Merge pull request #12 from young-s-park/scancentral-renaming

Scancentral renaming

Author: akaryakina

README.md

@@ -27,9 +27,9 @@ call mvn -Djetty.port=8181 -DskipTests=true hpi:run
 
 You must obtain a Fortify SSC authentication token to use the plugin's server related functionality, which includes build failure conditions and getting all vulnerability results in Jenkins.
 
-* SSC authentication token (either JenkinsToken or CIToken). Token creation command:
+* SSC authentication token (CIToken). Token creation command:
   ```
-  $ fortifyclient token -gettoken JenkinsToken -url http://localhost:8180/ssc -user admin
+  $ fortifyclient token -gettoken CIToken -url http://localhost:8180/ssc -user admin
   ```
 * Tests. Some of the junit tests can utilize a connection to Fortify Software Security Center to verify the plugin functionality.
   To override the default SSC location (localhost:8080), you can specify the optional SSC URL parameter: 'ssc.url'.

src/main/java/com/fortify/plugin/jenkins/FortifyPlugin.java

@@ -1,5 +1,5 @@
 /*******************************************************************************
- * (c) Copyright 2019 Micro Focus or one of its affiliates. 
+ * (c) Copyright 2020 Micro Focus or one of its affiliates.
  * 
  * Licensed under the MIT License (the "License");
  * you may not use this file except in compliance with the License.
@@ -282,6 +282,10 @@ public String getUpdateServerUrl() {
 		return getUpdateContent() ? analysisRunType.getUpdateContent().getUpdateServerUrl() : "";
 	}
 
+	public String getLocale() {
+		return getUpdateContent() ? analysisRunType.getUpdateContent().getLocale() : "";
+	}
+
 	@Deprecated
 	public boolean getUpdateUseProxy() {
 		return getUpdateContent() && updateContent.getUpdateUseProxy();
@@ -715,7 +719,7 @@ private void runLocal(AbstractBuild<?, ?> build, Launcher launcher, BuildListene
 	private void performLocalTranslation(AbstractBuild<?, ?> build, Launcher launcher, BuildListener listener) throws IOException, InterruptedException {
 		// Update security content
 		if (getUpdateContent()) {
-			FortifyUpdate fu = new FortifyUpdate.Builder().updateServerURL(getUpdateServerUrl()).build();
+			FortifyUpdate fu = new FortifyUpdate.Builder().updateServerURL(getUpdateServerUrl()).locale(getLocale()).build();
 			fu.perform(build, launcher, listener);
 		}
 		// run Fortify SCA clean
@@ -821,16 +825,6 @@ private static <T> T runWithFortifyClient(String token, FortifyClient.Command<T>
 						client.init(url, token, proxyHost, proxyPort, DESCRIPTOR.getProxyUsername(),
 								DESCRIPTOR.getProxyPassword());
 					}
-					/*boolean useProxy = Jenkins.get().proxy != null;
-					if (!useProxy) {
-						client.init(url, token);
-					} else {
-						String proxyHost = Jenkins.get().proxy.name;
-						int proxyPort = Jenkins.get().proxy.port;
-						String proxyUsername = Jenkins.get().proxy.getUserName();
-						String proxyPassword = Jenkins.get().proxy.getPassword();
-						client.init(url, token, proxyHost, proxyPort, proxyUsername, proxyPassword);
-					}*/
 				}
 				return cmd.runWith(client);
 			} finally {
@@ -1142,7 +1136,8 @@ public FormValidation doTestCtrlConnection(@QueryParameter String ctrlUrl) throw
 			try {
 				response = client.newCall(request).execute();
 
-				if (response.isSuccessful() && response.body().string().contains("Fortify CloudScan Controller")) {
+				if (response.isSuccessful() && (response.body().string().contains("Fortify ScanCentral Controller") ||
+						response.body().string().contains("Fortify CloudScan Controller"))) {
 					return FormValidation.okWithMarkup("<font color=\"blue\">Connection successful!</font>");
 				} else {
 					return FormValidation.error("Connection failed. Check the Controller URL.");
@@ -1231,7 +1226,7 @@ private void checkCtrlUrlValue(String url) throws FortifyException {
 					if (url.trim().equalsIgnoreCase("http://") || url.trim().equalsIgnoreCase("https://")) {
 						throw new FortifyException(new Message(Message.ERROR, "URL host is required"));
 					}
-					if (!StringUtils.endsWith(url,"/cloud-ctrl")) {
+					if (!StringUtils.endsWith(url,"/scancentral-ctrl") && !StringUtils.endsWith(url,"/cloud-ctrl")) {
 						throw new FortifyException(new Message(Message.ERROR, "Invalid context"));
 					}
 				} else {
@@ -1713,27 +1708,21 @@ public Map<String, String> runWith(FortifyClient client) throws Exception {
 			return Collections.emptyList();
 		}
 
-		public ListBoxModel doFillTranslationApplicationTypeItems() {
-			ListBoxModel options = new ListBoxModel(5);
-			options.add("Java", "java");
-			options.add(".NET", "dotnet");
-			options.add("Maven 3", "maven3");
-			options.add("Gradle", "gradle");
-			options.add("Other", "other");
-			return options;
-		}
+		public ListBoxModel doFillLocaleItems(String value) {
+			ListBoxModel items = new ListBoxModel();
+			items.add("English", "en");
+			items.add("Chinese Simplified", "zh_CN");
+			items.add("Chinese Traditional", "zh_TW");
+			items.add("Japanese", "ja");
+			items.add("Korean", "ko");
+			items.add("Portuguese (Brazil)", "pt_BR");
+			items.add("Spanish", "es");
 
-		public ListBoxModel doFillTranslationJavaVersionItems() {
-			ListBoxModel options = new ListBoxModel();
-			options.add("1.5", "1.5");
-			options.add("1.6", "1.6");
-			options.add("1.7", "1.7");
-			options.add("1.8", "1.8");
-			options.add("1.9", "1.9");
-			options.add("10", "10");
-			options.add("11", "11");
-			options.add("12", "12");
-			return options;
+			if ((null == value) || (0 == value.length())) {
+				items.get(0).selected = true; // default to en_US
+			}
+
+			return items;
 		}
 	}
 
@@ -2396,6 +2385,7 @@ public String getScanLogFile() {
 
 	public static class UpdateContentBlock {
 		private String updateServerUrl;
+		private String locale;
 		private UseProxyBlock useProxy;
 
 		@DataBoundConstructor
@@ -2413,6 +2403,10 @@ public String getUpdateServerUrl() {
 		@DataBoundSetter
 		public void setUpdateServerUrl(String updateServerUrl) { this.updateServerUrl = updateServerUrl; }
 
+		public String getLocale() { return locale; }
+		@DataBoundSetter
+		public void setLocale(String locale) { this.locale = locale; }
+
 		@Deprecated
 		public boolean getUpdateUseProxy() {
 			return useProxy != null;

src/main/java/com/fortify/plugin/jenkins/steps/CloudScanArguments.java

@@ -48,13 +48,8 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull
         setLastBuild(run);
         PrintStream log = taskListener.getLogger();
         log.println("Fortify Jenkins plugin v " + VERSION);
-        log.println("Launching Fortify cloudscan arguments command");
-        //String projectRoot = filePath.getRemote() + File.separator + ".fortify";
-        String cloudscanExec = null;
-
-        if (cloudscanExec == null) {
-            cloudscanExec = getCloudScanExecutable(run, filePath, launcher, taskListener);
-        }
+        log.println("Launching Fortify scancentral arguments command");
+        String cloudscanExec = getScancentralExecutable(run, filePath, launcher, taskListener);
 
         EnvVars vars = run.getEnvironment(taskListener);
         ArrayList<String> args = new ArrayList<String>(2);

src/main/java/com/fortify/plugin/jenkins/steps/CloudScanMbs.java

@@ -116,11 +116,7 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull
         log.println("Fortify Jenkins plugin v " + VERSION);
         log.println("Performing Fortify remote scan");
         String projectRoot = filePath.getRemote() + File.separator + ".fortify";
-        String cloudscanExec = null;
-
-        if (cloudscanExec == null) {
-            cloudscanExec = getCloudScanExecutable(run, filePath, launcher, taskListener);
-        }
+        String cloudscanExec = getScancentralExecutable(run, filePath, launcher, taskListener);
 
         EnvVars vars = run.getEnvironment(taskListener);
         ArrayList<String> args = new ArrayList<String>(2);

src/main/java/com/fortify/plugin/jenkins/steps/CloudScanStart.java

@@ -29,8 +29,6 @@ public class CloudScanStart extends FortifyCloudScanStep implements SimpleBuildS
     private FortifyPlugin.RemoteOptionalConfigBlock remoteOptionalConfig;
     private FortifyPlugin.UploadSSCBlock uploadSSC;
 
-    //private String mbsFile;
-    //private boolean createMbs;
     private String buildID;
 
     @DataBoundConstructor
@@ -87,22 +85,6 @@ public boolean isIncludeTests() {
         }
     }
 
-    /*public String getMbsFile() {
-        return mbsFile;
-    }
-
-    public void setMbsFile(String mbsFile) {
-        this.mbsFile = mbsFile;
-    }
-
-    public boolean isCreateMbs() {
-        return createMbs;
-    }
-
-    public void setCreateMbs(boolean createMbs) {
-        this.createMbs = createMbs;
-    }*/
-
     public String getSensorPoolName() {
         return getRemoteOptionalConfig() == null ? "" : getRemoteOptionalConfig().getSensorPoolUUID();
     }
@@ -119,10 +101,6 @@ public String getFilterFile() {
         return getRemoteOptionalConfig() == null ? "" : getRemoteOptionalConfig().getFilterFile();
     }
 
-    /*public String getResultsFile() {
-        return getRemoteOptionalConfig() == null ? "" : getRemoteOptionalConfig().getResultsFile();
-    }*/
-
     public String getApplicationName() {
         return getUploadSSC() == null ? "" : getUploadSSC().getAppName();
     }
@@ -160,10 +138,6 @@ public String getResolvedBuildFile(TaskListener listener) {
         return resolve(getBuildFile(), listener);
     }
 
-    /*public String getResolvedMbsFile(TaskListener listener) {
-        return resolve(getMbsFile(), listener);
-    }*/
-
     public String getResolvedSensorPoolName(TaskListener listener) {
         return resolve(getSensorPoolName(), listener);
     }
@@ -182,8 +156,6 @@ public String getResolvedFilterFile(TaskListener listener) {
 
     public String getResolvedBuildID(TaskListener listener) { return resolve(getBuildID(), listener); }
 
-    /*public String getResolvedScanArgs(TaskListener listener) { return resolve(getScanOptions(), listener); }*/
-
     public String getResolvedApplicationName(TaskListener listener) { return resolve(getApplicationName(), listener); }
 
     public String getResolvedApplicationVersion(TaskListener listener) { return resolve(getApplicationVersion(), listener); }
@@ -196,8 +168,6 @@ public String getResolvedFilterFile(TaskListener listener) {
 
     public String getResolvedPhpVersion(TaskListener listener) { return resolve(getPhpVersion(), listener); }
 
-    /*public String getResolvedResultsFile(TaskListener listener) { return resolve(getResultsFile(), listener); }*/
-
     @Override
     public StepExecution start(StepContext context) throws Exception {
         return new Execution(this, context);
@@ -210,11 +180,7 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull
         log.println("Fortify Jenkins plugin v " + VERSION);
         log.println("Performing Fortify remote analysis");
         String projectRoot = filePath.getRemote() + File.separator + ".fortify";
-        String cloudscanExec = null;
-
-        if (cloudscanExec == null) {
-            cloudscanExec = getCloudScanExecutable(run, filePath, launcher, taskListener);
-        }
+        String cloudscanExec = getScancentralExecutable(run, filePath, launcher, taskListener);
 
         EnvVars vars = run.getEnvironment(taskListener);
         ArrayList<String> args = new ArrayList<String>(2);
@@ -270,11 +236,6 @@ public void perform(@Nonnull Run<?, ?> run, @Nonnull FilePath filePath, @Nonnull
             args.add("-project-root");
             args.add(projectRoot);
         }
-        /*if (StringUtils.isNotEmpty(getResolvedResultsFile(taskListener))) {
-            args.add("-o"); // overwrite existing FPR
-            args.add("-f");
-            args.add(getResolvedResultsFile(taskListener));
-        }*/
         if (StringUtils.isNotEmpty(getResolvedEmailAddr(taskListener))) {
             args.add("-email");
             args.add(getResolvedEmailAddr(taskListener));

src/main/java/com/fortify/plugin/jenkins/steps/FortifyCloudScanStep.java

@@ -27,7 +27,21 @@ public String getResolvedScanArgs(TaskListener listener) {
     protected String getCloudScanExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher,
                                          TaskListener listener) throws InterruptedException, IOException {
         return getExecutable("cloudscan" + (launcher.isUnix() ? "" : ".bat"), true, build, workspace, launcher,
-                listener);
+                listener, null);
     }
 
+    /* Look for scancentral executable in Jenkins environment, if not found, get the old cloudscan executable. It's considered not found
+     * if the getExecutable() returns just the filename rather than the full path.*/
+    protected String getScancentralExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher,
+                                            TaskListener listener) throws InterruptedException, IOException {
+        String filename = "scancentral" + (launcher.isUnix() ? "" : ".bat");
+        String msg = "Checking for cloudscan executable";
+        String exec = getExecutable(filename, true, build, workspace, launcher,
+                listener, msg);
+        if (exec.equals(filename)) {
+            return getCloudScanExecutable(build, workspace, launcher, listener);
+        } else {
+            return exec;
+        }
+    }
 }

src/main/java/com/fortify/plugin/jenkins/steps/FortifySCAStep.java

@@ -86,30 +86,32 @@ public void setLogFile(String logFile) {
 
 	protected String getSourceAnalyzerExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher,
 			TaskListener listener) throws InterruptedException, IOException {
-		return getExecutable("sourceanalyzer" + (launcher.isUnix() ? "" : ".exe"), true, build, workspace, launcher,
-				listener);
+		return getExecutable("sourceanalyzer" + (launcher.isUnix() ? "" : ".exe"), true, build, workspace,
+				launcher, listener, null);
 	}
 
 	protected String getMavenExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher, TaskListener listener)
 			throws InterruptedException, IOException {
-		return getExecutable("mvn" + (launcher.isUnix() ? "" : ".cmd"), false, build, workspace, launcher, listener);
+		return getExecutable("mvn" + (launcher.isUnix() ? "" : ".cmd"), false, build, workspace, launcher,
+				listener, null);
 	}
 
 	protected String getGradleExecutable(boolean useWrapper, Run<?, ?> build, FilePath workspace, Launcher launcher,
 			TaskListener listener) throws InterruptedException, IOException {
 		return getExecutable("gradle" + (useWrapper ? "w" : "") + (launcher.isUnix() ? "" : ".bat"), false, build,
-				workspace, launcher, listener);
+				workspace, launcher, listener, null);
 	}
 
 	protected String getDevenvExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher, TaskListener listener)
 			throws InterruptedException, IOException {
-		return getExecutable("devenv" + (launcher.isUnix() ? "" : ".exe"), false, build, workspace, launcher, listener);
+		return getExecutable("devenv" + (launcher.isUnix() ? "" : ".exe"), false, build, workspace, launcher,
+				listener, null);
 	}
 
 	protected String getMSBuildExecutable(Run<?, ?> build, FilePath workspace, Launcher launcher, TaskListener listener)
 			throws InterruptedException, IOException {
 		return getExecutable("msbuild" + (launcher.isUnix() ? "" : ".exe"), false, build, workspace, launcher,
-				listener);
+				listener, null);
 	}
 
 	public Integer getResolvedMaxHeap(TaskListener listener) {

src/main/java/com/fortify/plugin/jenkins/steps/FortifyStep.java

@@ -61,12 +61,13 @@ protected void setLastBuild(Run<?, ?> lastBuild) {
 	 * @param workspace
 	 * @param launcher
 	 * @param listener
+	 * @param msg
 	 * @return found executable or filename if not found
 	 * @throws InterruptedException
 	 * @throws IOException
 	 */
 	protected String getExecutable(String filename, boolean checkFortifyHome, Run<?, ?> build, FilePath workspace,
-			Launcher launcher, TaskListener listener) throws InterruptedException, IOException {
+			Launcher launcher, TaskListener listener, String msg) throws InterruptedException, IOException {
 		EnvVars env = build.getEnvironment(listener);
 		String fortifyHome = null;
 		String path = null;
@@ -82,13 +83,15 @@ protected String getExecutable(String filename, boolean checkFortifyHome, Run<?,
 		}
 		String s = workspace.act(new FindExecutableRemoteService(filename, fortifyHome, path, workspace));
 		if (s == null) {
-			listener.getLogger().printf("executable not found: %s%n", filename);
-			listener.getLogger().printf("\tfortify_home: %s%n", fortifyHome);
-			listener.getLogger().printf("\tpath: %s%n", path);
-			listener.getLogger().printf("\tworkspace: %s%n", workspace.getRemote());
+			listener.getLogger().printf("WARNING: %s executable not found in the Jenkins environment.%n", filename);
+			if (msg != null) {
+				listener.getLogger().println(msg);
+			} else {
+				listener.getLogger().printf("Checking system PATH for %s.%n", filename);
+			}
 			return filename;
 		} else {
-			listener.getLogger().printf("found executable: %s%n", s);
+			listener.getLogger().printf("Found executable: %s%n", s);
 			return s;
 		}
 	}