Class: Pipeline::Checkmarx

Inherits:
BaseTask show all
Includes:
Util
Defined in:
lib/pipeline/tasks/checkmarx.rb

Instance Attribute Summary

Attributes inherited from BaseTask

#appname, #description, #findings, #labels, #name, #stage, #trigger, #warnings

Instance Method Summary collapse

Methods included from Util

#fingerprint, #relative_path, #runsystem, #strip_archive_path

Methods inherited from BaseTask

#directories_with?, #report, #severity, #warn

Constructor Details

#initialize(trigger, tracker) ⇒ Checkmarx

Returns a new instance of Checkmarx.



10
11
12
13
14
15
16
 
# File 'lib/pipeline/tasks/checkmarx.rb', line 10

def initialize(trigger, tracker)
  super(trigger, tracker)
  @name = "Checkmarx"
  @description = "CxSAST"
  @stage = :code
  @labels << "code"
end

Instance Method Details

#analyzeObject 



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/pipeline/tasks/checkmarx.rb', line 33

def analyze
  begin
    @results.each do |result|
      description = result.parent.attributes['name'].value.gsub('_', ' ')
      detail = result.attributes['DeepLink'].value
      source = { :scanner => @name, :file => result.attributes['FileName'].value, :line =>  result.attributes['Line'].value.to_i, :code => result.at_xpath('Path/PathNode/Snippet/Line/Code').text }
      sev = severity(result.parent.attributes['Severity'].value)
      fprint = fingerprint("#{description}#{source}#{sev}")

      report description, detail, source, sev, fprint
    end
  rescue Exception => e
    Pipeline.warn e.message
    Pipeline.warn e.backtrace
  end
end

#runObject 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/pipeline/tasks/checkmarx.rb', line 18

def run
  rootpath = @trigger.path
  runsystem(true, "runCxConsole.sh", "scan", "-v",
    "-CxUser", "#{@tracker.options[:checkmarx_user]}",
    "-CxPassword", "#{@tracker.options[:checkmarx_password]}",
    "-CxServer", "#{@tracker.options[:checkmarx_server]}",
    "-LocationType", "folder",
    "-LocationPath", "#{rootpath}",
    "-ProjectName", "#{@tracker.options[:checkmarx_project]}",
    "-ReportXML", "#{rootpath}checkmarx_results.xml",
    "-Log", "#{@tracker.options[:checkmarx_log]}"
  )
  @results = Nokogiri::XML(File.read("#{rootpath}checkmarx_results.xml")).xpath '//Result'
end

#supported?Boolean

Returns:

  • (Boolean) 


50
51
52
53
54
55
56
57
58
 
# File 'lib/pipeline/tasks/checkmarx.rb', line 50

def supported?
  supported=runsystem(true, "runCxConsole.sh", "--help")
  if supported =~ /command not found/
    Pipeline.notify "Install CxConsolePlugin"
    return false
  else
    return true
  end
end