public void GetLatestStatus(ApplicationProfile app)
{
app.id = $"{_veracodeRepository.GetAllApps().SingleOrDefault(x => x.app_name == app.application_name).app_id}";
var sandboxes = _veracodeRepository.GetSandboxesForApp(app.id);
var latest_policy_build = _veracodeRepository.GetLatestScan(app.id).build;
var scanStatus = _veracodeService.GetScanStatus(app.id, $"{latest_policy_build.build_id}");
_logger.LogInformation($"[{app.application_name}][Policy][Scan Status] {VeracodeEnumConverter.Convert(scanStatus)}");
var compliance = VeracodeEnumConverter.Convert(latest_policy_build.policy_compliance_status);
_logger.LogInformation($"[{app.application_name}][Policy][Compliance Status] {compliance}");
foreach (var sandbox in sandboxes)
{
var latest_sandbox_build = _veracodeRepository.GetLatestScanSandbox(app.id, $"{sandbox.sandbox_id}");
if (latest_sandbox_build == null)
{
_logger.LogInformation($"[{app.application_name}][Sandbox {sandbox.sandbox_name}][Scan Status] There are no scans!");
}
else
{
var latest_sandbox_build_id = $"{latest_sandbox_build.build.build_id}";
var scanSandboxStatus = _veracodeService.GetScanStatus(app.id, latest_sandbox_build_id);
_logger.LogInformation($"[{app.application_name}][Sandbox {sandbox.sandbox_name}][Scan Status] {VeracodeEnumConverter.Convert(scanSandboxStatus)}");
var sandboxCompliance = VeracodeEnumConverter.Convert(latest_sandbox_build.build.policy_compliance_status);
_logger.LogInformation($"[{app.application_name}][Sandbox {sandbox.sandbox_name}][Compliance Status] {VeracodeEnumConverter.Convert(latest_sandbox_build.build.policy_compliance_status)}");
}
}
}
public bool HasAppChanged(ApplicationProfile app)
{
var retrievedApp = _veracodeRepository.GetAllApps()
.SingleOrDefault(x => x.app_name == app.application_name);
if (retrievedApp == null)
{
Console.WriteLine($"There is no application profile with the name {app.application_name}.");
return(true);
}
var appDetail = _veracodeRepository.GetAppDetail($"{retrievedApp.app_id}");
if (appDetail.application[0].business_criticality != VeracodeEnumConverter.Convert(app.criticality))
{
Console.WriteLine($"The criticality for {app.application_name} is no longer {appDetail.application[0].business_criticality} it is {app.criticality}.");
return(true);
}
if (appDetail.application[0].business_owner_email != app.business_owner_email)
{
Console.WriteLine($"The business_owner_email for {app.application_name} is no longer {appDetail.application[0].business_owner_email} it is {app.business_owner_email}.");
return(true);
}
if (appDetail.application[0].business_owner != app.business_owner)
{
Console.WriteLine($"The business_owner for {app.application_name} is no longer {appDetail.application[0].business_owner} it is {app.business_owner}.");
return(true);
}
return(false);
}
private static string[] BuildEvents(string appId)
{
Console.WriteLine($"Checking for Build Events.");
var veracodeRepository = _serviceProvider.GetService <IVeracodeRepository>();
var myBuildRepo = _serviceProvider.GetService <IGenericRepository <Build> >();
var messageService = _serviceProvider.GetService <IMessageService>();
var currentBuildsInDb = myBuildRepo
.GetAll()
.Where(x => x.AppId == appId)
.Select(x => x.Id)
.ToArray();
var buildIds = veracodeRepository
.GetAllBuildsForApp(appId).Select(x => $"{x.build_id}")
.ToArray();
var removedBuildIds = currentBuildsInDb.Except(buildIds);
foreach (var buildId in removedBuildIds)
{
var build = myBuildRepo.GetAll().SingleOrDefault(x => x.Id == buildId);
Console.WriteLine($"The build {build.Name} with ID {build.Id} was deleted from Veracode.");
messageService.SendMessage(MessageTypes.BuildEvent, $"The build {build.Name} with ID {build.Id} was deleted from Veracode.", build);
myBuildRepo.Delete(build);
}
var addedBuildIds = buildIds.Except(currentBuildsInDb);
foreach (var buildId in addedBuildIds)
{
var build = veracodeRepository.GetBuildDetail(appId, buildId);
Console.WriteLine($"The build {build.build.version} with ID {build.build_id} was created from Veracode.");
messageService.SendMessage(MessageTypes.BuildEvent, $"The build {build.build.version} with ID {build.build_id} was created from Veracode.", build);
myBuildRepo.Create(new Build {
Id = $"{build.build_id}", AppId = appId, Name = build.build.version, Status = VeracodeEnumConverter.Convert(build.build.analysis_unit[0].status)
});
}
var buildsToUpdate = buildIds.Intersect(currentBuildsInDb);
foreach (var buildId in buildsToUpdate)
{
var myBuild = myBuildRepo.GetAll().SingleOrDefault(x => x.Id == buildId);
var build = veracodeRepository.GetBuildDetail(appId, buildId);
if (VeracodeEnumConverter.Convert(build.build.analysis_unit[0].status) != myBuild.Status)
{
myBuild.Status = VeracodeEnumConverter.Convert(build.build.analysis_unit[0].status);
Console.WriteLine($"The build {build.build.version} with ID {build.build_id} status has been updated to {myBuild.Status}.");
messageService.SendMessage(MessageTypes.BuildEvent, $"The build {build.build.version} with ID {build.build_id} status has been updated to {myBuild.Status}.", myBuild);
myBuildRepo.Update(myBuild);
}
}
Console.WriteLine($"Finished Build Events.");
return(buildsToUpdate.ToArray());
}
public void UpdateApp(ApplicationProfile app)
{
var app_id = _veracodeRepository
.GetAllApps()
.SingleOrDefault(x => x.app_name == app.application_name)
.app_id;
var returnedApp = _veracodeRepository.GetAppDetail($"{app_id}").application[0];
returnedApp.business_criticality = VeracodeEnumConverter.Convert(app.criticality);
returnedApp.business_owner = app.business_owner;
returnedApp.business_owner_email = app.business_owner_email;
_veracodeRepository.UpdateApp(returnedApp);
}
public bool CreateApp(ApplicationProfile app)
{
var newApp = _veracodeRepository.CreateApp(new ApplicationType
{
app_name = app.application_name,
business_owner = app.business_owner,
business_owner_email = app.business_owner_email,
business_criticality = VeracodeEnumConverter.Convert(app.criticality),
policy = app.application_name
});
return(_veracodeRepository
.GetAllApps()
.Any(x => x.app_name == app.application_name));
}