From 9a171c99efb0beb7959567b3d5850384e7c2195a Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Mon, 14 Apr 2025 11:50:43 +0300 Subject: [PATCH 01/10] update pre release --- .github/workflows/update-cli.yml | 38 ++++++++------------------------ 1 file changed, 9 insertions(+), 29 deletions(-) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 1b8017de..91b2633f 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -1,4 +1,5 @@ name: Update checkmarx ast cli + on: workflow_dispatch: repository_dispatch: @@ -23,51 +24,30 @@ jobs: git config --global user.name github-actions git config --global user.email github-actions@github.com - - name: Get Latest Checkmarx API version + - name: Set Hardcoded Checkmarx CLI version id: checkmarx-ast-cli run: | - echo ::set-output name=release_tag::$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name") - echo ::set-output name=current_tag::$(> $GITHUB_OUTPUT + echo "current_tag=$(> $GITHUB_OUTPUT - name: Update Checkmarx cli version if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag - env: - RELEASE_TAG: ${{ steps.checkmarx-ast-cli.outputs.release_tag }} run: | - # Update current release - echo ${{ steps.checkmarx-ast-cli.outputs.release_tag }} > checkmarx-ast-cli.version + echo "${{ steps.checkmarx-ast-cli.outputs.release_tag }}" > checkmarx-ast-cli.version - name: Download latest cli and update branch if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag run: | - # Update binaries chmod +x ./.github/scripts/update_cli.sh ./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }} - - name: Track large files with Git LFS + - name: Track large files with Git LFS and commit changes if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag run: | git lfs track "src/main/wrapper/resources/cx-linux" git lfs track "src/main/wrapper/resources/cx.exe" git lfs track "src/main/wrapper/resources/cx-mac" git add .gitattributes - git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac - git commit -m "Track Checkmarx CLI binaries with Git LFS" - - - name: Create Pull Request - id: cretae_pull_request - if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6 - with: - token: ${{ secrets.AUTOMATION_TOKEN }} - commit-message: Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }} - title: Update checkmarx-ast-cli binaries with ${{ steps.checkmarx-ast-cli.outputs.release_tag }} - body: | - Updates [checkmarx-ast-cli][1] to ${{ steps.checkmarx-ast-cli.outputs.release_tag }} - - Auto-generated by [create-pull-request][2] - - [1]: https://github.com/Checkmarx/checkmarx-ast-cli - labels: cxone - branch: feature/update_cli_${{ steps.checkmarx-ast-cli.outputs.release_tag }} - + git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac checkmarx-ast-cli.version + git commit -m "Update Checkmarx CLI to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}" || echo "No changes to commit" + git push origin HEAD From 7675678d00d9b78faaa6f831f37e97df8cdd0c39 Mon Sep 17 00:00:00 2001 From: github-actions Date: Mon, 14 Apr 2025 08:51:37 +0000 Subject: [PATCH 02/10] Update Checkmarx CLI to 2.3.19-traits --- checkmarx-ast-cli.version | 2 +- src/main/wrapper/resources/cx-linux | 4 ++-- src/main/wrapper/resources/cx-mac | 4 ++-- src/main/wrapper/resources/cx.exe | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/checkmarx-ast-cli.version b/checkmarx-ast-cli.version index ad37abb2..67cf6140 100644 --- a/checkmarx-ast-cli.version +++ b/checkmarx-ast-cli.version @@ -1 +1 @@ -2.3.18 +2.3.19-traits diff --git a/src/main/wrapper/resources/cx-linux b/src/main/wrapper/resources/cx-linux index e535daa0..b9e28683 100755 --- a/src/main/wrapper/resources/cx-linux +++ b/src/main/wrapper/resources/cx-linux @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:551ccf5ebba15baf0f3e58ca4053f7bf7874313529fba299cbf5f451aafcb2f8 -size 73134232 +oid sha256:4a103f2faa4edea065f0546072a34a4053cba39c61f559b92551bb409c69b518 +size 73138328 diff --git a/src/main/wrapper/resources/cx-mac b/src/main/wrapper/resources/cx-mac index 9afda8ea..7da754f8 100755 --- a/src/main/wrapper/resources/cx-mac +++ b/src/main/wrapper/resources/cx-mac @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:3781358fff51f440295a97b27108a7e9a473a2b10254280487afc789bca62a47 -size 147989360 +oid sha256:365fe19fbb3e4b2660c8528cc7ff597cc1be16dddee8e66a769934725372b7d3 +size 147989440 diff --git a/src/main/wrapper/resources/cx.exe b/src/main/wrapper/resources/cx.exe index 676ed7e1..714c8bef 100644 --- a/src/main/wrapper/resources/cx.exe +++ b/src/main/wrapper/resources/cx.exe @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:aa799496d86559052607dae544ec5a9556bcc4dbba3d4541bec3f704b32f0242 -size 75029888 +oid sha256:a6c445501b93e447fb498033c2f58c86f7582646d6b175470d0089da0e86fa5a +size 75033984 From 54456281f51a8bc74fa0ae1e52485345630dd234 Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Mon, 14 Apr 2025 14:33:42 +0300 Subject: [PATCH 03/10] add scanId to risk management --- src/main/wrapper/CxWrapper.ts | 3 ++- src/tests/ResultTest.test.ts | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/main/wrapper/CxWrapper.ts b/src/main/wrapper/CxWrapper.ts index 0afa2f33..228554ea 100644 --- a/src/main/wrapper/CxWrapper.ts +++ b/src/main/wrapper/CxWrapper.ts @@ -229,9 +229,10 @@ export class CxWrapper { return exec.executeResultsCommandsFile(scanId, CxConstants.FORMAT_JSON, CxConstants.FORMAT_JSON_FILE, commands, this.config.pathToExecutable, fileName); } - async riskManagementResults(projectId: string, limit?: number): Promise { + async riskManagementResults(projectId: string, scanId: string, limit?: number): Promise { const commands: string[] = [CxConstants.CMD_RESULT, CxConstants.CMD_RISK_MANAGEMENT]; commands.push(CxConstants.PROJECT_ID, projectId); + commands.push(CxConstants.SCAN_ID, scanId); if (limit !== undefined) { commands.push(CxConstants.CMD_LIMIT, limit.toString()); diff --git a/src/tests/ResultTest.test.ts b/src/tests/ResultTest.test.ts index 4ec203f3..2aff2d12 100644 --- a/src/tests/ResultTest.test.ts +++ b/src/tests/ResultTest.test.ts @@ -70,9 +70,10 @@ describe("Results cases",() => { it("Risk Management - Successful case", async () => { const auth = new CxWrapper(cxScanConfig); const projectId = "a5d99fa4-973d-48b5-86c7-6401487e1d52" + const scanId = "068feb0f-cb8a-4f79-b9b1-e6bec009e517" const cxCommandOutput: CxCommandOutput = await auth.riskManagementResults( - projectId + projectId, scanId ); const str = JSON.stringify(cxCommandOutput); @@ -91,8 +92,11 @@ describe("Results cases",() => { it("Risk Management - With Limit", async () => { const auth = new CxWrapper(cxScanConfig); const projectId = "a5d99fa4-973d-48b5-86c7-6401487e1d52" + const scanId = "068feb0f-cb8a-4f79-b9b1-e6bec009e517" + const cxCommandOutput: CxCommandOutput = await auth.riskManagementResults( projectId, + scanId, 10 ); From 8549f3daa16674c5dd208f867f17599843c7fd8d Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Thu, 17 Apr 2025 09:01:23 +0300 Subject: [PATCH 04/10] update version --- .github/workflows/update-cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 91b2633f..3a23caee 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -27,7 +27,7 @@ jobs: - name: Set Hardcoded Checkmarx CLI version id: checkmarx-ast-cli run: | - echo "release_tag=2.3.19-traits" >> $GITHUB_OUTPUT + echo "release_tag=2.3.19-daniel" >> $GITHUB_OUTPUT echo "current_tag=$(> $GITHUB_OUTPUT - name: Update Checkmarx cli version From 7503462095b13fe5a761ecf826b3306092cf06b0 Mon Sep 17 00:00:00 2001 From: github-actions Date: Thu, 17 Apr 2025 06:02:28 +0000 Subject: [PATCH 05/10] Update Checkmarx CLI to 2.3.19-daniel --- checkmarx-ast-cli.version | 2 +- src/main/wrapper/resources/cx-linux | 4 ++-- src/main/wrapper/resources/cx-mac | 4 ++-- src/main/wrapper/resources/cx.exe | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/checkmarx-ast-cli.version b/checkmarx-ast-cli.version index 67cf6140..e34d53ab 100644 --- a/checkmarx-ast-cli.version +++ b/checkmarx-ast-cli.version @@ -1 +1 @@ -2.3.19-traits +2.3.19-daniel diff --git a/src/main/wrapper/resources/cx-linux b/src/main/wrapper/resources/cx-linux index b9e28683..c4d248e1 100755 --- a/src/main/wrapper/resources/cx-linux +++ b/src/main/wrapper/resources/cx-linux @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:4a103f2faa4edea065f0546072a34a4053cba39c61f559b92551bb409c69b518 -size 73138328 +oid sha256:002e459612e623df85fcbc1334461b479bf495d07d0231dbdffd720940d3cd77 +size 73134232 diff --git a/src/main/wrapper/resources/cx-mac b/src/main/wrapper/resources/cx-mac index 7da754f8..fad4e1db 100755 --- a/src/main/wrapper/resources/cx-mac +++ b/src/main/wrapper/resources/cx-mac @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:365fe19fbb3e4b2660c8528cc7ff597cc1be16dddee8e66a769934725372b7d3 -size 147989440 +oid sha256:4e52001f43abe241fda0d1b26589da7d66f65c6ac8341ab2bb24962b252612d1 +size 147989392 diff --git a/src/main/wrapper/resources/cx.exe b/src/main/wrapper/resources/cx.exe index 714c8bef..27924da1 100644 --- a/src/main/wrapper/resources/cx.exe +++ b/src/main/wrapper/resources/cx.exe @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a6c445501b93e447fb498033c2f58c86f7582646d6b175470d0089da0e86fa5a -size 75033984 +oid sha256:b1263fe9cf89c27e44238db56e9beb4f58c1c180f59802d6165092a7a529ebae +size 75032960 From 5408f86d17f790e2de28444add5202cdfca73f2b Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Thu, 17 Apr 2025 12:15:13 +0300 Subject: [PATCH 06/10] commit --- .github/workflows/update-cli.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 3a23caee..89696106 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -51,3 +51,5 @@ jobs: git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac checkmarx-ast-cli.version git commit -m "Update Checkmarx CLI to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}" || echo "No changes to commit" git push origin HEAD + + \ No newline at end of file From 6ddaee4affa60f16c73756c9719db89765ac54b7 Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Thu, 17 Apr 2025 16:51:33 +0300 Subject: [PATCH 07/10] commit --- .github/workflows/update-cli.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 89696106..68c48fbb 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -27,7 +27,7 @@ jobs: - name: Set Hardcoded Checkmarx CLI version id: checkmarx-ast-cli run: | - echo "release_tag=2.3.19-daniel" >> $GITHUB_OUTPUT + echo "release_tag=2.3.19" >> $GITHUB_OUTPUT echo "current_tag=$(> $GITHUB_OUTPUT - name: Update Checkmarx cli version From f9d8ac4b238993de491222743e92839ecf67283c Mon Sep 17 00:00:00 2001 From: github-actions Date: Thu, 17 Apr 2025 13:52:14 +0000 Subject: [PATCH 08/10] Update Checkmarx CLI to 2.3.19 --- checkmarx-ast-cli.version | 2 +- src/main/wrapper/resources/cx-linux | 4 ++-- src/main/wrapper/resources/cx-mac | 4 ++-- src/main/wrapper/resources/cx.exe | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/checkmarx-ast-cli.version b/checkmarx-ast-cli.version index e34d53ab..d245ee86 100644 --- a/checkmarx-ast-cli.version +++ b/checkmarx-ast-cli.version @@ -1 +1 @@ -2.3.19-daniel +2.3.19 diff --git a/src/main/wrapper/resources/cx-linux b/src/main/wrapper/resources/cx-linux index c4d248e1..bde045cb 100755 --- a/src/main/wrapper/resources/cx-linux +++ b/src/main/wrapper/resources/cx-linux @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:002e459612e623df85fcbc1334461b479bf495d07d0231dbdffd720940d3cd77 -size 73134232 +oid sha256:9eae11d84cb766a5df14ce5e9d57013268f3d687484cf2a4d67595c419a4a762 +size 73937080 diff --git a/src/main/wrapper/resources/cx-mac b/src/main/wrapper/resources/cx-mac index fad4e1db..3b851457 100755 --- a/src/main/wrapper/resources/cx-mac +++ b/src/main/wrapper/resources/cx-mac @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:4e52001f43abe241fda0d1b26589da7d66f65c6ac8341ab2bb24962b252612d1 -size 147989392 +oid sha256:68cb8baeb6eb68cff07440c2dd142b5a3cf53b2d12c4ca98dd01d0a95a4f9370 +size 148816000 diff --git a/src/main/wrapper/resources/cx.exe b/src/main/wrapper/resources/cx.exe index 27924da1..ab3efe27 100644 --- a/src/main/wrapper/resources/cx.exe +++ b/src/main/wrapper/resources/cx.exe @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b1263fe9cf89c27e44238db56e9beb4f58c1c180f59802d6165092a7a529ebae -size 75032960 +oid sha256:b073010a1e360028fcc2eee56d1a7376be36459a2ea1a27c0a516a227a334943 +size 75835264 From 65afb63c119ec2c4ece807ae076a7fac7e9cb6a7 Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Thu, 17 Apr 2025 16:53:22 +0300 Subject: [PATCH 09/10] commit --- .github/workflows/update-cli.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 68c48fbb..2fbc0d0c 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -51,5 +51,3 @@ jobs: git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac checkmarx-ast-cli.version git commit -m "Update Checkmarx CLI to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}" || echo "No changes to commit" git push origin HEAD - - \ No newline at end of file From d0426105eeb44c2d431811bf99abf69d68aa1925 Mon Sep 17 00:00:00 2001 From: greensd4 <33864348+greensd4@users.noreply.github.com> Date: Thu, 17 Apr 2025 17:04:02 +0300 Subject: [PATCH 10/10] commit --- .github/workflows/update-cli.yml | 37 ++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 2fbc0d0c..5c287328 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -1,5 +1,4 @@ name: Update checkmarx ast cli - on: workflow_dispatch: repository_dispatch: @@ -24,30 +23,50 @@ jobs: git config --global user.name github-actions git config --global user.email github-actions@github.com - - name: Set Hardcoded Checkmarx CLI version + - name: Get Latest Checkmarx API version id: checkmarx-ast-cli run: | - echo "release_tag=2.3.19" >> $GITHUB_OUTPUT - echo "current_tag=$(> $GITHUB_OUTPUT + echo ::set-output name=release_tag::$(curl -sL https://api.github.com/repos/Checkmarx/ast-cli/releases/latest | jq -r ".tag_name") + echo ::set-output name=current_tag::$( checkmarx-ast-cli.version + # Update current release + echo ${{ steps.checkmarx-ast-cli.outputs.release_tag }} > checkmarx-ast-cli.version - name: Download latest cli and update branch if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag run: | + # Update binaries chmod +x ./.github/scripts/update_cli.sh ./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }} - - name: Track large files with Git LFS and commit changes + - name: Track large files with Git LFS if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag run: | git lfs track "src/main/wrapper/resources/cx-linux" git lfs track "src/main/wrapper/resources/cx.exe" git lfs track "src/main/wrapper/resources/cx-mac" git add .gitattributes - git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac checkmarx-ast-cli.version - git commit -m "Update Checkmarx CLI to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}" || echo "No changes to commit" - git push origin HEAD + git add src/main/wrapper/resources/cx-linux src/main/wrapper/resources/cx.exe src/main/wrapper/resources/cx-mac + git commit -m "Track Checkmarx CLI binaries with Git LFS" + + - name: Create Pull Request + id: cretae_pull_request + if: steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag + uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6 + with: + token: ${{ secrets.AUTOMATION_TOKEN }} + commit-message: Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }} + title: Update checkmarx-ast-cli binaries with ${{ steps.checkmarx-ast-cli.outputs.release_tag }} + body: | + Updates [checkmarx-ast-cli][1] to ${{ steps.checkmarx-ast-cli.outputs.release_tag }} + + Auto-generated by [create-pull-request][2] + + [1]: https://github.com/Checkmarx/checkmarx-ast-cli + labels: cxone + branch: feature/update_cli_${{ steps.checkmarx-ast-cli.outputs.release_tag }}