sca endpoint

Mixeway · Jun 13, 2024 · 499fdeb · 499fdeb
1 parent a13f86e
commit 499fdeb
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 7 deletions.
diff --git a/src/main/java/io/mixeway/api/cioperations/service/CiOperationsService.java b/src/main/java/io/mixeway/api/cioperations/service/CiOperationsService.java
@@ -129,7 +129,7 @@ public ResponseEntity<CIVulnManageResponse> codeVerify(String codeGroup, String
                 CodeProject codeProjectToVerify =sastRequestVerify.getCp();
                 CIVulnManageResponse ciVulnManageResponse = new CIVulnManageResponse();
                 if (StringUtils.isNotBlank(codeProjectToVerify.getdTrackUuid())){
-                    openSourceScanService.loadVulnerabilities(codeProjectToVerify);
+                    openSourceScanService.loadVulnerabilities(codeProjectToVerify, null,null);
                 }
                 List<VulnManageResponse> vmr = createVulnManageResponseForCodeProject(codeProjectToVerify);
                 ciVulnManageResponse.setVulnManageResponseList(vmr);
@@ -239,7 +239,7 @@ public ResponseEntity<Status> infoScanPerformed(InfoScanPerformed infoScanPerfor
                 createCiOperationsService.create(codeProject.get(), infoScanPerformed);
             }
             updateCodeProjectService.changeCommitId(infoScanPerformed.getCommitId(), codeProject.get());
-            openSourceScanService.loadVulnerabilities(codeProject.get());
+            openSourceScanService.loadVulnerabilities(codeProject.get(),null,null);
             return new ResponseEntity<>(HttpStatus.OK);
         } else {
             return new ResponseEntity<>(HttpStatus.NOT_FOUND);
@@ -359,7 +359,7 @@ public ResponseEntity<Status> performSastScanForCodeProject(Long codeProjectId,
         if (codeProject.isPresent() && permissionFactory.canUserAccessProject(principal, codeProject.get().getProject())) {
             codeScanService.putCodeProjectToQueue(codeProjectId,principal);
             if (StringUtils.isNotBlank(codeProject.get().getdTrackUuid())) {
-                openSourceScanService.loadVulnerabilities(codeProject.get());
+                openSourceScanService.loadVulnerabilities(codeProject.get(), null, null);
                 log.info("[CICD] {} Loaded OpenSource Vulns for project - {}", principal.getName(), codeProject.get().getName());
             }
             log.info("[CICD] {} put SAST Project in queue - {}", principal.getName(), codeProject.get().getName());
@@ -397,7 +397,7 @@ public ResponseEntity<SecurityGatewayResponse> getVulnerabilitiesForCodeProject(
         Optional<CodeProject> codeProject = codeProjectRepository.findById(codeProjectId);
         if (codeProject.isPresent() && permissionFactory.canUserAccessProject(principal, codeProject.get().getProject())) {
             List<ProjectVulnerability> vulns = vulnTemplate.projectVulnerabilityRepository.findByCodeProject(codeProject.get());
-            openSourceScanService.loadVulnerabilities(codeProject.get());
+            openSourceScanService.loadVulnerabilities(codeProject.get(), null, null);
             List<Vuln> vulnList = new ArrayList<>();
             for (ProjectVulnerability pv : vulns){
                 if (pv.getVulnerabilitySource().getId().equals(vulnTemplate.SOURCE_OPENSOURCE.getId())){

diff --git a/src/main/java/io/mixeway/api/vulnmanage/service/GetVulnerabilitiesService.java b/src/main/java/io/mixeway/api/vulnmanage/service/GetVulnerabilitiesService.java
@@ -359,7 +359,7 @@ public ResponseEntity<CIVulnManageResponse> getCiScoreForCodeProject(String code
         SecurityGateway securityGateway = securityGatewayRepository.findAll().stream().findFirst().orElse(null);
         if (securityGateway != null && cp.isPresent()) {
             if (StringUtils.isNotBlank(cp.get().getdTrackUuid())) {
-                openSourceScanService.loadVulnerabilities(cp.get());
+                openSourceScanService.loadVulnerabilities(cp.get(),null,null);
             }
             List<VulnManageResponse> vulnManageResponses = createVulnManageResponseForCodeProject(cp.get());
             CIVulnManageResponse ciVulnManageResponse = new CIVulnManageResponse();

diff --git a/src/main/java/io/mixeway/scheduler/GlobalScheduler.java b/src/main/java/io/mixeway/scheduler/GlobalScheduler.java
@@ -123,7 +123,7 @@ public void getDepTrackVulns() {
                 }
                     try {
 
-                        openSourceScanService.loadVulnerabilities(cp);
+                        openSourceScanService.loadVulnerabilities(cp,null,null);
                     } catch (CertificateException | UnrecoverableKeyException | NoSuchAlgorithmException | KeyManagementException | KeyStoreException | IOException e) {
                         log.error("Error {} during OpenSource Scan Synchro for {}", e.getLocalizedMessage(), cp.getName());
                     }

diff --git a/src/test/java/io/mixeway/scanmanager/service/opensource/OpenSourceScanServiceTest.java b/src/test/java/io/mixeway/scanmanager/service/opensource/OpenSourceScanServiceTest.java
@@ -112,7 +112,7 @@ void loadVulnerabilities() throws UnrecoverableKeyException, CertificateExceptio
         }
         Mockito.doNothing().when(dependencyTrackApiClient).loadVulnerabilities(Mockito.any(CodeProject.class),Mockito.any(CodeProjectBranch.class));
         Mockito.when(dependencyTrackApiClient.canProcessRequest(Mockito.any(CodeProject.class))).thenReturn(true);
-        openSourceScanService.loadVulnerabilities(codeProject);
+        openSourceScanService.loadVulnerabilities(codeProject, null, null);
         List<ProjectVulnerability> projectVulnerabilities = vulnTemplate.projectVulnerabilityRepository.findByCodeProject(codeProject);
         assertEquals(15, projectVulnerabilities.size());
     }