Exemple #1
0
        private async Task <ProjectPolicyIndex> PopulatePolicies()
        {
            // Policies may not have data if M&O is not installed.
            try
            {
                return(await Task.Run(
                           () =>
                {
                    _log.Debug("Retrieving policies, if available.");

                    return new ProjectPolicyIndex(CxMnoPolicies.GetAllPolicies(RestContext, CancelToken));
                }, CancelToken));
            }
            catch (Exception ex)
            {
                String msg = "Policy data is not available. M&O was unreachable.  You can omit the M&O URL in the configuration if M&O is not installed.";

                if (_log.IsDebugEnabled)
                {
                    _log.Debug(msg, ex);
                }
                else
                {
                    _log.Warn(msg);
                }
            }


            return(null);
        }
Exemple #2
0
        private Transformer(CxRestContext ctx, CancellationToken token,
                            String previousStatePath)
        {
            RestContext = ctx;
            CancelToken = token;

            Policies = null;

            _log.Debug("Retrieving policies, if available.");

            // Policies may not have data if M&O is not installed.
            try
            {
                Policies = new ProjectPolicyIndex(CxMnoPolicies.GetAllPolicies(ctx, token));
            }
            catch (Exception ex)
            {
                _log.Warn("Policy data is not available.", ex);
            }


            // Populate the data resolver with teams and presets
            DataResolver dr = new DataResolver();

            _log.Debug("Retrieving presets.");

            var presetEnum = CxPresets.GetPresets(RestContext, CancelToken);

            foreach (var preset in presetEnum)
            {
                dr.addPreset(preset.PresetId, preset.PresetName);
            }

            _log.Debug("Retrieving teams.");

            var teamEnum = CxTeams.GetTeams(RestContext, CancelToken);

            foreach (var team in teamEnum)
            {
                dr.addTeam(team.TeamId, team.TeamName);
            }

            _log.Debug("Resolving projects.");

            // Now populate the project resolver with the projects
            ProjectResolver pr = dr.Resolve(previousStatePath);

            var projects = CxProjects.GetProjects(RestContext, CancelToken);

            foreach (var p in projects)
            {
                String combinedPolicyNames = String.Empty;

                if (Policies != null)
                {
                    try
                    {
                        IEnumerable <int> projectPolicyList = CxMnoPolicies.GetPolicyIdsForProject
                                                                  (ctx, token, p.ProjectId);

                        Policies.CorrelateProjectToPolicies(p.ProjectId, projectPolicyList);
                        combinedPolicyNames = GetFlatPolicyNames(Policies, projectPolicyList);
                    }
                    catch (Exception ex)
                    {
                        _log.Warn($"Unable to correlate policies to project {p.ProjectId}: {p.ProjectName}. " +
                                  $"Policy statistics will be unavalable.", ex);
                    }
                }

                var cfDict = new SortedDictionary <String, String>();
                p.CustomFields.ForEach((cf) => cfDict.Add(cf.FieldName, cf.FieldValue));

                pr.AddProject(p.TeamId, p.PresetId, p.ProjectId, p.ProjectName, combinedPolicyNames, cfDict);
            }

            // Resolve projects to get the scan resolver.
            ScanResolver sr = pr.Resolve(_mapActions);

            try
            {
                _log.Debug("Retrieving SAST scans.");

                var sastScans = CxSastScans.GetScans(RestContext, CancelToken, CxSastScans.ScanStatus.Finished);

                foreach (var sastScan in sastScans)
                {
                    _log.Debug($"SAST scan record: {sastScan}");

                    sr.AddScan(sastScan.ProjectId, sastScan.ScanType, SAST_PRODUCT_STRING,
                               sastScan.ScanId, sastScan.FinishTime);

                    SastScanCache.Add(sastScan.ScanId, sastScan);
                }


                _log.Debug("Retrieving OSA scans.");

                foreach (var p in projects)
                {
                    var scaScans = CxOsaScans.GetScans(ctx, token, p.ProjectId);
                    foreach (var scaScan in scaScans)
                    {
                        _log.Debug($"OSA scan record: {scaScan}");

                        sr.AddScan(scaScan.ProjectId, "Composition", SCA_PRODUCT_STRING, scaScan.ScanId,
                                   scaScan.FinishTime);
                        ScaScanCache.Add(scaScan.ScanId, scaScan);
                    }
                }

                ScanDescriptors = sr.Resolve(CheckTime);
            }
            catch (AggregateException aex)
            {
                _log.Error($"Multiple errors caught resolving scans.");

                int count = 0;
                aex.Handle(
                    (ex) =>
                {
                    _log.Error($"Exception {++count}: ", ex);
                    return(true);
                });
            }
            catch (Exception ex)
            {
                _log.Error($"Error resolving scans, server may be unavailable.", ex);
            }
        }
Exemple #3
0
        private Transformer(CxRestContext ctx, CancellationToken token,
                            String previousStatePath)
        {
            RestContext = ctx;
            CancelToken = token;

            Policies = null;

            // Policies may not have data if M&O is not installed.
            try
            {
                Policies = new ProjectPolicyIndex(CxMnoPolicies.GetAllPolicies(ctx, token));
            }
            catch (Exception ex)
            {
                _log.Warn("Policy data is not available.", ex);
            }


            // Populate the data resolver with teams and presets
            DataResolver dr = new DataResolver();

            var presetEnum = CxPresets.GetPresets(RestContext, CancelToken);

            foreach (var preset in presetEnum)
            {
                dr.addPreset(preset.PresetId, preset.PresetName);
            }

            var teamEnum = CxTeams.GetTeams(RestContext, CancelToken);

            foreach (var team in teamEnum)
            {
                dr.addTeam(team.TeamId, team.TeamName);
            }

            // Now populate the project resolver with the projects
            ProjectResolver pr = dr.Resolve(previousStatePath);

            var projects = CxProjects.GetProjects(RestContext, CancelToken);

            foreach (var p in projects)
            {
                String combinedPolicyNames = String.Empty;

                if (Policies != null)
                {
                    try
                    {
                        IEnumerable <int> projectPolicyList = CxMnoPolicies.GetPolicyIdsForProject
                                                                  (ctx, token, p.ProjectId);

                        Policies.CorrelateProjectToPolicies(p.ProjectId, projectPolicyList);
                        combinedPolicyNames = GetFlatPolicyNames(Policies, projectPolicyList);
                    }
                    catch (Exception ex)
                    {
                        _log.Warn($"Unable to correlate policies to project {p.ProjectId}: {p.ProjectName}. " +
                                  $"Policy statistics will be unavalable.", ex);
                    }
                }

                pr.AddProject(p.TeamId, p.PresetId, p.ProjectId, p.ProjectName, combinedPolicyNames);
            }

            // Resolve projects to get the scan resolver.
            ScanResolver sr = pr.Resolve(_mapActions);

            try
            {
                var sastScans = CxSastScans.GetScans(RestContext, CancelToken, CxSastScans.ScanStatus.Finished);
                foreach (var sastScan in sastScans)
                {
                    sr.AddScan(sastScan.ProjectId, sastScan.ScanType, SAST_PRODUCT_STRING,
                               sastScan.ScanId, sastScan.FinishTime);

                    SastScanCache.Add(sastScan.ScanId, sastScan);
                }


                foreach (var p in projects)
                {
                    var scaScans = CxScaScans.GetScans(ctx, token, p.ProjectId);
                    foreach (var scaScan in scaScans)
                    {
                        sr.AddScan(scaScan.ProjectId, "Composition", SCA_PRODUCT_STRING, scaScan.ScanId,
                                   scaScan.FinishTime);
                        ScaScanCache.Add(scaScan.ScanId, scaScan);
                    }
                }

                ScanDescriptors = sr.Resolve(CheckTime);
            }
            catch (Exception ex)
            {
                _log.Error($"Error resolving scans, server may be unavailable.", ex);
            }
        }