/// <summary>
/// Lists all valid assessment types, with entitlement IDs, for Static submissions
/// </summary>
/// <param name="options"></param>
/// <param name="zipPath"></param>
private static void DisplayAccountInformation(Options options)
{
var api = new FoDapi(options, GetqueryParameters(new UriBuilder(options.UploadUrl)));
if (!api.IsLoggedIn())
{
if (!api.Authorize())
{
Trace.WriteLine("Error authenticating to Fortify on Demand, please check your settings.");
Environment.Exit(-1);
}
Trace.WriteLine("Successfully authenticated to Fortify on Demand.");
}
// Once logged in check and display entitlement information related to the release ID.
api.ListAssessmentTypes();
}
private static void Run(Options options)
{
var queryParameters = GetqueryParameters(new UriBuilder(options.UploadUrl));
_technologyStack = queryParameters.Get("ts");
_languageLevel = queryParameters.Get("ll");
_tenantCode = queryParameters.Get("tc");
_assessmentTypeId = queryParameters.Get("astid");
_includeAllFiles = options.IncludeAllPayload;
if ((string.IsNullOrEmpty(options.ApiToken) || string.IsNullOrEmpty(options.ApiTokenSecret)))
{
if (string.IsNullOrEmpty(options.Username) || string.IsNullOrEmpty(options.Password))
{
Trace.WriteLine("Error: You must specify either an API token and secret or a username and password to authenticate." + Environment.NewLine);
Trace.WriteLine(options.GetUsage());
Environment.Exit(-1);
}
_isTokenAuth = false;
}
// Workaround for trailing quote character in a folder bug in the CommandLine nuget library - will fix and submit a pull request on Github
if (options.Source.EndsWith("\""))
{
options.Source = options.Source.Trim('"');
}
// Check specified source path
CheckSource(options);
PrintSelectedOptions(options);
// If the user has selected to view entitlement information display it and exit
if (options.DisplayAccountInformation)
{
DisplayAccountInformation(options);
Trace.WriteLine("Note: You may specify an entitlement ID manually with --entitlementID <ID>, please run the utility without --displayEntitlement to proceed.");
if (_isConsole)
{
Trace.WriteLine("Press any key to quit...");
Console.ReadKey();
Environment.Exit(0);
}
Environment.Exit(0);
}
var zipPath = ZipFolder(options.Source);
var api = new FoDapi(options, zipPath, GetqueryParameters(new UriBuilder(options.UploadUrl)));
if (!api.IsLoggedIn())
{
if (!api.Authorize())
{
Trace.WriteLine("Error authenticating to Fortify on Demand, please check your settings.");
Environment.Exit(-1);
}
Trace.WriteLine("Successfully authenticated to Fortify on Demand.");
}
var fi = new FileInfo(zipPath);
double mbyteSize = (fi.Length / 1024f) / 1024f;
double kbyteSize = (fi.Length / 1024f);
Trace.WriteLine(fi.Length < (1024f * 1024f)
? $"Payload prepared size: {Math.Round(kbyteSize, 2)} kb"
: $"Payload prepared size: {Math.Round(mbyteSize, 2)} Mb");
if (mbyteSize > MaxUploadSizeInMb)
{
Trace.WriteLine($"Assessment payload size exceeds {MaxUploadSizeInMb} Mb, cannot continue.");
Environment.Exit(-1);
}
CheckReleaseStatus(api);
CheckAssessmentOptions(api, options);
api.SendScanPost();
// always retire the token
api.RetireToken();
// hold console open - ask around if this is something we want to do for interactive runs? Feedback has been conflicting regarding this behavior.
if (_isConsole)
{
Console.WriteLine("Press any key to exit...");
Console.ReadKey();
}
}