From 04af6bf3cd5fabd6a5c4d093ddb56394ed56d77c Mon Sep 17 00:00:00 2001 From: even <827656971@qq.com> Date: Wed, 30 Jul 2025 17:44:12 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BA=8C=E8=BF=9B=E5=88=B6=E4=BB=A5=E5=8F=8Asa?= =?UTF-8?q?st=E9=80=BB=E8=BE=91=E6=B7=BB=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../process/engine/worker/afl/AFLWorker.java | 3 +- .../engine/worker/sast/SastBinaryWorker.java | 79 +++++++++++++++++-- .../engine/worker/sast/SastWorker.java | 17 ++++ 3 files changed, 89 insertions(+), 10 deletions(-) diff --git a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/afl/AFLWorker.java b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/afl/AFLWorker.java index 72b06a8f..cea776d5 100644 --- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/afl/AFLWorker.java +++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/afl/AFLWorker.java @@ -45,8 +45,7 @@ public class AFLWorker extends DockerWorker { private AflSeedInfoService aflSeedInfoService; @Resource private AflPlotInfoService aflPlotInfoService; - @Resource - private PostHandlerManager postHandlerManager; + @Override public void execute(TaskRunContext context) { int statusCode = -1; diff --git a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastBinaryWorker.java b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastBinaryWorker.java index 7cd0d328..5909b850 100644 --- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastBinaryWorker.java +++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastBinaryWorker.java @@ -1,25 +1,30 @@ package cd.casic.ci.process.engine.worker.sast; import cd.casic.ci.process.common.WorkAtom; -import cd.casic.ci.process.dto.resp.sast.SastApplicationEchoResp; -import cd.casic.ci.process.dto.resp.sast.SastApplicationStashResp; -import cd.casic.ci.process.dto.resp.sast.SastApplicationStatusResp; -import cd.casic.ci.process.dto.resp.sast.SastEngineLogResp; +import cd.casic.ci.process.dto.req.sast.SastReportCreateReq; +import cd.casic.ci.process.dto.req.sast.SastVulInfoReq; +import cd.casic.ci.process.dto.resp.sast.*; import cd.casic.ci.process.engine.constant.SastConstant; +import cd.casic.ci.process.engine.postHandler.ExecuteTaskPostHandler; import cd.casic.ci.process.engine.runContext.TaskRunContext; import cd.casic.ci.process.engine.worker.base.BaseWorker; import cd.casic.ci.process.process.converter.SastConverter; import cd.casic.ci.process.process.dataObject.base.PipBaseElement; +import cd.casic.ci.process.process.dataObject.history.PipPipelineHisInstance; import cd.casic.ci.process.process.dataObject.task.PipTask; import cd.casic.ci.process.process.service.sast.SastService; import cd.casic.ci.process.process.service.task.TaskService; +import cd.casic.framework.commons.exception.ServiceException; +import cd.casic.framework.commons.exception.enums.GlobalErrorCodeConstants; import com.alibaba.excel.util.StringUtils; import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import jakarta.annotation.Resource; import lombok.extern.slf4j.Slf4j; import java.util.ArrayList; +import java.util.Collections; import java.util.List; @Slf4j @@ -95,11 +100,69 @@ public class SastBinaryWorker extends BaseWorker { } repeat = 0; } -// JSONObject reportJSON = getReportJSON(applicationId, SastConstant.REPORT_MODE_DETAILS,context); -// String reportUrl = getReportUrl(applicationId, SastConstant.REPORT_MODE_DETAILS); -// task.getTaskProperties().put(SastConstant.REPORT_JSON,reportJSON); -// task.getTaskProperties().put(SastConstant.REPORT_URL,reportUrl); + JSONObject reportJSON = getReportJSON(applicationId, SastConstant.REPORT_MODE_DETAILS,context); + String reportUrl = getReportUrl(applicationId, SastConstant.REPORT_MODE_DETAILS); + task.getTaskProperties().put(SastConstant.REPORT_JSON,reportJSON); + task.getTaskProperties().put(SastConstant.REPORT_URL,reportUrl); taskService.updateById(task); } } + private JSONObject getReportJSON(String applicationId,String model,TaskRunContext context){ + String reqJSON = "{\"mode\":\"DETAILS\",\"contacts\":\"admin@clouditera.com\",\"reportType\":\"APPLICATION\",\"format\":\"JSON\",\"projectId\":\"9e57b627-2297-4bbf-a08a-92ff7d6b719d\",\"applicationIds\":[\"9e3e55d6-6d28-4fd1-adc2-15b6cf0702db\"],\"bugLevels\":[\"DEADLY\",\"SEVERITY\",\"POOR_RISK\",\"LOW_RISK\"],\"audRiskLevels\":[\"WAITING\",\"IGNORE\",\"HIGH\",\"MEDIUM\",\"LOW\",\"NONE\"],\"applicationScope\":\"ALL\"}"; + SastReportCreateReq sastReportCreateReq = JSON.parseObject(reqJSON, SastReportCreateReq.class); + sastReportCreateReq.setMode(model); + sastReportCreateReq.setProjectId("8a863857-bab3-40d9-a79a-2cb6617a9dd3"); + sastReportCreateReq.setFormat(SastConstant.REPORT_FORMAT_JSON); + sastReportCreateReq.setApplicationIds(Collections.singletonList(applicationId)); + log.info("获取JSON报告请求参数{}",JSON.toJSONString(sastReportCreateReq)); + String reportId = sastService.reportIndex(sastReportCreateReq); + log.info("获取JSON报告获得reportId{}",reportId); + // todo 获取报告状态 + SastReportStatusResp reportStatus = sastService.getReportStatus(reportId); + try { + while (reportStatus.getStatus().equals("WAITING")||reportStatus.getStatus().equals("GENERATING")){ + reportStatus = sastService.getReportStatus(reportId); + append(context,"当前生成报告状态为:"+reportStatus.getStatus()); + Thread.sleep(1000L); + } + } catch (Exception e) { + throw new ServiceException(GlobalErrorCodeConstants.PIPELINE_ERROR.getCode(),"获取sast报告状态失败"); + } + if (reportStatus.getStatus().equals("FAIL")) { + throw new ServiceException(GlobalErrorCodeConstants.PIPELINE_ERROR.getCode(),"生成sast报告失败"); + } + JSONObject reportJson = getJSONString(reportId); + PipTask task = context.getContextDef() instanceof PipTask ? ((PipTask) context.getContextDef()) : null; + postHandlerManager.registerPostHandler(new ExecuteTaskPostHandler(task.getId(),task.getPipelineId()) { + @Override + public void executeAfterDone(PipPipelineHisInstance pipPipelineHisInstance) { + JSONObject defects = reportJson.getJSONObject("defects"); + for (String key : defects.keySet()) { + String string = defects.getString(key); + List sastVulInfoReqs = JSONArray.parseArray(string, SastVulInfoReq.class); + sastService.saveReportVulInfo(sastVulInfoReqs,"targetType","targetName","city","instanceId","taskId","taskType"); + } + } + }); + JSONObject jsonObject = reportJson.getJSONObject("task_summary"); + JSONObject severity = jsonObject.getJSONObject("defect_severity_distribution"); + JSONObject rule = jsonObject.getJSONObject("detection_rule_distribution"); + JSONObject res = new JSONObject(); + res.put("defect_severity_distribution",severity); + res.put("detection_rule_distribution",rule); + return res; + } + private String getReportUrl(String applicationId,String model){ + String reqJSON = "{\"mode\":\"DETAILS\",\"contacts\":\"admin@clouditera.com\",\"reportType\":\"APPLICATION\",\"format\":\"JSON\",\"projectId\":\"8a863857-bab3-40d9-a79a-2cb6617a9dd3\",\"applicationIds\":[\"9e3e55d6-6d28-4fd1-adc2-15b6cf0702db\"],\"bugLevels\":[\"DEADLY\",\"SEVERITY\",\"POOR_RISK\",\"LOW_RISK\"],\"audRiskLevels\":[\"WAITING\",\"IGNORE\",\"HIGH\",\"MEDIUM\",\"LOW\",\"NONE\"],\"applicationScope\":\"ALL\"}"; + SastReportCreateReq sastReportCreateReq = JSON.parseObject(reqJSON, SastReportCreateReq.class); + sastReportCreateReq.setMode(model); + sastReportCreateReq.setProjectId("8a863857-bab3-40d9-a79a-2cb6617a9dd3"); + sastReportCreateReq.setFormat(SastConstant.REPORT_FORMAT_PDF); + sastReportCreateReq.setApplicationIds(Collections.singletonList(applicationId)); + log.info("获取报告请求参数{}",JSON.toJSONString(sastReportCreateReq)); + return sastService.reportIndex(sastReportCreateReq); + } + private JSONObject getJSONString(String reportId){ + return sastService.jsonReportDownload(reportId); + } } diff --git a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastWorker.java b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastWorker.java index 89b4eb80..133401c9 100644 --- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastWorker.java +++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/sast/SastWorker.java @@ -4,12 +4,15 @@ package cd.casic.ci.process.engine.worker.sast; import cd.casic.ci.process.common.WorkAtom; import cd.casic.ci.process.dto.req.sast.SastApplicationCreateReq; import cd.casic.ci.process.dto.req.sast.SastReportCreateReq; +import cd.casic.ci.process.dto.req.sast.SastVulInfoReq; import cd.casic.ci.process.dto.resp.sast.*; import cd.casic.ci.process.engine.constant.SastConstant; +import cd.casic.ci.process.engine.postHandler.ExecuteTaskPostHandler; import cd.casic.ci.process.engine.runContext.TaskRunContext; import cd.casic.ci.process.engine.worker.base.BaseWorker; import cd.casic.ci.process.process.converter.SastConverter; import cd.casic.ci.process.process.dataObject.base.PipBaseElement; +import cd.casic.ci.process.process.dataObject.history.PipPipelineHisInstance; import cd.casic.ci.process.process.dataObject.task.PipTask; import cd.casic.ci.process.process.service.sast.SastService; import cd.casic.ci.process.process.service.task.TaskService; @@ -17,6 +20,7 @@ import cd.casic.framework.commons.exception.ServiceException; import cd.casic.framework.commons.exception.enums.GlobalErrorCodeConstants; import com.alibaba.excel.util.StringUtils; import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import jakarta.annotation.Resource; import lombok.extern.slf4j.Slf4j; @@ -133,6 +137,19 @@ public class SastWorker extends BaseWorker { throw new ServiceException(GlobalErrorCodeConstants.PIPELINE_ERROR.getCode(),"生成sast报告失败"); } JSONObject reportJson = getJSONString(reportId); + PipTask task = context.getContextDef() instanceof PipTask ? ((PipTask) context.getContextDef()) : null; + postHandlerManager.registerPostHandler(new ExecuteTaskPostHandler(task.getId(),task.getPipelineId()) { + @Override + public void executeAfterDone(PipPipelineHisInstance pipPipelineHisInstance) { + JSONObject defects = reportJson.getJSONObject("defects"); + for (String key : defects.keySet()) { + String string = defects.getString(key); + List sastVulInfoReqs = JSONArray.parseArray(string, SastVulInfoReq.class); + sastService.saveReportVulInfo(sastVulInfoReqs,"targetType","targetName","city","instanceId","taskId","taskType"); + } + } + }); + JSONObject jsonObject = reportJson.getJSONObject("task_summary"); JSONObject severity = jsonObject.getJSONObject("defect_severity_distribution"); JSONObject rule = jsonObject.getJSONObject("detection_rule_distribution");