sast

2025-06-18 18:14:26 +08:00 · 2025-06-18 18:14:26 +08:00 · b712c13170
commit b712c13170
parent 0c0803fdc5
18 changed files with 176 additions and 69 deletions
--- a/modules/module-ci-process-api/src/main/java/cd/casic/ci/api/SastController.java
+++ b/modules/module-ci-process-api/src/main/java/cd/casic/ci/api/SastController.java
@ -37,6 +37,10 @@ public class SastController {
        Boolean b = sastService.applicationExist(applicationName);
        return CommonResult.success(b);
    }
    @GetMapping("/getToken")
    public CommonResult<String> getToken(){
        return CommonResult.success(sastService.getToken());
    }
    /**
     * sast上传检测文件
     * */
--- a/modules/module-ci-process-api/src/main/java/cd/casic/ci/api/TargetController.java
+++ b/modules/module-ci-process-api/src/main/java/cd/casic/ci/api/TargetController.java
@ -124,10 +124,8 @@ public class TargetController {
    @PostMapping(path="/fileUpload")
-    public CommonResult<String> fileUpload(@RequestBody TargetUploadReq req, @RequestParam("file") MultipartFile file) throws SftpUploadUtil.SftpUploadException {
+    public CommonResult<String> fileUpload(MultipartFile file) throws SftpUploadUtil.SftpUploadException {
-        req.setFile(file);
+        String filePath = targetManagerService.fileUpload(file);
        String filePath = targetManagerService.fileUpload(req);
        return CommonResult.success(filePath);
    }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/dto/req/target/TargetUploadReq.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/dto/req/target/TargetUploadReq.java
@ -1,6 +1,8 @@
 package cd.casic.ci.process.dto.req.target;
 import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
 /**
@ -10,6 +12,8 @@ import org.springframework.web.multipart.MultipartFile;
 * @Version 1.0
 */
@Data
@ConfigurationProperties(prefix = "upload")
@Component
 public class TargetUploadReq{
    //远程服务器IP或主机名
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/constant/SastConstant.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/constant/SastConstant.java
@ -1,7 +1,10 @@
 package cd.casic.ci.process.engine.constant;
 public class SastConstant {
-    public static final String JOB_DONE = "DONE";
+    public static final String STATUS_JOB_DONE = "DONE";
    public static final String STATUS_PROGRESSING = "PROGRESSING";
    public static final String STATUS_PENDING = "PENDING";
    public static final String STATUS_CANCEL = "PENDING";
    public static final String REPORT_JSON = "reportJSON";
    public static final String REPORT_URL = "reportUrl";
    public static final String REPORT_FORMAT_JSON="JSON";
@ -9,4 +12,5 @@ public class SastConstant {
    public static final String REPORT_MODE ="DETAILS";
    public static final String REPORT_MODE_DETAILS ="DETAILS";
    public static final String REPORT_MODE_SUMMARY ="SUMMARY";
    public static final String APPLICATION_ID = "id";
 }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/SastWorker.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/engine/worker/SastWorker.java
@ -18,6 +18,7 @@ import cd.casic.framework.commons.exception.ServiceException;
 import cd.casic.framework.commons.exception.enums.GlobalErrorCodeConstants;
 import com.alibaba.excel.util.StringUtils;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
@ -48,11 +49,16 @@ public class SastWorker extends BaseWorker {
        log.info("==============触发worker执行========");
        log.info("==========运行context：{}===========", JSON.toJSONString(context));
        if (contextDef instanceof PipTask task) {
-            String applicationId = (String)task.getTaskProperties().get("applicationId");
+            String applicationId = (String)(task.getTaskProperties().get(SastConstant.APPLICATION_ID));
            if (StringUtils.isEmpty(applicationId)) {
                append(context,"未获取到sast信息");
                toBadEnding();
            }
            SastApplicationStatusResp applicationStatus = sastService.getApplicationStatus(applicationId);
            if (SastConstant.STATUS_PROGRESSING.equals(applicationStatus.getJobStatus())||SastConstant.STATUS_PENDING.equals(applicationStatus.getJobStatus())) {
                append(context,"当前任务正在运行中");
                toBadEnding();
            }
            SastApplicationEchoResp applicationEcho = sastService.getApplicationEcho(applicationId);
            append(context,"获取到sast任务配置"+JSON.toJSONString(applicationEcho));
            SastApplicationCreateReq sastApplicationCreateReq = converter.converter(applicationEcho);
@ -64,30 +70,54 @@ public class SastWorker extends BaseWorker {
            log.info("SAST启动任务返回值:{}",JSON.toJSONString(sastApplicationCreateResp));
            append(context,"启动任务完毕");
            // 检测状态是否完毕
-            SastApplicationStatusResp applicationStatus = sastService.getApplicationStatus(applicationId);
+            applicationStatus = sastService.getApplicationStatus(applicationId);
-            while (!SastConstant.JOB_DONE.equals(applicationStatus.getJobStatus())) {
+            int repeat = 0;
            while (!SastConstant.STATUS_JOB_DONE.equals(applicationStatus.getJobStatus())) {
                try {
-                    Thread.sleep(1000L);
+                    Thread.sleep(20000L);
                } catch (InterruptedException e) {
                    log.error("SAST WORKER线程中断");
                }
                try {
                    applicationStatus=sastService.getApplicationStatus(applicationId);
-                append(context,"当前SAST运行中，运行状态："+applicationStatus.getJobStatus());
+                } catch (Exception e) {
                    log.error("sastWorker执行失败",e);
                    append(context,"获取状态失败");
                    if (repeat++>3) {
                        append(context,"获取状态失败,尝试超过三次执行失败");
                        toBadEnding();
                    }
-            String reportJSON = getReportJSON(applicationId, SastConstant.REPORT_MODE_DETAILS);
+                    continue;
                }
                append(context,"当前SAST运行中，运行状态："+applicationStatus.getJobStatus());
                if (SastConstant.STATUS_PENDING.equals(applicationStatus.getJobStatus())) {
                    append(context,"任务被取消");
                    toBadEnding();
                }
                repeat = 0;
            }
            JSONObject reportJSON = getReportJSON(applicationId, SastConstant.REPORT_MODE_DETAILS);
            String reportUrl = getReportUrl(applicationId, SastConstant.REPORT_MODE_DETAILS);
            task.getTaskProperties().put(SastConstant.REPORT_JSON,reportJSON);
            task.getTaskProperties().put(SastConstant.REPORT_URL,reportUrl);
        }
    }
-    private String getReportJSON(String applicationId,String model){
+    private JSONObject getReportJSON(String applicationId,String model){
        String reqJSON = "{\"mode\":\"DETAILS\",\"contacts\":\"admin@clouditera.com\",\"reportType\":\"APPLICATION\",\"format\":\"JSON\",\"projectId\":\"8a863857-bab3-40d9-a79a-2cb6617a9dd3\",\"applicationIds\":[\"9e3e55d6-6d28-4fd1-adc2-15b6cf0702db\"],\"bugLevels\":[\"DEADLY\",\"SEVERITY\",\"POOR_RISK\",\"LOW_RISK\"],\"audRiskLevels\":[\"WAITING\",\"IGNORE\",\"HIGH\",\"MEDIUM\",\"LOW\",\"NONE\"],\"applicationScope\":\"ALL\"}";
        SastReportCreateReq sastReportCreateReq = JSON.parseObject(reqJSON, SastReportCreateReq.class);
        sastReportCreateReq.setMode(model);
        sastReportCreateReq.setFormat(SastConstant.REPORT_FORMAT_JSON);
        sastReportCreateReq.setApplicationIds(Collections.singletonList(applicationId));
        log.info("获取JSON报告请求参数{}",JSON.toJSONString(sastReportCreateReq));
        String jsonReportUrl = sastService.reportIndex(sastReportCreateReq);
-        return getJSONString(jsonReportUrl);
+        log.info("获取JSON报告获得url{}",jsonReportUrl);
        JSONObject jsonObject = JSON.parseObject(getJSONString(jsonReportUrl)).getJSONObject("task_summary");
        JSONObject severity = jsonObject.getJSONObject("defect_severity_distribution");
        JSONObject rule = jsonObject.getJSONObject("detection_rule_distribution");
        JSONObject res = new JSONObject();
        res.put("defect_severity_distribution",severity);
        res.put("detection_rule_distribution",rule);
        return res;
    }
    private String getReportUrl(String applicationId,String model){
        String reqJSON = "{\"mode\":\"DETAILS\",\"contacts\":\"admin@clouditera.com\",\"reportType\":\"APPLICATION\",\"format\":\"JSON\",\"projectId\":\"8a863857-bab3-40d9-a79a-2cb6617a9dd3\",\"applicationIds\":[\"9e3e55d6-6d28-4fd1-adc2-15b6cf0702db\"],\"bugLevels\":[\"DEADLY\",\"SEVERITY\",\"POOR_RISK\",\"LOW_RISK\"],\"audRiskLevels\":[\"WAITING\",\"IGNORE\",\"HIGH\",\"MEDIUM\",\"LOW\",\"NONE\"],\"applicationScope\":\"ALL\"}";
@ -95,6 +125,7 @@ public class SastWorker extends BaseWorker {
        sastReportCreateReq.setMode(model);
        sastReportCreateReq.setFormat(SastConstant.REPORT_FORMAT_PDF);
        sastReportCreateReq.setApplicationIds(Collections.singletonList(applicationId));
        log.info("获取报告请求参数{}",JSON.toJSONString(sastReportCreateReq));
        return sastService.reportIndex(sastReportCreateReq);
    }
    private String getJSONString(String reportId){
@ -104,13 +135,15 @@ public class SastWorker extends BaseWorker {
        try {
            url = uri.toURL();
        } catch (MalformedURLException e) {
-            log.error("获取json格式报告失败");
+            log.info("sast 创建uri{}",uri);
            log.error("sast 获取json格式报告失败:",e);
        }
        try (InputStream in = url.openStream()) {
            byte[] bytes = in.readAllBytes();
            return new String(bytes, StandardCharsets.UTF_8);
        } catch (IOException e) {
-            log.error("获取json格式报告失败");
+            log.info("获取的url:{}",url);
            log.error("获取json格式报告失败:",e);
            throw new ServiceException(GlobalErrorCodeConstants.PIPELINE_ERROR.getCode(),"获取JSON格式报告失败");
        }
    }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dao/taskResource/ResourceManagerDao.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dao/taskResource/ResourceManagerDao.java
@ -10,5 +10,6 @@ import cd.casic.framework.mybatis.core.mapper.BaseMapperX;
 * @Date: 2025/5/13 14:39
 * @Description:
 */
-public interface ResourceManagerDao extends BaseMapperX<ResourceManager> {
+public interface ResourceManagerDao {
 //public interface ResourceManagerDao extends BaseMapperX<ResourceManager> {
 }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceCloud.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceCloud.java
@ -14,8 +14,6 @@ import lombok.EqualsAndHashCode;
 @EqualsAndHashCode(callSuper = true)
 public class ResourceCloud extends PipBaseElement {
    private String TaskId;
    /**
     * 虚拟机类型
     */
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceDockerEndpoint.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceDockerEndpoint.java
@ -16,8 +16,6 @@ import java.time.LocalDateTime;
@Data
 public class ResourceDockerEndpoint extends PipBaseElement {
    private String TaskId;
    /**
     * Docker 类型：远程/本地
     */
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceK8S.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceK8S.java
@ -7,6 +7,4 @@ import lombok.EqualsAndHashCode;
@EqualsAndHashCode(callSuper = true)
@Data
 public class ResourceK8S extends PipBaseElement {
    private String TaskId;
 }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceMachine.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/dataObject/taskResource/ResourceMachine.java
@ -14,8 +14,6 @@ import lombok.EqualsAndHashCode;
@Data
 public class ResourceMachine extends PipBaseElement {
    private String TaskId;
    /**
     * 主机地址
     */
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/resource/impl/ResourceManagerServiceImpl.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/resource/impl/ResourceManagerServiceImpl.java
@ -44,7 +44,7 @@ import java.util.List;
@Slf4j
 public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDao, PipResourceManager> implements ResourceManagerService {
    @Resource
-    private PipResourceManagerDao resourceManagerDao;
+    private PipResourceManagerDao pipResourceManagerDao;
    @Resource
    private PipResourceMachineDao machineDao;
@ -95,13 +95,13 @@ public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDa
            pipResourceManager.setCloudId(pipResourceCloud.getId());
        }
-        resourceManagerDao.insert(pipResourceManager);
+        pipResourceManagerDao.insert(pipResourceManager);
        return pipResourceManager.getId();
    }
    @Override
    public void deleteResource(String id) {
-        PipResourceManager pipResourceManager = resourceManagerDao.selectById(id);
+        PipResourceManager pipResourceManager = pipResourceManagerDao.selectById(id);
        if (!StringUtils.isEmpty(pipResourceManager.getMachineId())){
            machineDao.deleteById(pipResourceManager.getMachineId());
        }
@ -114,12 +114,12 @@ public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDa
        if (!StringUtils.isEmpty(pipResourceManager.getCloudId())){
            cloudDao.deleteById(pipResourceManager.getCloudId());
        }
-        resourceManagerDao.deleteById(id);
+        pipResourceManagerDao.deleteById(id);
    }
    @Override
    public void updateResource(ResourceReq resourceReq) {
-        PipResourceManager temp = resourceManagerDao.selectById(resourceReq.getId());
+        PipResourceManager temp = pipResourceManagerDao.selectById(resourceReq.getId());
        temp.setResourceName(resourceReq.getResourceName());
        //先删除旧的资源信息
@ -170,12 +170,12 @@ public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDa
            temp.setCloudId(pipResourceCloud.getId());
        }
-        resourceManagerDao.updateById(temp);
+        pipResourceManagerDao.updateById(temp);
    }
    @Override
    public ResourceFindResp findResourceById(String id) {
-        PipResourceManager pipResourceManager = resourceManagerDao.selectById(id);
+        PipResourceManager pipResourceManager = pipResourceManagerDao.selectById(id);
        if (ObjectUtils.isEmpty(pipResourceManager)){
            throw new ServiceException(GlobalErrorCodeConstants.INTERNAL_SERVER_ERROR.getCode(),"资源不存在");
        }
@ -215,7 +215,7 @@ public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDa
        if (!ObjectUtils.isEmpty(query.getCreator())){
            wrapper.eq("creator",query.getCreator());
        }
-        List<PipResourceManager> pipResourceManagerList = resourceManagerDao.selectList(wrapper);
+        List<PipResourceManager> pipResourceManagerList = pipResourceManagerDao.selectList(wrapper);
        if (ObjectUtils.isEmpty(pipResourceManagerList)){
            return new ArrayList<>(0);
@ -258,7 +258,7 @@ public class ResourceManagerServiceImpl extends ServiceImpl<PipResourceManagerDa
        if (!ObjectUtils.isEmpty(query.getCreator())){
            wrapper.eq("creator",query.getCreator());
        }
-        Page<PipResourceManager> pipResourceTempPage = resourceManagerDao.selectPage(new Page<>(query.getPageNo(), query.getPageSize()), wrapper);
+        Page<PipResourceManager> pipResourceTempPage = pipResourceManagerDao.selectPage(new Page<>(query.getPageNo(), query.getPageSize()), wrapper);
        if (ObjectUtils.isEmpty(pipResourceTempPage)){
            return new PageResult<>();
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/target/TargetManagerService.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/target/TargetManagerService.java
@ -9,6 +9,7 @@ import cd.casic.ci.process.util.SftpUploadUtil;
 import cd.casic.framework.commons.pojo.PageResult;
 import com.baomidou.mybatisplus.extension.service.IService;
 import jakarta.validation.Valid;
 import org.springframework.web.multipart.MultipartFile;
 import java.io.IOException;
 import java.util.List;
@ -31,7 +32,7 @@ public interface TargetManagerService extends IService<TargetManager> {
    List<TargetManagerResp> findTargetList(@Valid TargetQueryReq query);
-    String fileUpload(TargetUploadReq req) throws SftpUploadUtil.SftpUploadException;
+    String fileUpload(MultipartFile file) throws SftpUploadUtil.SftpUploadException;
    void createVersion(@Valid TargetVersionCreateReq req);
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/target/impl/TargetManagerServiceImpl.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/target/impl/TargetManagerServiceImpl.java
@ -12,6 +12,7 @@ import cd.casic.ci.process.process.dataObject.base.BaseIdReq;
 import cd.casic.ci.process.process.dataObject.target.TargetManager;
 import cd.casic.ci.process.process.dataObject.target.TargetVersion;
 import cd.casic.ci.process.process.service.target.TargetManagerService;
 import cd.casic.ci.process.properties.TargetFileUploadProperties;
 import cd.casic.ci.process.util.SftpUploadUtil;
 import cd.casic.framework.commons.exception.ServiceException;
 import cd.casic.framework.commons.exception.enums.GlobalErrorCodeConstants;
@ -27,6 +28,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.ObjectUtils;
 import org.springframework.web.multipart.MultipartFile;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@ -58,6 +60,8 @@ public class TargetManagerServiceImpl extends ServiceImpl<TargetManagerDao, Targ
    @Resource
    private AdminUserServiceImpl adminUserService;
    @Resource
    private TargetFileUploadProperties fileUploadProperties;
    @Override
@ -203,18 +207,18 @@ public class TargetManagerServiceImpl extends ServiceImpl<TargetManagerDao, Targ
    }
    @Override
-    public String fileUpload(TargetUploadReq req) throws SftpUploadUtil.SftpUploadException {
+    public String fileUpload(MultipartFile file) throws SftpUploadUtil.SftpUploadException {
-        String filePath = req.getRemoteDir() + UUID.randomUUID();
+        String filePath = fileUploadProperties.getRemoteDir() + UUID.randomUUID();
        String path = SftpUploadUtil.uploadFileSftp(
-                req.getRemoteHost(),
+                fileUploadProperties.getRemoteHost(),
-                req.getRemotePort(),
+                fileUploadProperties.getRemotePort(),
-                req.getUsername(),
+                fileUploadProperties.getUsername(),
-                req.getPassword(),
+                fileUploadProperties.getPassword(),
-                req.getSshKeyPath(),
+                fileUploadProperties.getSshKeyPath(),
-                req.getFile(),
+                file,
                filePath,
-                req.getRemoteFileName()
+                file.getOriginalFilename()
        );
        return path;
    }
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/taskResource/TaskResourceManagerService.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/taskResource/TaskResourceManagerService.java
@ -13,7 +13,8 @@ import jakarta.validation.Valid;
 * @Date: 2025/5/13 10:27
 * @Description:
 */
-public interface TaskResourceManagerService extends IService<ResourceManager> {
+public interface TaskResourceManagerService {
 //public interface TaskResourceManagerService extends IService<ResourceManager> {
    TaskResourceFindResp findResourceList(@Valid TaskResourceQueryReq req);
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/taskResource/impl/TaskResourceManagerServiceImpl.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/process/service/taskResource/impl/TaskResourceManagerServiceImpl.java
@ -25,7 +25,8 @@ import java.util.List;
 */
 //@Service
@Slf4j
-public class TaskResourceManagerServiceImpl extends ServiceImpl<ResourceManagerDao, ResourceManager> implements TaskResourceManagerService {
+public class TaskResourceManagerServiceImpl implements TaskResourceManagerService {
 //public class TaskResourceManagerServiceImpl extends ServiceImpl<ResourceManagerDao, ResourceManager> implements TaskResourceManagerService {
    @Resource
    private ResourceMachineDao machineDao;
--- a/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/properties/TargetFileUploadProperties.java
+++ b/modules/module-ci-process-biz/src/main/java/cd/casic/ci/process/properties/TargetFileUploadProperties.java
@ -0,0 +1,26 @@
 package cd.casic.ci.process.properties;
 import lombok.Data;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 import org.springframework.web.multipart.MultipartFile;
@Component
@ConfigurationProperties(prefix = "target.file-upload")
@Data
 public class TargetFileUploadProperties {
    //远程服务器IP或主机名
    private String remoteHost = "175.6.27.252";
    //远程服务器端口 (通常是 22)，为 null 或 <= 0 时使用默认端口 22
    private Integer remotePort;
    //远程服务器用户名
    private String username = "roots";
    //远程服务器密码 (如果使用密码认证)
    private String password = "hnidc0327cn!@#xhh";
    //SSH Key 文件路径 (如果使用密钥认证，password 参数可以为 null)
    private String sshKeyPath;
    //远程服务器存放文件的目录 (例如: /home/user/uploads/)
    private String remoteDir = "/home/ops/ops-pro/file/";
 }
--- a/ops-server/src/test/java/cd/casic/server/ResourceTest.java
+++ b/ops-server/src/test/java/cd/casic/server/ResourceTest.java
@ -35,7 +35,7 @@ public class ResourceTest {
    private ResourceManagerServiceImpl resourceManagerService;
    @MockBean
-    private PipResourceManagerDao resourceManagerDao;
+    private PipResourceManagerDao pipResourceManagerDao;
    @MockBean
    private PipResourceMachineDao machineDao;
@ -66,7 +66,7 @@ public class ResourceTest {
            return null;
        });
-        when(resourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
+        when(pipResourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
            PipResourceManager manager = invocation.getArgument(0);
            manager.setId("resourceId"); // 模拟插入后生成ID
            return null;
@ -77,7 +77,7 @@ public class ResourceTest {
        // Assert
        verify(machineDao, times(1)).insert(any(PipResourceMachine.class));
-        verify(resourceManagerDao, times(1)).insert(any(PipResourceManager.class));
+        verify(pipResourceManagerDao, times(1)).insert(any(PipResourceManager.class));
        // 验证返回的ID
        assert result.equals("resourceId");
@ -97,7 +97,7 @@ public class ResourceTest {
            return null;
        });
-        when(resourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
+        when(pipResourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
            PipResourceManager manager = invocation.getArgument(0);
            manager.setId("resourceId"); // 模拟插入后生成ID
            return null;
@ -108,7 +108,7 @@ public class ResourceTest {
        // Assert
        verify(k8SDao, times(1)).insert(any(PipResourceK8S.class));
-        verify(resourceManagerDao, times(1)).insert(any(PipResourceManager.class));
+        verify(pipResourceManagerDao, times(1)).insert(any(PipResourceManager.class));
        // 验证返回的ID
        assert result.equals("resourceId");
@ -128,7 +128,7 @@ public class ResourceTest {
            return null;
        });
-        when(resourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
+        when(pipResourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
            PipResourceManager manager = invocation.getArgument(0);
            manager.setId("resourceId"); // 模拟插入后生成ID
            return null;
@ -139,7 +139,7 @@ public class ResourceTest {
        // Assert
        verify(dockerEndpointDao, times(1)).insert(any(DockerEndpointDo.class));
-        verify(resourceManagerDao, times(1)).insert(any(PipResourceManager.class));
+        verify(pipResourceManagerDao, times(1)).insert(any(PipResourceManager.class));
        // 验证返回的ID
        assert result.equals("resourceId");
@ -159,7 +159,7 @@ public class ResourceTest {
            return null;
        });
-        when(resourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
+        when(pipResourceManagerDao.insert(any(PipResourceManager.class))).thenAnswer(invocation -> {
            PipResourceManager manager = invocation.getArgument(0);
            manager.setId("resourceId"); // 模拟插入后生成ID
            return null;
@ -170,7 +170,7 @@ public class ResourceTest {
        // Assert
        verify(cloudDao, times(1)).insert(any(PipResourceCloud.class));
-        verify(resourceManagerDao, times(1)).insert(any(PipResourceManager.class));
+        verify(pipResourceManagerDao, times(1)).insert(any(PipResourceManager.class));
        // 验证返回的ID
        assert result.equals("resourceId");
@ -189,7 +189,7 @@ public class ResourceTest {
        pipResourceManager.setDockerId("docker123");
        pipResourceManager.setCloudId("cloud123");
-        Mockito.when(resourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
+        Mockito.when(pipResourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
        // Act
        resourceManagerService.deleteResource(resourceId);
@ -199,7 +199,7 @@ public class ResourceTest {
        Mockito.verify(k8SDao, Mockito.times(1)).deleteById("k8s123");
        Mockito.verify(dockerEndpointDao, Mockito.times(1)).deleteById("docker123");
        Mockito.verify(cloudDao, Mockito.times(1)).deleteById("cloud123");
-        Mockito.verify(resourceManagerDao, Mockito.times(1)).deleteById(resourceId);
+        Mockito.verify(pipResourceManagerDao, Mockito.times(1)).deleteById(resourceId);
    }
    @Test
@ -210,7 +210,7 @@ public class ResourceTest {
        pipResourceManager.setId(resourceId);
        pipResourceManager.setMachineId("machine123");
-        Mockito.when(resourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
+        Mockito.when(pipResourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
        // Act
        resourceManagerService.deleteResource(resourceId);
@ -220,7 +220,7 @@ public class ResourceTest {
        Mockito.verify(k8SDao, never()).deleteById(anyString());
        Mockito.verify(dockerEndpointDao, never()).deleteById(anyString());
        Mockito.verify(cloudDao, never()).deleteById(anyString());
-        Mockito.verify(resourceManagerDao, Mockito.times(1)).deleteById(resourceId);
+        Mockito.verify(pipResourceManagerDao, Mockito.times(1)).deleteById(resourceId);
    }
    @Test
@ -228,7 +228,7 @@ public class ResourceTest {
        // Arrange
        String resourceId = "nonExistent";
-        Mockito.when(resourceManagerDao.selectById(resourceId)).thenReturn(null);
+        Mockito.when(pipResourceManagerDao.selectById(resourceId)).thenReturn(null);
        // Act & Assert
        try {
@ -241,7 +241,7 @@ public class ResourceTest {
        Mockito.verify(k8SDao, never()).deleteById(anyString());
        Mockito.verify(dockerEndpointDao, never()).deleteById(anyString());
        Mockito.verify(cloudDao, never()).deleteById(anyString());
-        Mockito.verify(resourceManagerDao, never()).deleteById(anyString());
+        Mockito.verify(pipResourceManagerDao, never()).deleteById(anyString());
    }
@ -256,18 +256,18 @@ public class ResourceTest {
        pipResourceManager.setDockerId("dockerId");
        pipResourceManager.setCloudId("cloudId");
-        when(resourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
+        when(pipResourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
        // Act
        resourceManagerService.deleteResource(resourceId);
        // Assert
-        verify(resourceManagerDao, times(1)).selectById(resourceId);
+        verify(pipResourceManagerDao, times(1)).selectById(resourceId);
        verify(machineDao, times(1)).deleteById("machineId");
        verify(k8SDao, times(1)).deleteById("k8sId");
        verify(dockerEndpointDao, times(1)).deleteById("dockerId");
        verify(cloudDao, times(1)).deleteById("cloudId");
-        verify(resourceManagerDao, times(1)).deleteById(resourceId);
+        verify(pipResourceManagerDao, times(1)).deleteById(resourceId);
    }
    @Test
@ -278,18 +278,18 @@ public class ResourceTest {
        pipResourceManager.setId(resourceId);
        pipResourceManager.setMachineId("machineId");
-        when(resourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
+        when(pipResourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
        // Act
        resourceManagerService.deleteResource(resourceId);
        // Assert
-        verify(resourceManagerDao, times(1)).selectById(resourceId);
+        verify(pipResourceManagerDao, times(1)).selectById(resourceId);
        verify(machineDao, times(1)).deleteById("machineId");
        verify(k8SDao, never()).deleteById(anyString());
        verify(dockerEndpointDao, never()).deleteById(anyString());
        verify(cloudDao, never()).deleteById(anyString());
-        verify(resourceManagerDao, times(1)).deleteById(resourceId);
+        verify(pipResourceManagerDao, times(1)).deleteById(resourceId);
    }
    @Test
@ -299,18 +299,18 @@ public class ResourceTest {
        PipResourceManager pipResourceManager = new PipResourceManager();
        pipResourceManager.setId(resourceId);
-        when(resourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
+        when(pipResourceManagerDao.selectById(resourceId)).thenReturn(pipResourceManager);
        // Act
        resourceManagerService.deleteResource(resourceId);
        // Assert
-        verify(resourceManagerDao, times(1)).selectById(resourceId);
+        verify(pipResourceManagerDao, times(1)).selectById(resourceId);
        verify(machineDao, never()).deleteById(anyString());
        verify(k8SDao, never()).deleteById(anyString());
        verify(dockerEndpointDao, never()).deleteById(anyString());
        verify(cloudDao, never()).deleteById(anyString());
-        verify(resourceManagerDao, times(1)).deleteById(resourceId);
+        verify(pipResourceManagerDao, times(1)).deleteById(resourceId);
    }
--- a/ops-server/src/test/java/cd/casic/server/SastTest.java
+++ b/ops-server/src/test/java/cd/casic/server/SastTest.java
@ -2,10 +2,14 @@ package cd.casic.server;
 import cd.casic.ci.process.dto.req.sast.SastApplicationCreateReq;
 import cd.casic.ci.process.dto.req.sast.SastIdentifiedLanguageTaskReq;
 import cd.casic.ci.process.dto.req.sast.SastReportCreateReq;
 import cd.casic.ci.process.dto.resp.sast.*;
 import cd.casic.ci.process.engine.constant.SastConstant;
 import cd.casic.ci.process.process.converter.SastConverter;
 import cd.casic.ci.process.process.service.sast.SastService;
 import cd.casic.ci.process.properties.SastProperties;
 import cd.casic.framework.commons.exception.ServiceException;
 import cd.casic.framework.commons.exception.enums.GlobalErrorCodeConstants;
 import cd.casic.framework.redis.core.RedisTemplateUtils;
 import com.alibaba.fastjson.JSON;
 import jakarta.annotation.Resource;
@ -26,6 +30,7 @@ import java.net.URL;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.BrokenBarrierException;
 import java.util.concurrent.CyclicBarrier;
@ -157,4 +162,37 @@ public class SastTest {
            throw new RuntimeException(e);
        }
    }
    @Test
    public void  jsonReport(){
        System.out.println(getReportJSON("23bc93d6-27df-4fd7-9ffa-5e4a518d6c57", "DETAILS"));
    }
    private String getReportJSON(String applicationId,String model){
        String reqJSON = "{\"mode\":\"DETAILS\",\"contacts\":\"admin@clouditera.com\",\"reportType\":\"APPLICATION\",\"format\":\"JSON\",\"projectId\":\"8a863857-bab3-40d9-a79a-2cb6617a9dd3\",\"applicationIds\":[\"9e3e55d6-6d28-4fd1-adc2-15b6cf0702db\"],\"bugLevels\":[\"DEADLY\",\"SEVERITY\",\"POOR_RISK\",\"LOW_RISK\"],\"audRiskLevels\":[\"WAITING\",\"IGNORE\",\"HIGH\",\"MEDIUM\",\"LOW\",\"NONE\"],\"applicationScope\":\"ALL\"}";
        SastReportCreateReq sastReportCreateReq = JSON.parseObject(reqJSON, SastReportCreateReq.class);
        sastReportCreateReq.setMode(model);
        sastReportCreateReq.setFormat(SastConstant.REPORT_FORMAT_JSON);
        sastReportCreateReq.setApplicationIds(Collections.singletonList(applicationId));
        log.info("获取JSON报告请求参数{}",JSON.toJSONString(sastReportCreateReq));
        String jsonReportUrl = sastService.reportIndex(sastReportCreateReq);
        log.info("获取JSON报告获得url{}",jsonReportUrl);
        return getJSONString(jsonReportUrl);
    }
    private String getJSONString(String reportId){
        String s = sastService.reportDownload(reportId);
        URI uri = URI.create(s);
        URL url = null;
        try {
            url = uri.toURL();
        } catch (MalformedURLException e) {
            log.info("sast 创建uri{}",uri);
            log.error("sast 获取json格式报告失败:",e);
        }
        try (InputStream in = url.openStream()) {
            byte[] bytes = in.readAllBytes();
            return new String(bytes, StandardCharsets.UTF_8);
        } catch (IOException e) {
            log.error("获取json格式报告失败:",e);
            throw new ServiceException(GlobalErrorCodeConstants.PIPELINE_ERROR.getCode(),"获取JSON格式报告失败");
        }
    }
 }