-for" command -fcli.fod.scan.wait-for.usage.description = Wait for one or more scans to reach or exit specified scan statuses. +fcli.fod.scan.wait-for.usage.header = Wait for one or more scans to reach or exit specified scan statuses. # Re-uses generic options - -### For the "fod dast" command ### -fcli.fod.dast.usage.header = Commands for interacting with DAST scans on Fortify on Demand (FoD). - -# For the "fod dast setup" command -fcli.fod.dast.setup.usage.header = Setup a new DAST scan on Fortify on Demand (FoD). - -# For the "fod dast start" command -fcli.fod.dast.start.usage.header = Start a new DAST scan on Fortify on Demand (FoD). -fcli.fod.dast.start.start-date = Date to start the scan (in MM/dd/yyyy HH:mm format). -fcli.fod.dast.start.entitlement-id = The Id of the entitlement to use for the scan. -fcli.fod.dast.start.purchase-entitlement = Purchase an entitlement if one is not currently allocated or available. -fcli.fod.dast.start.notes = Scan notes. -fcli.fod.dast.start.file = Absolute path of the file to upload. - -# For the "fod dast cancel" command -fcli.fod.dast.cancel.usage.header = Cancel a DAST scan from Fortify on Demand (FoD). - -# For the "fod dast get" command -fcli.fod.dast.get.usage.header = Get a specific DAST scan from Fortify on Demand (FoD). - -# For the "fod dast list" command -fcli.fod.dast.list.usage.header = List DAST scans on Fortify on Demand (FoD). -fcli.fod.dast.list.latest-first = List latest scans first. - -# For the "fod dast import" command -fcli.fod.dast.import.usage.header = Import an existing DAST scan (in FPR format) on Fortify on Demand (FoD). -fcli.fod.dast.import.file = Absolute path of the (FPR) scan file to upload. -fcli.fod.dast.import.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. - -# For the "fod dast wait-for" command -fcli.fod.dast.wait-for.usage.header = Wait for one or more scans to reach or exit specified scan statuses -fcli.fod.dast.wait-for.usage.description.0 = Although this command offers a lot of options to cover many different use cases, to just wait for completion of a single scan that was started using the "--store '?'" option, you can simply run "fcli fod dast wait-for '?'". -fcli.fod.dast.wait-for.usage.description.1 = %nIf none of the --while or --until options are specified, this command will by default wait until the scan has completed. If any error state or unknown state is detected, an exception will be thrown. -fcli.fod.dast.wait-for.usage.description.2 = %nThe following states are currently known by fcli: -fcli.fod.dast.wait-for.usage.description.3 = ${fcli.fod.scan.states:-See fcli help output} -# Re-uses generic options - - -### For the "fod sast" command ### -fcli.fod.sast.usage.header = Commands for interacting with SAST scans on Fortify on Demand (FoD). - -# For the "fod sast setup" command -fcli.fod.sast.setup.usage.header = Setup a new SAST scan on Fortify on Demand (FoD). -fcli.fod.sast.setup.entitlement-frequency = Entitlement frequency, e.g. Single or Subscription. -fcli.fod.sast.setup.entitlement-id = Entitlement Id to use. If not specified Frequency and Assessment Type will be used to find one. -fcli.fod.sast.setup.technology-stack = The technology stack of the application. Use `fcli fod lookup list --type TechnologyTypes` to see the values. -fcli.fod.sast.setup.language-level = The language level of the technology stack (if needed). Use `fcli fod lookup list --type LanguageLevels -q "group=XXX"` to see the values. -fcli.fod.sast.setup.oss = Perform Open Source Analysis scan. -fcli.fod.sast.setup.audit-preference = Audit preference, e.g. Manual or Automated -fcli.fod.sast.setup.include-third-party-libs = Indicates if third party libraries should be included. -fcli.fod.sast.setup.use-source-control = Indicates if source control should be used. - -# For the "fod sast start" command -fcli.fod.sast.start.usage.header = Start a new SAST scan on Fortify on Demand (FoD). -fcli.fod.sast.start.start-date = Date to start the scan (in MM/dd/yyyy HH:mm format). -fcli.fod.sast.start.remediation = Identify this scan as a remediation scan. -fcli.fod.sast.start.skip-if-running = Check to see if static scan is already running before starting. -fcli.fod.sast.start.entitlement-id = The Id of the entitlement to use for the scan. -fcli.fod.sast.start.purchase-entitlement = Purchase an entitlement if one is not currently allocated or available. -fcli.fod.sast.start.notes = Scan notes. -fcli.fod.sast.start.file = Absolute path of the ScanCentral package (.Zip) file to upload. -fcli.fod.sast.start.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. - -# For the "fod sast cancel" command -fcli.fod.sast.cancel.usage.header = Cancel a SAST scan from Fortify on Demand (FoD). - -# For the "fod sast get" command -fcli.fod.sast.get.usage.header = Get a specific SAST scan from Fortify on Demand (FoD). - -# For the "fod sast list" command -fcli.fod.sast.list.usage.header = List SAST scans on Fortify on Demand (FoD). -fcli.fod.sast.list.latest-first = List latest scans first. - -# For the "fod sast import" command -fcli.fod.sast.import.usage.header = Import an existing SAST scan (in FPR format) on Fortify on Demand (FoD). -fcli.fod.sast.import.file = Absolute path of the (FPR) scan file to upload. -fcli.fod.sast.import.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. - -# For the "fod sast wait-for" command -fcli.fod.sast.wait-for.usage.description = Wait for one or more scans to reach or exit specified scan statuses. -# Re-uses generic options - - -### For the "fod oss-scan" command ### -fcli.fod.oss-scan.usage.header = Commands for interacting with OSS scans on Fortify on Demand (FoD). - -# For the "fod oss-scan list" command -fcli.fod.oss-scan.list.usage.header = List OSS scans on Fortify on Demand (FoD). -fcli.fod.oss-scan.list.latest-first = List latest scans first. - -# For the "fod oss-scan import" command -fcli.fod.oss-scan.import.usage.header = Import an existing OSS scan (in JSON SBOM format) on Fortify on Demand (FoD). -fcli.fod.oss-scan.import.file = Absolute path of the (JSON) SBOM file to upload. -fcli.fod.oss-scan.import.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. +# For the "fod scan import" commands +fcli.fod.scan.import-sast.usage.header = Import an existing SAST scan (in FPR format) on Fortify on Demand (FoD). +fcli.fod.scan.import-sast.file = Absolute path of the (FPR) scan file to upload. +fcli.fod.scan.import-sast.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. +fcli.fod.scan.import-dast.usage.header = Import an existing DAST scan (in FPR format) on Fortify on Demand (FoD). +fcli.fod.scan.import-dast.file = ${fcli.fod.scan.import-sast.file} +fcli.fod.scan.import-dast.chunk-size = ${fcli.fod.scan.import-sast.chunk-size} +fcli.fod.scan.import-oss.usage.header = Import an existing OSS scan (in JSON SBOM format) on Fortify on Demand (FoD). +fcli.fod.scan.import-oss.file = ${fcli.fod.scan.import-sast.file} +fcli.fod.scan.import-oss.chunk-size = ${fcli.fod.scan.import-sast.chunk-size} +fcli.fod.scan.import-mobile.usage.header = Import an existing Mobile scan (in FPR format) on Fortify on Demand (FoD). +fcli.fod.scan.import-mobile.file = ${fcli.fod.scan.import-sast.file} +fcli.fod.scan.import-mobile.chunk-size = ${fcli.fod.scan.import-sast.chunk-size} + +# For the "fod scan setup" commands +fcli.fod.scan.setup-sast.usage.header = Setup a new SAST scan on Fortify on Demand (FoD). +fcli.fod.scan.setup-sast.entitlement-frequency = Entitlement frequency, e.g. Single or Subscription. +fcli.fod.scan.setup-sast.entitlement-id = Entitlement Id to use. If not specified Frequency and Assessment Type will be used to find one. +fcli.fod.scan.setup-sast.technology-stack = The technology stack of the application. Use `fcli fod lookup list --type TechnologyTypes` to see the values. +fcli.fod.scan.setup-sast.language-level = The language level of the technology stack (if needed). Use `fcli fod lookup list --type LanguageLevels -q "group=XXX"` to see the values. +fcli.fod.scan.setup-sast.oss = Perform Open Source Analysis scan. +fcli.fod.scan.setup-sast.audit-preference = Audit preference, e.g. Manual or Automated +fcli.fod.scan.setup-sast.include-third-party-libs = Indicates if third party libraries should be included. +fcli.fod.scan.setup-sast.use-source-control = Indicates if source control should be used. +fcli.fod.scan.setup-dast.usage.header = Setup a new DAST scan on Fortify on Demand (FoD). +fcli.fod.scan.setup-mobile.usage.header = Setup a new Mobile scan on Fortify on Demand (FoD). + +# For the "fod scan start" commands +fcli.fod.scan.start-sast.usage.header = Start a new SAST scan on Fortify on Demand (FoD). +fcli.fod.scan.start-sast.start-date = Date to start the scan (in MM/dd/yyyy HH:mm format). +fcli.fod.scan.start-sast.remediation = Identify this scan as a remediation scan. +fcli.fod.scan.start-sast.skip-if-running = Check to see if static scan is already running before starting. +fcli.fod.scan.start-sast.entitlement-id = The Id of the entitlement to use for the scan. +fcli.fod.scan.start-sast.purchase-entitlement = Purchase an entitlement if one is not currently allocated or available. +fcli.fod.scan.start-sast.notes = Scan notes. +fcli.fod.scan.start-sast.file = Absolute path of the ScanCentral package (.Zip) file to upload. +fcli.fod.scan.start-sast.chunk-size = Fragment size (in bytes) for file uploads. Default is 8Mb. +fcli.fod.scan.start-dast.usage.header = Start a new DAST scan on Fortify on Demand (FoD). +fcli.fod.scan.start-mobile.usage.header = Start a new Mobile scan on Fortify on Demand (FoD). +fcli.fod.scan.start-mobile.start-date = ${fcli.fod.scan.start-sast.start-date} +fcli.fod.scan.start-mobile.entitlement-id = ${fcli.fod.scan.start-sast.entitlement-id} +fcli.fod.scan.start-mobile.notes = ${fcli.fod.scan.start-sast.notes} +fcli.fod.scan.start-mobile.file = ${fcli.fod.scan.start-sast.file} +fcli.fod.scan.start-mobile.chunk-size = ${fcli.fod.scan.start-sast.chunk-size} +fcli.fod.scan.start-mobile.framework = The Mobile Framework to use. Valid values: ${COMPLETION-CANDIDATES}. +fcli.fod.scan.start-mobile.timezone = The timezone to use for starting the scan - default is UTC. Use `fcli fod lookup list --type TimeZones` to see the values. ### For the "fod user" command ### @@ -353,7 +304,7 @@ fcli.fod.session.logout.usage.header = Logout of Fortify on Demand (FoD). # The following are technical properties that shouldn't be internationalized #################################### ################################################################################################################# -# Property default values that are usually set when running fcli, but which may not be available when +# Property default values that are usually set when running fcli, but which may not be available when # generating AsciiDoc man-pages. fcli.env.default.prefix=FCLI_DEFAULT @@ -403,49 +354,6 @@ fcli.fod.scan.output.header.applicationName = Application fcli.fod.scan.output.header.microserviceName = Microservice fcli.fod.scan.output.header.releaseName = Release -fcli.fod.sast.output.table.options = scanId,assessmentTypeName,analysisStatusType,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.sast.cancel.output.table.options = scanId,assessmentTypeName,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.sast.setup.output.table.options = releaseId,technologyStack,entitlementId -fcli.fod.sast.output.header.scanId = Id -fcli.fod.sast.output.header.scanType = Type -fcli.fod.sast.output.header.analysisStatusType = Analysis Status -fcli.fod.sast.output.header.assessmentTypeName = Assessment Type -fcli.fod.sast.output.header.startedDateTime = Started -fcli.fod.sast.output.header.completedDateTime = Completed -fcli.fod.sast.output.header.scanMethodTypeName = Scan Method -fcli.fod.sast.output.header.applicationName = Application -fcli.fod.sast.output.header.microserviceName = Microservice -fcli.fod.sast.output.header.releaseName = Release -fcli.fod.sast.output.header.entitlementId = Entitlement Id -fcli.fod.sast.output.header.entitlementFrequencyType = Frequency -fcli.fod.sast.output.header.technologyStack = Technology Stack - -fcli.fod.dast.output.table.options = scanId,assessmentTypeName,analysisStatusType,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.dast.scan.cancel.output.table.options = scanId,assessmentTypeName,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.dast.output.header.scanId = Id -fcli.fod.dast.output.header.scanType = Type -fcli.fod.dast.output.header.analysisStatusType = Analysis Status -fcli.fod.dast.output.header.assessmentTypeName = Assessment Type -fcli.fod.dast.output.header.startedDateTime = Started -fcli.fod.dast.output.header.completedDateTime = Completed -fcli.fod.dast.output.header.scanMethodTypeName = Scan Method -fcli.fod.dast.output.header.applicationName = Application -fcli.fod.dast.output.header.microserviceName = Microservice -fcli.fod.dast.output.header.releaseName = Release - -fcli.fod.oss-scan.output.table.options = scanId,assessmentTypeName,analysisStatusType,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.oss-scan.scan.cancel.output.table.options = scanId,assessmentTypeName,applicationName,microserviceName,releaseName,startedDateTime,completedDateTime,scanMethodTypeName -fcli.fod.oss-scan.output.header.scanId = Id -fcli.fod.oss-scan.output.header.scanType = Type -fcli.fod.oss-scan.output.header.analysisStatusType = Analysis Status -fcli.fod.oss-scan.output.header.assessmentTypeName = Assessment Type -fcli.fod.oss-scan.output.header.startedDateTime = Started -fcli.fod.oss-scan.output.header.completedDateTime = Completed -fcli.fod.oss-scan.output.header.scanMethodTypeName = Scan Method -fcli.fod.oss-scan.output.header.applicationName = Application -fcli.fod.oss-scan.output.header.microserviceName = Microservice -fcli.fod.oss-scan.output.header.releaseName = Release - fcli.fod.user.output.table.options = userId,userName,firstName,lastName,email,roleName fcli.fod.user.update.output.table.options = userId,userName,firstName,lastName,email,roleName fcli.fod.user.delete.output.table.options = userId,userName