From 8bef3d34ffd357ec1aec73c1b4a68cdfa57e1a7b Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Wed, 8 Nov 2023 16:10:00 +0100 Subject: [PATCH 01/12] Add client certificate option to sechub web scan config #2524 - add ClientCertificateConfiguration with Testcases - add documentation with examples - add additional RestDoc Tests for new and missing webscans --- .../model/TestSecHubConfigurationBuilder.java | 29 ++- .../model/ClientCertificateConfiguration.java | 38 ++++ .../model/SecHubWebScanConfiguration.java | 16 +- .../ClientCertificateConfigurationTest.java | 84 ++++++++ .../shared/configuration/sechub_config.adoc | 27 ++- ...bscan_client_certificate_with_openAPI.json | 27 +++ ...mple4_webscan_login_clientcertificate.json | 19 ++ .../SchedulerRestControllerRestDocTest.java | 188 ++++++++++++++++-- 8 files changed, 411 insertions(+), 17 deletions(-) create mode 100644 sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java create mode 100644 sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java create mode 100644 sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example16_webscan_client_certificate_with_openAPI.json create mode 100644 sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example4_webscan_login_clientcertificate.json diff --git a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java index 435a7033ad..1c430c5868 100644 --- a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java +++ b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java @@ -110,12 +110,31 @@ public TestWebApiConfigBuilder useDataReferences(String... referenceNames) { return this; } - public TestWebConfigurationBuilder and() { + public TestWebConfigurationBuilder end() { testData.webConfig.setApi(Optional.of(api)); return TestWebConfigurationBuilder.this; } } + public class TestWebClientCertificateConfigBuilder { + ClientCertificateConfiguration clientCertificate = new ClientCertificateConfiguration(); + + public TestWebClientCertificateConfigBuilder password(char[] password) { + this.clientCertificate.setPassword(password); + return this; + } + + public TestWebClientCertificateConfigBuilder useDataReferences(String... referenceNames) { + this.clientCertificate.getNamesOfUsedDataConfigurationObjects().addAll(Arrays.asList(referenceNames)); + return this; + } + + public TestWebConfigurationBuilder end() { + testData.webConfig.setClientCertificate(Optional.of(clientCertificate)); + return TestWebConfigurationBuilder.this; + } + } + public TestSecHubConfigurationBuilder and() { return TestSecHubConfigurationBuilder.this; } @@ -150,6 +169,14 @@ public TestWebConfigurationBuilder addHeaders(List head return this; } + public TestWebClientCertificateConfigBuilder clientCertificate() { + return new TestWebClientCertificateConfigBuilder(); + } + + public TestWebApiConfigBuilder api() { + return new TestWebApiConfigBuilder(); + } + public TestWebLoginConfigurationBuilder login(String loginURL) { return new TestWebLoginConfigurationBuilder(loginURL, this); } diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java new file mode 100644 index 0000000000..db71bb543d --- /dev/null +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java @@ -0,0 +1,38 @@ +// SPDX-License-Identifier: MIT +package com.mercedesbenz.sechub.commons.model; + +import java.util.LinkedHashSet; +import java.util.Optional; +import java.util.Set; + +import javax.crypto.SealedObject; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.mercedesbenz.sechub.commons.core.security.CryptoAccess; + +@JsonIgnoreProperties(ignoreUnknown = true) +public class ClientCertificateConfiguration implements SecHubDataConfigurationUsageByName { + public static final String PROPERTY_PASSWORD = "password"; + + private CryptoAccess cryptoAccess = CryptoAccess.CRYPTO_CHAR_ARRAY; + + private Optional password = Optional.empty(); + private Set namesOfUsedDataConfigurationObjects = new LinkedHashSet<>(); + + @Override + public Set getNamesOfUsedDataConfigurationObjects() { + return namesOfUsedDataConfigurationObjects; + } + + public void setPassword(char[] password) { + this.password = Optional.ofNullable(cryptoAccess.seal(password)); + } + + public char[] getPassword() { + if (password.isEmpty()) { + return null; + } + return cryptoAccess.unseal(password.get()); + } + +} diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubWebScanConfiguration.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubWebScanConfiguration.java index 3ee1010745..679aff9093 100644 --- a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubWebScanConfiguration.java +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubWebScanConfiguration.java @@ -14,9 +14,11 @@ public class SecHubWebScanConfiguration { public static final String PROPERTY_URL = "url"; public static final String PROPERTY_LOGIN = "login"; public static final String PROPERTY_MAX_SCAN_DURATION = "maxScanDuration"; + public static final String PROPERTY_API = "api"; public static final String PROPERTY_INCLUDES = "includes"; public static final String PROPERTY_EXCLUDES = "excludes"; public static final String PROPERTY_HEADERS = "headers"; + public static final String PROPERTY_CLIENT_CERTIFICATE = "clientCertificate"; public static final String WEBSCAN_URL_WILDCARD_SYMBOL = "<*>"; @@ -32,6 +34,8 @@ public class SecHubWebScanConfiguration { Optional> headers = Optional.empty(); + Optional clientCertificate = Optional.empty(); + public URI getUrl() { return url; } @@ -56,6 +60,14 @@ public Optional> getExcludes() { return excludes; } + public Optional> getHeaders() { + return headers; + } + + public Optional getClientCertificate() { + return clientCertificate; + } + public void setLogin(Optional login) { this.login = login; } @@ -80,8 +92,8 @@ public void setExcludes(Optional> excludes) { this.excludes = excludes; } - public Optional> getHeaders() { - return headers; + public void setClientCertificate(Optional clientCertificate) { + this.clientCertificate = clientCertificate; } } diff --git a/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java new file mode 100644 index 0000000000..e1e1529a8b --- /dev/null +++ b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java @@ -0,0 +1,84 @@ +// SPDX-License-Identifier: MIT +package com.mercedesbenz.sechub.commons.model; + +import static org.junit.jupiter.api.Assertions.*; + +import java.util.Set; + +import org.junit.jupiter.api.Test; + +class ClientCertificateConfigurationTest { + + /** + * We have defined the json attribute "use" for the interface + * "SecHubDataConfigurationUsageByName" but not for the class - here we check + * that the "use" attribute works as expected + */ + @Test + void json_attribute_use_is_handled_correctly_without_password_set_by_from_json() { + /* prepare */ + String json = "{ \"use\" : [ \"certificate-reference1\"] }"; + + /* execute */ + ClientCertificateConfiguration config = JSONConverter.get().fromJSON(ClientCertificateConfiguration.class, json); + + /* test */ + Set set = config.getNamesOfUsedDataConfigurationObjects(); + assertNotNull(set); + assertEquals(1, set.size()); + assertTrue(set.contains("certificate-reference1")); + assertNull(config.getPassword()); + } + + /** + * We have defined the json attribute "use" for the interface + * "SecHubDataConfigurationUsageByName" but not for the class - here we check + * that the "use" attribute works as expected + */ + @Test + void json_attribute_use_is_handled_correctly_without_password_set_by_to_json() { + ClientCertificateConfiguration config = new ClientCertificateConfiguration(); + config.getNamesOfUsedDataConfigurationObjects().add("certificate-reference1"); + + /* execute */ + String json = JSONConverter.get().toJSON(config); + + /* test */ + String expected = "{\"use\":[\"certificate-reference1\"]}"; + assertEquals(expected, json); + assertNull(config.getPassword()); + } + + @Test + void json_attribute_use_is_handled_correctly_with_password_set_by_from_json() { + /* prepare */ + String expectedPassword = "secret-password"; + String json = "{ \"password\" : \"" + expectedPassword + "\", \"use\" : [ \"certificate-reference1\"] }"; + + /* execute */ + ClientCertificateConfiguration config = JSONConverter.get().fromJSON(ClientCertificateConfiguration.class, json); + + /* test */ + Set set = config.getNamesOfUsedDataConfigurationObjects(); + assertNotNull(set); + assertEquals(1, set.size()); + assertTrue(set.contains("certificate-reference1")); + + String actualPassword = new String(config.getPassword()); + assertEquals(expectedPassword, actualPassword); + } + + @Test + void json_attribute_use_is_handled_correctly_with_password_set_by_to_json() { + ClientCertificateConfiguration config = new ClientCertificateConfiguration(); + config.getNamesOfUsedDataConfigurationObjects().add("certificate-reference1"); + config.setPassword("secret-password".toCharArray()); + + /* execute */ + String json = JSONConverter.get().toJSON(config); + + /* test */ + String expected = "{\"password\":\"secret-password\",\"use\":[\"certificate-reference1\"]}"; + assertEquals(expected, json); + } +} diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc index 2bc8b34e28..cfeb449e37 100644 --- a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc +++ b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc @@ -254,7 +254,21 @@ include::sechub_config_example3_webscan_login_basicauth.json[] <3> You can set the realm used for basic authentication. But normally this is not necessary and you can use an empty string. - +====== Example client certificate authentication +[source,json,title="client certificate authentication"] +---- +include::sechub_config_example4_webscan_login_clientcertificate.json[] +---- +<1> name of the source <> configuration: "client-certificate-file-reference". + Please use single files only instead of folders to specify the client certificate. + If you want to combine this with an openAPI definition that must be uploaded for the scan as well, + please refer to this <>. +<2> If the client certificate is password protected, the password can be specified here. + Using our SecHub GO client you can make use of the GO templating engine. + Like in the example above the you can provide an environment variable containing the password instead of writing the plaintext password in the json config file. + In the example above the SecHub GO client will substitute the value of `"{{ .CERT_PASSWORD }}"` with the value of `CERT_PASSWORD`. +<3> web scan uses the referenced <> configuration "client-certificate-file-reference". + to obtain the open api configuration file. ====== Example form based login by script [source,json] @@ -301,6 +315,17 @@ include::sechub_config_example8_web_scan_openapi_with_data_reference.json[] <2> web scan uses "openApi" as API type <3> web scan uses the referenced <> configuration "open-api-file-reference" to obtain the open api configuration file + +[[sechub-config-openAPI-and-client-certificate]] +====== Example combination of openAPI definition and client certificate authentication +[source,json,title="Open API scan with client certificate authentication"] +---- +include::sechub_config_example16_webscan_client_certificate_with_openAPI.json[] +---- +<1> Data section with files referenced by the `openAPI` definition. Multiple files (**NOT** folders) are possible. +<2> Data section with the file referenced by the `clientCertificate` definition. Only one single file shall be provided here. +<3> Reference to the data section containing files with your openAPI definitions (e.g. swagger.yml or openAPI.json) +<4> Reference to the data section containing file with your client certificate for authentication. [[sechub-config-example-webscan-header]] ====== Example Header scan diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example16_webscan_client_certificate_with_openAPI.json b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example16_webscan_client_certificate_with_openAPI.json new file mode 100644 index 0000000000..a19dcee441 --- /dev/null +++ b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example16_webscan_client_certificate_with_openAPI.json @@ -0,0 +1,27 @@ +{ + "apiVersion" : "1.0", + "data" : { + "sources" : [ { + "name" : "open-api-file-reference", //<1> + "fileSystem" : { + "files" : [ "gamechanger-webapp/src/main/resources/openapi3.json" ] + } + }, { + "name" : "client-certificate-file-reference", //<2> + "fileSystem" : { + "files" : [ "path/to/backend-cert.p12" ] + } + } ] + }, + "webScan" : { + "url" : "https://productfailure.demo.example.org", + "api" : { + "type" : "openApi", + "use" : [ "open-api-file-reference" ] //<3> + }, + "clientCertificate" : { + "password" : "{{ .CERT_PASSWORD }}", + "use" : [ "client-certificate-file-reference" ] //<4> + } + } +} \ No newline at end of file diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example4_webscan_login_clientcertificate.json b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example4_webscan_login_clientcertificate.json new file mode 100644 index 0000000000..85ea91164f --- /dev/null +++ b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example4_webscan_login_clientcertificate.json @@ -0,0 +1,19 @@ +{ + "apiVersion" : "1.0", + "project" : "example_project", + "data" : { + "sources" : [ { + "name" : "client-certificate-file-reference", //<1> + "fileSystem" : { + "files" : [ "path/to/backend-cert.p12" ] + } + } ] + }, + "webScan" : { + "url" : "https://my-app.com", + "clientCertificate" : { + "password" : "{{ .CERT_PASSWORD }}", //<2> + "use" : [ "client-certificate-file-reference" ] //<3> + } + } +} \ No newline at end of file diff --git a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java index e589529c53..cc27b97469 100644 --- a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java +++ b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java @@ -1,19 +1,40 @@ // SPDX-License-Identifier: MIT package com.mercedesbenz.sechub.restdoc; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.*; -import static com.mercedesbenz.sechub.commons.model.TestSecHubConfigurationBuilder.*; -import static com.mercedesbenz.sechub.restdoc.RestDocumentation.*; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.*; -import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.*; -import static org.mockito.ArgumentMatchers.*; -import static org.mockito.Mockito.*; -import static org.springframework.restdocs.headers.HeaderDocumentation.*; -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.*; -import static org.springframework.restdocs.payload.PayloadDocumentation.*; -import static org.springframework.restdocs.request.RequestDocumentation.*; -import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_API_VERSION; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_CODE_SCAN; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_DATA; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_INFRA_SCAN; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_WEB_SCAN; +import static com.mercedesbenz.sechub.commons.model.TestSecHubConfigurationBuilder.configureSecHub; +import static com.mercedesbenz.sechub.restdoc.RestDocumentation.defineRestService; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.JOB_UUID; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.PAGE; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.PROJECT_ID; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.SIZE; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.WITH_META_DATA; +import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.https; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; +import static org.springframework.restdocs.headers.HeaderDocumentation.headerWithName; +import static org.springframework.restdocs.headers.HeaderDocumentation.requestHeaders; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.multipart; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.post; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.put; +import static org.springframework.restdocs.payload.PayloadDocumentation.fieldWithPath; +import static org.springframework.restdocs.payload.PayloadDocumentation.requestFields; +import static org.springframework.restdocs.payload.PayloadDocumentation.responseFields; +import static org.springframework.restdocs.request.RequestDocumentation.parameterWithName; +import static org.springframework.restdocs.request.RequestDocumentation.partWithName; +import static org.springframework.restdocs.request.RequestDocumentation.pathParameters; +import static org.springframework.restdocs.request.RequestDocumentation.requestParameters; +import static org.springframework.restdocs.request.RequestDocumentation.requestParts; +import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; import java.io.InputStream; import java.lang.annotation.Annotation; @@ -46,6 +67,7 @@ import org.springframework.util.StringUtils; import com.mercedesbenz.sechub.commons.core.CommonConstants; +import com.mercedesbenz.sechub.commons.model.ClientCertificateConfiguration; import com.mercedesbenz.sechub.commons.model.HTTPHeaderConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubCodeScanConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubConfigurationMetaData; @@ -55,6 +77,8 @@ import com.mercedesbenz.sechub.commons.model.SecHubInfrastructureScanConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubSourceDataConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubTimeUnit; +import com.mercedesbenz.sechub.commons.model.SecHubWebScanApiConfiguration; +import com.mercedesbenz.sechub.commons.model.SecHubWebScanApiType; import com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration; import com.mercedesbenz.sechub.commons.model.TrafficLight; import com.mercedesbenz.sechub.commons.model.WebScanDurationConfiguration; @@ -404,6 +428,144 @@ public void restDoc_userCreatesNewJob_webscan_anonymous() throws Exception { /* @formatter:on */ } + @Test + @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web scan client certificate authentication") + public void restDoc_userCreatesNewJob_webscan_client_certificate_authentication() throws Exception { + /* prepare */ + String apiEndpoint = https(PORT_USED).buildAddJobUrl(PROJECT_ID.pathElement()); + Class useCase = UseCaseUserCreatesNewJob.class; + + UUID randomUUID = UUID.randomUUID(); + SchedulerResult mockResult = new SchedulerResult(randomUUID); + + String dataReferenceName = "client-certificate-file-reference"; + + when(mockedScheduleCreateJobService.createJob(any(), any(SecHubConfiguration.class))).thenReturn(mockResult); + + /* execute + test @formatter:off */ + this.mockMvc.perform( + post(apiEndpoint,PROJECT1_ID). + contentType(MediaType.APPLICATION_JSON_VALUE). + content(configureSecHub(). + api("1.0"). + webConfig(). + addURI("https://localhost/mywebapp"). + clientCertificate(). + password("example-password".toCharArray()). + useDataReferences(dataReferenceName). + end(). + and(). + data(). + withSource(). + uniqueName(dataReferenceName). + fileSystemFiles("testproject1/src/other/backend.p12"). + end(). + and(). + build(). + toJSON()) + ). + andExpect(status().isOk()). + andExpect(content().json("{jobId:"+randomUUID.toString()+"}")). + andDo(defineRestService(). + with(). + useCaseData(useCase, "Web Scan anonymous"). + tag(RestDocFactory.extractTag(apiEndpoint)). + requestSchema(OpenApiSchema.SCAN_JOB.getSchema()). + responseSchema(OpenApiSchema.JOB_ID.getSchema()). + and(). + document( + requestHeaders( + + ), + pathParameters( + parameterWithName(PROJECT_ID.paramName()).description("The unique id of the project id where a new sechub job shall be created") + ), + requestFields( + fieldWithPath(PROPERTY_API_VERSION).description("The api version, currently only 1.0 is supported"), + fieldWithPath(PROPERTY_WEB_SCAN).description("Webscan configuration block").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_URL).description("Webscan URL to scan for").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+SecHubDataConfigurationUsageByName.PROPERTY_USE).description("Unique reference name").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+ClientCertificateConfiguration.PROPERTY_PASSWORD).description("Password for the client certificate").optional(), + fieldWithPath(PROPERTY_DATA+"."+SecHubDataConfiguration.PROPERTY_SOURCES+"[]."+SecHubSourceDataConfiguration.PROPERTY_FILESYSTEM+"."+SecHubFileSystemConfiguration.PROPERTY_FILES+"[]").description("Single client certificate file given file system files").optional() + + ), + responseFields( + fieldWithPath(SchedulerResult.PROPERTY_JOBID).description("A unique job id") + ) + )); + + /* @formatter:on */ + } + + @Test + @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web scan openAPI") + public void restDoc_userCreatesNewJob_webscan_openapi_scan() throws Exception { + /* prepare */ + String apiEndpoint = https(PORT_USED).buildAddJobUrl(PROJECT_ID.pathElement()); + Class useCase = UseCaseUserCreatesNewJob.class; + + UUID randomUUID = UUID.randomUUID(); + SchedulerResult mockResult = new SchedulerResult(randomUUID); + + String dataReferenceName = "open-api-file-reference"; + + when(mockedScheduleCreateJobService.createJob(any(), any(SecHubConfiguration.class))).thenReturn(mockResult); + + /* execute + test @formatter:off */ + this.mockMvc.perform( + post(apiEndpoint,PROJECT1_ID). + contentType(MediaType.APPLICATION_JSON_VALUE). + content(configureSecHub(). + api("1.0"). + webConfig(). + addURI("https://localhost/mywebapp"). + api(). + type(SecHubWebScanApiType.OPEN_API). + useDataReferences(dataReferenceName). + end(). + and(). + data(). + withSource(). + uniqueName(dataReferenceName). + fileSystemFiles("testproject1/src/other/openAPI3.json"). + end(). + and(). + build(). + toJSON()) + ). + andExpect(status().isOk()). + andExpect(content().json("{jobId:"+randomUUID.toString()+"}")). + andDo(defineRestService(). + with(). + useCaseData(useCase, "Web Scan anonymous"). + tag(RestDocFactory.extractTag(apiEndpoint)). + requestSchema(OpenApiSchema.SCAN_JOB.getSchema()). + responseSchema(OpenApiSchema.JOB_ID.getSchema()). + and(). + document( + requestHeaders( + + ), + pathParameters( + parameterWithName(PROJECT_ID.paramName()).description("The unique id of the project id where a new sechub job shall be created") + ), + requestFields( + fieldWithPath(PROPERTY_API_VERSION).description("The api version, currently only 1.0 is supported"), + fieldWithPath(PROPERTY_WEB_SCAN).description("Webscan configuration block").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_URL).description("Webscan URL to scan for").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_API+"."+SecHubDataConfigurationUsageByName.PROPERTY_USE).description("Unique reference name").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_API+"."+SecHubWebScanApiConfiguration.PROPERTY_TYPE).description("Type of API definition").optional(), + fieldWithPath(PROPERTY_DATA+"."+SecHubDataConfiguration.PROPERTY_SOURCES+"[]."+SecHubSourceDataConfiguration.PROPERTY_FILESYSTEM+"."+SecHubFileSystemConfiguration.PROPERTY_FILES+"[]").description("OpenAPI files from given file system files").optional() + + ), + responseFields( + fieldWithPath(SchedulerResult.PROPERTY_JOBID).description("A unique job id") + ) + )); + + /* @formatter:on */ + } + @Test @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web Scan login basic") public void restDoc_userCreatesNewJob_webscan_login_basic() throws Exception { From e0cb55d33247f9bfbb0a96e9dbf1a9cc093767ab Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Wed, 8 Nov 2023 16:22:52 +0100 Subject: [PATCH 02/12] undo some changes #2651 --- .../model/TestSecHubConfigurationBuilder.java | 29 +-- .../SchedulerRestControllerRestDocTest.java | 188 ++---------------- 2 files changed, 14 insertions(+), 203 deletions(-) diff --git a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java index 1c430c5868..435a7033ad 100644 --- a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java +++ b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java @@ -110,31 +110,12 @@ public TestWebApiConfigBuilder useDataReferences(String... referenceNames) { return this; } - public TestWebConfigurationBuilder end() { + public TestWebConfigurationBuilder and() { testData.webConfig.setApi(Optional.of(api)); return TestWebConfigurationBuilder.this; } } - public class TestWebClientCertificateConfigBuilder { - ClientCertificateConfiguration clientCertificate = new ClientCertificateConfiguration(); - - public TestWebClientCertificateConfigBuilder password(char[] password) { - this.clientCertificate.setPassword(password); - return this; - } - - public TestWebClientCertificateConfigBuilder useDataReferences(String... referenceNames) { - this.clientCertificate.getNamesOfUsedDataConfigurationObjects().addAll(Arrays.asList(referenceNames)); - return this; - } - - public TestWebConfigurationBuilder end() { - testData.webConfig.setClientCertificate(Optional.of(clientCertificate)); - return TestWebConfigurationBuilder.this; - } - } - public TestSecHubConfigurationBuilder and() { return TestSecHubConfigurationBuilder.this; } @@ -169,14 +150,6 @@ public TestWebConfigurationBuilder addHeaders(List head return this; } - public TestWebClientCertificateConfigBuilder clientCertificate() { - return new TestWebClientCertificateConfigBuilder(); - } - - public TestWebApiConfigBuilder api() { - return new TestWebApiConfigBuilder(); - } - public TestWebLoginConfigurationBuilder login(String loginURL) { return new TestWebLoginConfigurationBuilder(loginURL, this); } diff --git a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java index cc27b97469..e589529c53 100644 --- a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java +++ b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java @@ -1,40 +1,19 @@ // SPDX-License-Identifier: MIT package com.mercedesbenz.sechub.restdoc; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_API_VERSION; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_CODE_SCAN; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_DATA; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_INFRA_SCAN; -import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.PROPERTY_WEB_SCAN; -import static com.mercedesbenz.sechub.commons.model.TestSecHubConfigurationBuilder.configureSecHub; -import static com.mercedesbenz.sechub.restdoc.RestDocumentation.defineRestService; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.JOB_UUID; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.PAGE; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.PROJECT_ID; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.SIZE; -import static com.mercedesbenz.sechub.test.RestDocPathParameter.WITH_META_DATA; -import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.https; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.ArgumentMatchers.eq; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; -import static org.springframework.restdocs.headers.HeaderDocumentation.headerWithName; -import static org.springframework.restdocs.headers.HeaderDocumentation.requestHeaders; -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get; -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.multipart; -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.post; -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.put; -import static org.springframework.restdocs.payload.PayloadDocumentation.fieldWithPath; -import static org.springframework.restdocs.payload.PayloadDocumentation.requestFields; -import static org.springframework.restdocs.payload.PayloadDocumentation.responseFields; -import static org.springframework.restdocs.request.RequestDocumentation.parameterWithName; -import static org.springframework.restdocs.request.RequestDocumentation.partWithName; -import static org.springframework.restdocs.request.RequestDocumentation.pathParameters; -import static org.springframework.restdocs.request.RequestDocumentation.requestParameters; -import static org.springframework.restdocs.request.RequestDocumentation.requestParts; -import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; +import static com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel.*; +import static com.mercedesbenz.sechub.commons.model.TestSecHubConfigurationBuilder.*; +import static com.mercedesbenz.sechub.restdoc.RestDocumentation.*; +import static com.mercedesbenz.sechub.test.RestDocPathParameter.*; +import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.*; +import static org.mockito.ArgumentMatchers.*; +import static org.mockito.Mockito.*; +import static org.springframework.restdocs.headers.HeaderDocumentation.*; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.*; +import static org.springframework.restdocs.payload.PayloadDocumentation.*; +import static org.springframework.restdocs.request.RequestDocumentation.*; +import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; import java.io.InputStream; import java.lang.annotation.Annotation; @@ -67,7 +46,6 @@ import org.springframework.util.StringUtils; import com.mercedesbenz.sechub.commons.core.CommonConstants; -import com.mercedesbenz.sechub.commons.model.ClientCertificateConfiguration; import com.mercedesbenz.sechub.commons.model.HTTPHeaderConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubCodeScanConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubConfigurationMetaData; @@ -77,8 +55,6 @@ import com.mercedesbenz.sechub.commons.model.SecHubInfrastructureScanConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubSourceDataConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubTimeUnit; -import com.mercedesbenz.sechub.commons.model.SecHubWebScanApiConfiguration; -import com.mercedesbenz.sechub.commons.model.SecHubWebScanApiType; import com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration; import com.mercedesbenz.sechub.commons.model.TrafficLight; import com.mercedesbenz.sechub.commons.model.WebScanDurationConfiguration; @@ -428,144 +404,6 @@ public void restDoc_userCreatesNewJob_webscan_anonymous() throws Exception { /* @formatter:on */ } - @Test - @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web scan client certificate authentication") - public void restDoc_userCreatesNewJob_webscan_client_certificate_authentication() throws Exception { - /* prepare */ - String apiEndpoint = https(PORT_USED).buildAddJobUrl(PROJECT_ID.pathElement()); - Class useCase = UseCaseUserCreatesNewJob.class; - - UUID randomUUID = UUID.randomUUID(); - SchedulerResult mockResult = new SchedulerResult(randomUUID); - - String dataReferenceName = "client-certificate-file-reference"; - - when(mockedScheduleCreateJobService.createJob(any(), any(SecHubConfiguration.class))).thenReturn(mockResult); - - /* execute + test @formatter:off */ - this.mockMvc.perform( - post(apiEndpoint,PROJECT1_ID). - contentType(MediaType.APPLICATION_JSON_VALUE). - content(configureSecHub(). - api("1.0"). - webConfig(). - addURI("https://localhost/mywebapp"). - clientCertificate(). - password("example-password".toCharArray()). - useDataReferences(dataReferenceName). - end(). - and(). - data(). - withSource(). - uniqueName(dataReferenceName). - fileSystemFiles("testproject1/src/other/backend.p12"). - end(). - and(). - build(). - toJSON()) - ). - andExpect(status().isOk()). - andExpect(content().json("{jobId:"+randomUUID.toString()+"}")). - andDo(defineRestService(). - with(). - useCaseData(useCase, "Web Scan anonymous"). - tag(RestDocFactory.extractTag(apiEndpoint)). - requestSchema(OpenApiSchema.SCAN_JOB.getSchema()). - responseSchema(OpenApiSchema.JOB_ID.getSchema()). - and(). - document( - requestHeaders( - - ), - pathParameters( - parameterWithName(PROJECT_ID.paramName()).description("The unique id of the project id where a new sechub job shall be created") - ), - requestFields( - fieldWithPath(PROPERTY_API_VERSION).description("The api version, currently only 1.0 is supported"), - fieldWithPath(PROPERTY_WEB_SCAN).description("Webscan configuration block").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_URL).description("Webscan URL to scan for").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+SecHubDataConfigurationUsageByName.PROPERTY_USE).description("Unique reference name").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+ClientCertificateConfiguration.PROPERTY_PASSWORD).description("Password for the client certificate").optional(), - fieldWithPath(PROPERTY_DATA+"."+SecHubDataConfiguration.PROPERTY_SOURCES+"[]."+SecHubSourceDataConfiguration.PROPERTY_FILESYSTEM+"."+SecHubFileSystemConfiguration.PROPERTY_FILES+"[]").description("Single client certificate file given file system files").optional() - - ), - responseFields( - fieldWithPath(SchedulerResult.PROPERTY_JOBID).description("A unique job id") - ) - )); - - /* @formatter:on */ - } - - @Test - @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web scan openAPI") - public void restDoc_userCreatesNewJob_webscan_openapi_scan() throws Exception { - /* prepare */ - String apiEndpoint = https(PORT_USED).buildAddJobUrl(PROJECT_ID.pathElement()); - Class useCase = UseCaseUserCreatesNewJob.class; - - UUID randomUUID = UUID.randomUUID(); - SchedulerResult mockResult = new SchedulerResult(randomUUID); - - String dataReferenceName = "open-api-file-reference"; - - when(mockedScheduleCreateJobService.createJob(any(), any(SecHubConfiguration.class))).thenReturn(mockResult); - - /* execute + test @formatter:off */ - this.mockMvc.perform( - post(apiEndpoint,PROJECT1_ID). - contentType(MediaType.APPLICATION_JSON_VALUE). - content(configureSecHub(). - api("1.0"). - webConfig(). - addURI("https://localhost/mywebapp"). - api(). - type(SecHubWebScanApiType.OPEN_API). - useDataReferences(dataReferenceName). - end(). - and(). - data(). - withSource(). - uniqueName(dataReferenceName). - fileSystemFiles("testproject1/src/other/openAPI3.json"). - end(). - and(). - build(). - toJSON()) - ). - andExpect(status().isOk()). - andExpect(content().json("{jobId:"+randomUUID.toString()+"}")). - andDo(defineRestService(). - with(). - useCaseData(useCase, "Web Scan anonymous"). - tag(RestDocFactory.extractTag(apiEndpoint)). - requestSchema(OpenApiSchema.SCAN_JOB.getSchema()). - responseSchema(OpenApiSchema.JOB_ID.getSchema()). - and(). - document( - requestHeaders( - - ), - pathParameters( - parameterWithName(PROJECT_ID.paramName()).description("The unique id of the project id where a new sechub job shall be created") - ), - requestFields( - fieldWithPath(PROPERTY_API_VERSION).description("The api version, currently only 1.0 is supported"), - fieldWithPath(PROPERTY_WEB_SCAN).description("Webscan configuration block").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_URL).description("Webscan URL to scan for").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_API+"."+SecHubDataConfigurationUsageByName.PROPERTY_USE).description("Unique reference name").optional(), - fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_API+"."+SecHubWebScanApiConfiguration.PROPERTY_TYPE).description("Type of API definition").optional(), - fieldWithPath(PROPERTY_DATA+"."+SecHubDataConfiguration.PROPERTY_SOURCES+"[]."+SecHubSourceDataConfiguration.PROPERTY_FILESYSTEM+"."+SecHubFileSystemConfiguration.PROPERTY_FILES+"[]").description("OpenAPI files from given file system files").optional() - - ), - responseFields( - fieldWithPath(SchedulerResult.PROPERTY_JOBID).description("A unique job id") - ) - )); - - /* @formatter:on */ - } - @Test @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web Scan login basic") public void restDoc_userCreatesNewJob_webscan_login_basic() throws Exception { From 3cb981b6c33dc3305fd65fcd1909bbb03ea1ad7a Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Wed, 8 Nov 2023 17:30:23 +0100 Subject: [PATCH 03/12] fix typos and remove duplicates in documentation #2524 --- .../shared/configuration/sechub_config.adoc | 20 +++++-------------- ...ub_config_example2_webscan_anonymous.json} | 0 2 files changed, 5 insertions(+), 15 deletions(-) rename sechub-doc/src/docs/asciidoc/documents/shared/configuration/{sechub_config_example2_webscan_anonyous.json => sechub_config_example2_webscan_anonymous.json} (100%) diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc index cfeb449e37..3cc6b649f6 100644 --- a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc +++ b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc @@ -174,7 +174,7 @@ WARNING: The URL must be whitelisted in your project. Otherwise it will be rejec [[sechub-config-example-webscan-anonymous]] [source, json] ---- -include::sechub_config_example2_webscan_anonyous.json[] +include::sechub_config_example2_webscan_anonymous.json[] ---- <1> Define web scan <2> The `URL` to scan. This `URL` must be whitelisted in `{sechub}` project. Normally without a slash `/` at the end. @@ -234,26 +234,16 @@ When a web scan product (or its adapter) does not support your wanted options yo will have a failure at execution time! ==== -====== Example no authentication +====== Example basic authentication [source,json] ---- include::sechub_config_example3_webscan_login_basicauth.json[] ---- <1> URL for web login -<2> Basic authentication start, needs user id/name and password. +<2> Basic authentication, needs user id/name and password. <3> *Optional*: You can set the realm used for basic authentication. But normally this is not necessary. -====== Example basic authentication -[source,json] ----- -include::sechub_config_example3_webscan_login_basicauth.json[] ----- -<1> URL for web login -<2> Basic authentication start, needs user id/name and password. -<3> You can set the realm used for basic authentication. But normally - this is not necessary and you can use an empty string. - ====== Example client certificate authentication [source,json,title="client certificate authentication"] ---- @@ -263,10 +253,10 @@ include::sechub_config_example4_webscan_login_clientcertificate.json[] Please use single files only instead of folders to specify the client certificate. If you want to combine this with an openAPI definition that must be uploaded for the scan as well, please refer to this <>. -<2> If the client certificate is password protected, the password can be specified here. +<2> *Optional*: If the client certificate is password protected, the password can be specified here. Using our SecHub GO client you can make use of the GO templating engine. Like in the example above the you can provide an environment variable containing the password instead of writing the plaintext password in the json config file. - In the example above the SecHub GO client will substitute the value of `"{{ .CERT_PASSWORD }}"` with the value of `CERT_PASSWORD`. + In the example above the SecHub GO client will substitute the value of `"{{ .CERT_PASSWORD }}"` with the value of the environment variable `CERT_PASSWORD`. <3> web scan uses the referenced <> configuration "client-certificate-file-reference". to obtain the open api configuration file. diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonyous.json b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonymous.json similarity index 100% rename from sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonyous.json rename to sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonymous.json From 823f562e699ec63fc8ec23288099cf591da992e2 Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Wed, 8 Nov 2023 17:55:26 +0100 Subject: [PATCH 04/12] fix typo #2651 --- .../src/test/java/com/mercedesbenz/sechub/ExampleFile.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFile.java b/sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFile.java index 0367ae3326..f3bdcf508d 100644 --- a/sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFile.java +++ b/sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFile.java @@ -15,7 +15,7 @@ public enum ExampleFile { LICENSESCAN_AND_CODESCAN_WITH_SOURCES_DATA_REFERENCE( "src/docs/asciidoc/documents/shared/configuration/sechub_config_example11_license_scan_and_code_scan_with_sources_data_reference.json"), - WEBSCAN_ANONYMOUS("src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonyous.json"), + WEBSCAN_ANONYMOUS("src/docs/asciidoc/documents/shared/configuration/sechub_config_example2_webscan_anonymous.json"), WEBSCAN_BASIC_AUTH("src/docs/asciidoc/documents/shared/configuration/sechub_config_example3_webscan_login_basicauth.json"), From 7601cf6906603576646497bf3df7cf4ee3a8a737 Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Thu, 9 Nov 2023 11:54:37 +0100 Subject: [PATCH 05/12] fix documentation #2524 --- .../documents/shared/configuration/sechub_config.adoc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc index 3cc6b649f6..67063bb7d8 100644 --- a/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc +++ b/sechub-doc/src/docs/asciidoc/documents/shared/configuration/sechub_config.adoc @@ -255,10 +255,9 @@ include::sechub_config_example4_webscan_login_clientcertificate.json[] please refer to this <>. <2> *Optional*: If the client certificate is password protected, the password can be specified here. Using our SecHub GO client you can make use of the GO templating engine. - Like in the example above the you can provide an environment variable containing the password instead of writing the plaintext password in the json config file. + Like in the example above the you can provide an environment variable containing the password instead of writing the plaintext password in the JSON configuration file. In the example above the SecHub GO client will substitute the value of `"{{ .CERT_PASSWORD }}"` with the value of the environment variable `CERT_PASSWORD`. -<3> web scan uses the referenced <> configuration "client-certificate-file-reference". - to obtain the open api configuration file. +<3> web scan uses the referenced <> configuration "client-certificate-file-reference", to obtain the client certificate file. ====== Example form based login by script [source,json] From 12b96b4577a822517604d875cd5726916a0ac041 Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Thu, 9 Nov 2023 15:22:43 +0100 Subject: [PATCH 06/12] add test for client certificate in sechub webscan config #2524 --- .../ClientCertificateConfigurationTest.java | 108 +++++++++++++++++- 1 file changed, 107 insertions(+), 1 deletion(-) diff --git a/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java index e1e1529a8b..90679a73a4 100644 --- a/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java +++ b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java @@ -1,8 +1,12 @@ // SPDX-License-Identifier: MIT package com.mercedesbenz.sechub.commons.model; -import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assertions.assertTrue; +import java.util.Optional; import java.util.Set; import org.junit.jupiter.api.Test; @@ -81,4 +85,106 @@ void json_attribute_use_is_handled_correctly_with_password_set_by_to_json() { String expected = "{\"password\":\"secret-password\",\"use\":[\"certificate-reference1\"]}"; assertEquals(expected, json); } + + @Test + void from_json_handles_sechub_config_with_client_certificate_correctly() { + /* prepare */ + String json = """ + { + "apiVersion" : "1.0", + "data" : { + "sources" : [ { + "name" : "client-certificate-file-reference", + "fileSystem" : { + "files" : [ "path/to/backend-cert.p12" ] + } + } ] + }, + "webScan" : { + "url" : "https://my-app.com", + "clientCertificate" : { + "password" : "example-password", + "use" : [ "client-certificate-file-reference" ] + } + } + } + """; + + /* execute */ + SecHubScanConfiguration sechubConfig = JSONConverter.get().fromJSON(SecHubScanConfiguration.class, json); + + /* test */ + // check for expected data section + assertTrue(sechubConfig.getData().isPresent()); + + SecHubDataConfiguration secHubDataConfiguration = sechubConfig.getData().get(); + assertEquals(1, secHubDataConfiguration.getSources().size()); + assertEquals(0, secHubDataConfiguration.getBinaries().size()); + + SecHubSourceDataConfiguration sources = secHubDataConfiguration.getSources().get(0); + assertTrue(sources.getFileSystem().isPresent()); + assertEquals("client-certificate-file-reference", sources.getUniqueName()); + + SecHubFileSystemConfiguration secHubFileSystemConfiguration = sources.getFileSystem().get(); + assertEquals(0, secHubFileSystemConfiguration.getFolders().size()); + assertEquals(1, secHubFileSystemConfiguration.getFiles().size()); + assertTrue(secHubFileSystemConfiguration.getFiles().contains("path/to/backend-cert.p12")); + + // check for expected web scan config parts + assertTrue(sechubConfig.getWebScan().isPresent()); + + SecHubWebScanConfiguration secHubWebScanConfiguration = sechubConfig.getWebScan().get(); + assertTrue(secHubWebScanConfiguration.getClientCertificate().isPresent()); + + ClientCertificateConfiguration clientCertificate = secHubWebScanConfiguration.getClientCertificate().get(); + + Set set = clientCertificate.getNamesOfUsedDataConfigurationObjects(); + assertNotNull(set); + assertEquals(1, set.size()); + assertTrue(set.contains("client-certificate-file-reference")); + + String actualPassword = new String(clientCertificate.getPassword()); + assertEquals("example-password", actualPassword); + } + + @Test + void to_json_handles_sechub_config_with_client_certificate_correctly() { + /* prepare */ + SecHubScanConfiguration sechubConfig = createSecHubConfigWithClientCertificateConfig(); + String expectedJson = "{\"webScan\":{\"clientCertificate\":{\"password\":\"example-password\",\"use\":[\"client-certificate-file-reference\"]}}," + + "\"data\":{\"sources\":[{\"fileSystem\":{\"files\":[\"path/to/backend-cert.p12\"],\"folders\":[]},\"name\":\"client-certificate-file-reference\"}],\"binaries\":[]}}"; + + /* execute */ + String json = JSONConverter.get().toJSON(sechubConfig); + + /* test */ + assertEquals(expectedJson, json); + } + + private SecHubScanConfiguration createSecHubConfigWithClientCertificateConfig() { + // create data section + SecHubFileSystemConfiguration fileSystem = new SecHubFileSystemConfiguration(); + fileSystem.getFiles().add("path/to/backend-cert.p12"); + + SecHubSourceDataConfiguration sourceDataConfig = new SecHubSourceDataConfiguration(); + sourceDataConfig.setFileSystem(fileSystem); + sourceDataConfig.setUniqueName("client-certificate-file-reference"); + + SecHubDataConfiguration dataConfig = new SecHubDataConfiguration(); + dataConfig.getSources().add(sourceDataConfig); + + // create client certificate + ClientCertificateConfiguration clientCertificateConfiguration = new ClientCertificateConfiguration(); + clientCertificateConfiguration.setPassword("example-password".toCharArray()); + clientCertificateConfiguration.getNamesOfUsedDataConfigurationObjects().add("client-certificate-file-reference"); + + // create SecHub configuration + SecHubWebScanConfiguration webscanConfig = new SecHubWebScanConfiguration(); + webscanConfig.setClientCertificate(Optional.ofNullable(clientCertificateConfiguration)); + + SecHubScanConfiguration sechubConfig = new SecHubScanConfiguration(); + sechubConfig.setData(dataConfig); + sechubConfig.setWebScan(webscanConfig); + return sechubConfig; + } } From 283af0c00764d57844b58a42e0dcff7ba1d06b68 Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Mon, 13 Nov 2023 16:58:16 +0100 Subject: [PATCH 07/12] add restdoc test for webscan using client certificate #2524 - add restdoc test - extend TestSecHubConfigurationBuilder - extend openapi-workaround.gradle --- .../src/main/resources/reduced-openapi3.json | 476 +++++++++--------- .../model/TestSecHubConfigurationBuilder.java | 5 + sechub-doc/openapi-workaround.gradle | 1 + .../SchedulerRestControllerRestDocTest.java | 60 +++ 4 files changed, 312 insertions(+), 230 deletions(-) diff --git a/sechub-api-java/src/main/resources/reduced-openapi3.json b/sechub-api-java/src/main/resources/reduced-openapi3.json index 6c42105560..dd10836526 100644 --- a/sechub-api-java/src/main/resources/reduced-openapi3.json +++ b/sechub-api-java/src/main/resources/reduced-openapi3.json @@ -2919,6 +2919,55 @@ } } }, + "ExecutionProfileFetch": { + "title": "ExecutionProfileFetch", + "type": "object", + "properties": { + "configurations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "productIdentifier": { + "type": "string", + "description": "executed product" + }, + "name": { + "type": "string", + "description": "name of configuration" + }, + "executorVersion": { + "type": "number", + "description": "executor version" + }, + "uuid": { + "type": "string", + "description": "uuid of configuration" + }, + "enabled": { + "type": "boolean", + "description": "enabled state of this config" + } + } + } + }, + "description": { + "type": "string", + "description": "A short description for the profile" + }, + "projectIds": { + "type": "array", + "description": "Projects can be linked by their ids here", + "items": { + "type": "string" + } + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile, default is false" + } + } + }, "FalsePositives": { "title": "FalsePositives", "type": "object", @@ -3032,55 +3081,6 @@ } } }, - "ExecutionProfileFetch": { - "title": "ExecutionProfileFetch", - "type": "object", - "properties": { - "configurations": { - "type": "array", - "items": { - "type": "object", - "properties": { - "productIdentifier": { - "type": "string", - "description": "executed product" - }, - "name": { - "type": "string", - "description": "name of configuration" - }, - "executorVersion": { - "type": "number", - "description": "executor version" - }, - "uuid": { - "type": "string", - "description": "uuid of configuration" - }, - "enabled": { - "type": "boolean", - "description": "enabled state of this config" - } - } - } - }, - "description": { - "type": "string", - "description": "A short description for the profile" - }, - "projectIds": { - "type": "array", - "description": "Projects can be linked by their ids here", - "items": { - "type": "string" - } - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile, default is false" - } - } - }, "FullScanDataZIP": { "title": "FullScanDataZIP", "type": "object" @@ -3121,187 +3121,6 @@ "title": "ServerVersion", "type": "object" }, - "ExecutionProfileCreate": { - "title": "ExecutionProfileCreate", - "type": "object", - "properties": { - "configurations": { - "type": "array", - "description": "Configurations can be linked at creation time as well - see update description", - "items": { - "type": "string" - } - }, - "description": { - "type": "string", - "description": "A short description for the profile" - }, - "projectIds": { - "type": "array", - "description": "Projects can be linked by their ids at creation time as well - see update description", - "items": { - "type": "string" - } - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile, default is false" - } - } - }, - "JobId": { - "title": "JobId", - "type": "object", - "properties": { - "jobId": { - "type": "string", - "description": "A unique job id" - } - } - }, - "ProjectWhitelistUpdate": { - "title": "ProjectWhitelistUpdate", - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "whiteList": { - "type": "object", - "properties": { - "uris": { - "type": "array", - "description": "All URIS used now for whitelisting. Former parts will be replaced completely!", - "items": { - "type": "string" - } - } - } - } - } - }, - "JobStatus": { - "title": "JobStatus", - "type": "object", - "properties": { - "result": { - "type": "string", - "description": "Result of job" - }, - "owner": { - "type": "string", - "description": "Owner / initiator of job" - }, - "jobUUID": { - "type": "string", - "description": "The job uuid" - }, - "created": { - "type": "string", - "description": "Creation timestamp of job" - }, - "ended": { - "type": "string", - "description": "End timestamp of job execution" - }, - "started": { - "type": "string", - "description": "Start timestamp of job execution" - }, - "state": { - "type": "string", - "description": "State of job" - }, - "trafficLight": { - "type": "string", - "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" - } - } - }, - "ProjectMetaData": { - "title": "ProjectMetaData", - "type": "object", - "properties": { - "metaData": { - "type": "object", - "properties": { - "key1": { - "type": "string", - "description": "An arbitrary metadata key." - } - }, - "description": "Metadata object. Contains key-value pairs." - }, - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - } - } - }, - "ListOfSignups": { - "title": "ListOfSignups", - "type": "array", - "description": "List of user signups", - "items": { - "type": "object", - "properties": { - "emailAdress": { - "type": "string", - "description": "The email address" - }, - "userId": { - "type": "string", - "description": "The user id" - } - }, - "description": "List of user signups" - } - }, - "ListOfRunningJobs": { - "title": "ListOfRunningJobs", - "type": "array", - "items": { - "type": "object", - "properties": { - "owner": { - "type": "string", - "description": "Owner of the job - means user which triggered it" - }, - "jobUUID": { - "type": "string", - "description": "The uuid of the running job" - }, - "configuration": { - "type": "string", - "description": "Configuration used for this job" - }, - "projectId": { - "type": "string", - "description": "The name of the project the job is running for" - }, - "since": { - "type": "string", - "description": "Timestamp since when job has been started" - }, - "status": { - "type": "string", - "description": "A status information " - } - } - } - }, - "ListOfProjects": { - "type": "array", - "description": "List of project Ids", - "items": { - "type": "string" - } - }, - "SecHubReport": { - "title": "SecHubReport", - "type": "object" - }, "ScanJob": { "title": "ScanJob", "type": "object", @@ -3473,6 +3292,22 @@ } } }, + "clientCertificate": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password the client certificate file is protected with" + }, + "use": { + "type": "array", + "description": "Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.", + "items": { + "type": "string" + } + } + } + }, "excludes": { "type": "array", "description": "Exclude URL sub-paths to scan. Example: /admin", @@ -3584,6 +3419,187 @@ } } }, + "JobId": { + "title": "JobId", + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "A unique job id" + } + } + }, + "ExecutionProfileCreate": { + "title": "ExecutionProfileCreate", + "type": "object", + "properties": { + "configurations": { + "type": "array", + "description": "Configurations can be linked at creation time as well - see update description", + "items": { + "type": "string" + } + }, + "description": { + "type": "string", + "description": "A short description for the profile" + }, + "projectIds": { + "type": "array", + "description": "Projects can be linked by their ids at creation time as well - see update description", + "items": { + "type": "string" + } + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile, default is false" + } + } + }, + "ProjectWhitelistUpdate": { + "title": "ProjectWhitelistUpdate", + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "whiteList": { + "type": "object", + "properties": { + "uris": { + "type": "array", + "description": "All URIS used now for whitelisting. Former parts will be replaced completely!", + "items": { + "type": "string" + } + } + } + } + } + }, + "JobStatus": { + "title": "JobStatus", + "type": "object", + "properties": { + "result": { + "type": "string", + "description": "Result of job" + }, + "owner": { + "type": "string", + "description": "Owner / initiator of job" + }, + "jobUUID": { + "type": "string", + "description": "The job uuid" + }, + "created": { + "type": "string", + "description": "Creation timestamp of job" + }, + "ended": { + "type": "string", + "description": "End timestamp of job execution" + }, + "started": { + "type": "string", + "description": "Start timestamp of job execution" + }, + "state": { + "type": "string", + "description": "State of job" + }, + "trafficLight": { + "type": "string", + "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" + } + } + }, + "ProjectMetaData": { + "title": "ProjectMetaData", + "type": "object", + "properties": { + "metaData": { + "type": "object", + "properties": { + "key1": { + "type": "string", + "description": "An arbitrary metadata key." + } + }, + "description": "Metadata object. Contains key-value pairs." + }, + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + } + } + }, + "ListOfSignups": { + "title": "ListOfSignups", + "type": "array", + "description": "List of user signups", + "items": { + "type": "object", + "properties": { + "emailAdress": { + "type": "string", + "description": "The email address" + }, + "userId": { + "type": "string", + "description": "The user id" + } + }, + "description": "List of user signups" + } + }, + "ListOfRunningJobs": { + "title": "ListOfRunningJobs", + "type": "array", + "items": { + "type": "object", + "properties": { + "owner": { + "type": "string", + "description": "Owner of the job - means user which triggered it" + }, + "jobUUID": { + "type": "string", + "description": "The uuid of the running job" + }, + "configuration": { + "type": "string", + "description": "Configuration used for this job" + }, + "projectId": { + "type": "string", + "description": "The name of the project the job is running for" + }, + "since": { + "type": "string", + "description": "Timestamp since when job has been started" + }, + "status": { + "type": "string", + "description": "A status information " + } + } + } + }, + "ListOfProjects": { + "type": "array", + "description": "List of project Ids", + "items": { + "type": "string" + } + }, + "SecHubReport": { + "title": "SecHubReport", + "type": "object" + }, "ProjectScanLogs": { "title": "ProjectScanLogs", "type": "array", diff --git a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java index 239cf04fb6..7698de6991 100644 --- a/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java +++ b/sechub-commons-model-testframework/src/main/java/com/mercedesbenz/sechub/commons/model/TestSecHubConfigurationBuilder.java @@ -139,6 +139,11 @@ public TestWebConfigurationBuilder addApiConfig(SecHubWebScanApiConfiguration ap TestSecHubConfigurationBuilder.this.testData.webConfig.api = Optional.ofNullable(apiConfig); return this; } + + public TestWebConfigurationBuilder addClientCertificateConfig(ClientCertificateConfiguration clientCertificateConfig) { + TestSecHubConfigurationBuilder.this.testData.webConfig.clientCertificate = Optional.ofNullable(clientCertificateConfig); + return this; + } } public TestCodeSCanConfigurationBuilder codeScanConfig() { diff --git a/sechub-doc/openapi-workaround.gradle b/sechub-doc/openapi-workaround.gradle index 120fdf8d4a..1ddd546765 100644 --- a/sechub-doc/openapi-workaround.gradle +++ b/sechub-doc/openapi-workaround.gradle @@ -87,6 +87,7 @@ void handleOneOfForScanJobSchema(jsonObject){ scanJobSchema.properties.webScan.properties.excludes.items = stringType scanJobSchema.properties.webScan.properties.headers.items.properties.onlyForUrls.items = stringType scanJobSchema.properties.webScan.properties.api.properties.use.items = stringType + scanJobSchema.properties.webScan.properties.clientCertificate.properties.use.items = stringType scanJobSchema.properties.codeScan.properties.use.items = stringType handleOneOfForFileSystem(scanJobSchema.properties.codeScan.properties.fileSystem) diff --git a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java index 7e329a4b86..778a5b069d 100644 --- a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java +++ b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/SchedulerRestControllerRestDocTest.java @@ -46,6 +46,7 @@ import org.springframework.util.StringUtils; import com.mercedesbenz.sechub.commons.core.CommonConstants; +import com.mercedesbenz.sechub.commons.model.ClientCertificateConfiguration; import com.mercedesbenz.sechub.commons.model.HTTPHeaderConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubCodeScanConfiguration; import com.mercedesbenz.sechub.commons.model.SecHubConfigurationMetaData; @@ -465,6 +466,65 @@ public void restDoc_userCreatesNewJob_webscan_with_api_definition() throws Excep /* @formatter:on */ } + @Test + @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web scan with client certificate definition") + public void restDoc_userCreatesNewJob_webscan_with_client_certificate_definition() throws Exception { + /* prepare */ + String apiEndpoint = https(PORT_USED).buildAddJobUrl(PROJECT_ID.pathElement()); + Class useCase = UseCaseUserCreatesNewJob.class; + + UUID randomUUID = UUID.randomUUID(); + SchedulerResult mockResult = new SchedulerResult(randomUUID); + + ClientCertificateConfiguration clientCertificateConfig = new ClientCertificateConfiguration(); + clientCertificateConfig.setPassword("example-cert-password".toCharArray()); + clientCertificateConfig.getNamesOfUsedDataConfigurationObjects().add("client-certificate-file-reference"); + + when(mockedScheduleCreateJobService.createJob(any(), any(SecHubConfiguration.class))).thenReturn(mockResult); + + /* execute + test @formatter:off */ + this.mockMvc.perform( + post(apiEndpoint,PROJECT1_ID). + contentType(MediaType.APPLICATION_JSON_VALUE). + content(configureSecHub(). + api("1.0"). + webConfig(). + addURI("https://localhost/mywebapp"). + addClientCertificateConfig(clientCertificateConfig). + build(). + toJSON()) + ). + andExpect(status().isOk()). + andExpect(content().json("{jobId:"+randomUUID.toString()+"}")). + andDo(defineRestService(). + with(). + useCaseData(useCase, "Web scan with client certificate definition"). + tag(RestDocFactory.extractTag(apiEndpoint)). + requestSchema(OpenApiSchema.SCAN_JOB.getSchema()). + responseSchema(OpenApiSchema.JOB_ID.getSchema()). + and(). + document( + requestHeaders( + + ), + pathParameters( + parameterWithName(PROJECT_ID.paramName()).description("The unique id of the project id where a new sechub job shall be created") + ), + requestFields( + fieldWithPath(PROPERTY_API_VERSION).description("The api version, currently only 1.0 is supported"), + fieldWithPath(PROPERTY_WEB_SCAN).description("Webscan configuration block").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_URL).description("Webscan URI to scan for").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+ClientCertificateConfiguration.PROPERTY_PASSWORD).description("Password the client certificate file is protected with").optional(), + fieldWithPath(PROPERTY_WEB_SCAN+"."+SecHubWebScanConfiguration.PROPERTY_CLIENT_CERTIFICATE+"."+SecHubDataConfigurationUsageByName.PROPERTY_USE).description("Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.").optional() + ), + responseFields( + fieldWithPath(SchedulerResult.PROPERTY_JOBID).description("A unique job id") + ) + )); + + /* @formatter:on */ + } + @Test @UseCaseRestDoc(useCase = UseCaseUserCreatesNewJob.class, variant = "Web Scan login basic") public void restDoc_userCreatesNewJob_webscan_login_basic() throws Exception { From 72b7df4e87193cfb4364663fb4081c0046e6d2c1 Mon Sep 17 00:00:00 2001 From: Jan Winz Date: Mon, 13 Nov 2023 17:37:26 +0100 Subject: [PATCH 08/12] remove optional from client certificate password #2524 --- .../commons/model/ClientCertificateConfiguration.java | 10 +++------- .../model/ClientCertificateConfigurationTest.java | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java index db71bb543d..cd0bd92e1e 100644 --- a/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java +++ b/sechub-commons-model/src/main/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfiguration.java @@ -2,7 +2,6 @@ package com.mercedesbenz.sechub.commons.model; import java.util.LinkedHashSet; -import java.util.Optional; import java.util.Set; import javax.crypto.SealedObject; @@ -16,7 +15,7 @@ public class ClientCertificateConfiguration implements SecHubDataConfigurationUs private CryptoAccess cryptoAccess = CryptoAccess.CRYPTO_CHAR_ARRAY; - private Optional password = Optional.empty(); + private SealedObject password; private Set namesOfUsedDataConfigurationObjects = new LinkedHashSet<>(); @Override @@ -25,14 +24,11 @@ public Set getNamesOfUsedDataConfigurationObjects() { } public void setPassword(char[] password) { - this.password = Optional.ofNullable(cryptoAccess.seal(password)); + this.password = cryptoAccess.seal(password); } public char[] getPassword() { - if (password.isEmpty()) { - return null; - } - return cryptoAccess.unseal(password.get()); + return cryptoAccess.unseal(password); } } diff --git a/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java index 90679a73a4..6ce55c45e4 100644 --- a/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java +++ b/sechub-commons-model/src/test/java/com/mercedesbenz/sechub/commons/model/ClientCertificateConfigurationTest.java @@ -1,9 +1,9 @@ // SPDX-License-Identifier: MIT package com.mercedesbenz.sechub.commons.model; +import static org.junit.Assert.assertNull; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertNull; import static org.junit.jupiter.api.Assertions.assertTrue; import java.util.Optional; From bfc3e13c866d67ea6a3c719fe9be9f0ca7702a5a Mon Sep 17 00:00:00 2001 From: "sven-dmlr (via github-actions)" Date: Thu, 23 Nov 2023 16:17:33 +0000 Subject: [PATCH 09/12] SPDX headers added by SecHub release job @github-actions --- .../scan/product/sereco/SerecoReportProductExecutorTest.java | 1 + 1 file changed, 1 insertion(+) diff --git a/sechub-scan-product-sereco/src/test/java/com/mercedesbenz/sechub/domain/scan/product/sereco/SerecoReportProductExecutorTest.java b/sechub-scan-product-sereco/src/test/java/com/mercedesbenz/sechub/domain/scan/product/sereco/SerecoReportProductExecutorTest.java index 030fc55149..dee5299282 100644 --- a/sechub-scan-product-sereco/src/test/java/com/mercedesbenz/sechub/domain/scan/product/sereco/SerecoReportProductExecutorTest.java +++ b/sechub-scan-product-sereco/src/test/java/com/mercedesbenz/sechub/domain/scan/product/sereco/SerecoReportProductExecutorTest.java @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: MIT package com.mercedesbenz.sechub.domain.scan.product.sereco; import static org.junit.jupiter.api.Assertions.*; From cdc84c6c36c95714e1a0837a53c23e4ebe4a2657 Mon Sep 17 00:00:00 2001 From: Sven Dolderer Date: Thu, 23 Nov 2023 17:59:28 +0100 Subject: [PATCH 10/12] Use latest Checkmarx wrapper 1.2.0 in builds #2695 --- sechub-pds-solutions/checkmarx/env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sechub-pds-solutions/checkmarx/env b/sechub-pds-solutions/checkmarx/env index 60ecb6c4ca..a23e48b21a 100644 --- a/sechub-pds-solutions/checkmarx/env +++ b/sechub-pds-solutions/checkmarx/env @@ -11,4 +11,4 @@ BUILD_TYPE=download # The Checkmarx Wrapper version to use # See: https://github.com/mercedes-benz/sechub/releases -CHECKMARX_WRAPPER_VERSION="1.1.0" +CHECKMARX_WRAPPER_VERSION="1.2.0" From a539e51787375d82f02cd349826b23a29a04df3c Mon Sep 17 00:00:00 2001 From: Sven Dolderer Date: Fri, 24 Nov 2023 12:25:54 +0100 Subject: [PATCH 11/12] support certificates in scans for secrets #2698 --- sechub-cli/script/supported-source-extensions.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/sechub-cli/script/supported-source-extensions.txt b/sechub-cli/script/supported-source-extensions.txt index 024cb1e564..44617f27d6 100644 --- a/sechub-cli/script/supported-source-extensions.txt +++ b/sechub-cli/script/supported-source-extensions.txt @@ -3,6 +3,7 @@ ASP (Active Server Pages): .asp ASP: .ascx .aspx C/C++: .ac .am .c .c++ .cc .cmake .cpp .cxx .ec .h .h++ .hh .hpp .hxx .pro C#, VB.NET, Visual Basic, VB Script: .asax .bas .cls .cs .cshtml .csproj .ctl .dsr .frm .master .sln .vb .vbp .vbs .xaml +Certificates for secrets scans: .crt, .cer, .csr, .der, .pem, .pfx, .p12, .p7b, .p7c, .CRT, .CER, .CSR, .DER, .PEM, .PFX, .P12, .P7B, .P7C Cobol: .cbl .cob .cpy .eco .pco .sqb Docker: Dockerfile .dockerfile Go, Protobuf: .go From 87b1f74773a43576492e027243bf219e29af0aae Mon Sep 17 00:00:00 2001 From: "sven-dmlr (via github-actions)" Date: Fri, 24 Nov 2023 13:05:30 +0000 Subject: [PATCH 12/12] docs update by SecHub release job @github-actions --- docs/latest/client-download.html | 2 +- .../images/diagram_pds_events_storage.svg | 2 +- .../diagram_sechub_job_cancellation.svg | 2 +- .../images/diagram_target_architecture.svg | 2 +- ...rview_uc_admin_assigns_user_to_project.svg | 2 +- ...ssaging_analyze_scan_results_available.svg | 2 +- ...ing_auto_cleanup_configuration_changed.svg | 2 +- ...en_domain_messaging_binary_upload_done.svg | 2 +- ...ain_messaging_job_cancellation_running.svg | 2 +- .../gen_domain_messaging_job_created.svg | 2 +- .../images/gen_domain_messaging_job_done.svg | 2 +- ...omain_messaging_job_execution_starting.svg | 2 +- .../gen_domain_messaging_job_failed.svg | 2 +- ..._domain_messaging_job_restart_canceled.svg | 2 +- ...domain_messaging_job_restart_triggered.svg | 2 +- ...domain_messaging_job_result_purge_done.svg | 2 +- ...main_messaging_job_result_purge_failed.svg | 2 +- ...en_domain_messaging_job_results_purged.svg | 2 +- .../gen_domain_messaging_job_started.svg | 2 +- ...essaging_mapping_configuration_changed.svg | 2 +- .../images/gen_domain_messaging_overview.svg | 2 +- ...roduct_executor_cancel_operations_done.svg | 2 +- ...messaging_project_access_level_changed.svg | 2 +- .../gen_domain_messaging_project_created.svg | 2 +- .../gen_domain_messaging_project_deleted.svg | 2 +- ...domain_messaging_project_owner_changed.svg | 2 +- ...in_messaging_project_whitelist_updated.svg | 2 +- ...ain_messaging_request_job_cancellation.svg | 2 +- ...n_domain_messaging_request_job_restart.svg | 2 +- ...ain_messaging_request_job_restart_hard.svg | 2 +- ...in_messaging_request_purge_job_results.svg | 2 +- ...quest_scheduler_disable_job_processing.svg | 2 +- ...equest_scheduler_enable_job_processing.svg | 2 +- ...messaging_request_scheduler_job_status.svg | 2 +- ...saging_request_scheduler_status_update.svg | 2 +- ...saging_request_user_role_recalculation.svg | 2 +- .../images/gen_domain_messaging_scan_done.svg | 2 +- .../gen_domain_messaging_scan_failed.svg | 2 +- ...ging_scheduler_job_processing_disabled.svg | 2 +- ...aging_scheduler_job_processing_enabled.svg | 2 +- ..._domain_messaging_scheduler_job_status.svg | 2 +- ...gen_domain_messaging_scheduler_started.svg | 2 +- ...main_messaging_scheduler_status_update.svg | 2 +- ...en_domain_messaging_source_upload_done.svg | 2 +- .../gen_domain_messaging_start_scan.svg | 2 +- ...domain_messaging_unsupported_operation.svg | 2 +- ...domain_messaging_user_added_to_project.svg | 2 +- ...omain_messaging_user_api_token_changed.svg | 2 +- ...main_messaging_user_becomes_superadmin.svg | 2 +- .../gen_domain_messaging_user_created.svg | 2 +- .../gen_domain_messaging_user_deleted.svg | 2 +- ...n_messaging_user_email_address_changed.svg | 2 +- ...messaging_user_new_api_token_requested.svg | 2 +- ...in_messaging_user_no_longer_superadmin.svg | 2 +- ...in_messaging_user_removed_from_project.svg | 2 +- ...en_domain_messaging_user_roles_changed.svg | 2 +- ...domain_messaging_user_signup_requested.svg | 2 +- docs/latest/images/gen_springprofiles-dev.svg | 2 +- .../gen_springprofiles-integrationtest.svg | 2 +- .../latest/images/gen_springprofiles-prod.svg | 2 +- docs/latest/images/gen_springprofiles.svg | 2 +- docs/latest/pds-download.html | 2 +- docs/latest/sechub-architecture.html | 728 ++++++++++---- docs/latest/sechub-client.html | 207 +++- .../sechub-developer-quickstart-guide.html | 6 +- docs/latest/sechub-getting-started.html | 6 +- docs/latest/sechub-operations.html | 6 +- .../sechub-product-delegation-server.html | 8 +- docs/latest/sechub-restapi.html | 921 +++++++++++++----- docs/latest/sechub-techdoc.html | 696 +++++++++---- docs/latest/server-download.html | 2 +- 71 files changed, 1935 insertions(+), 769 deletions(-) diff --git a/docs/latest/client-download.html b/docs/latest/client-download.html index f2c3d8b85d..529f95e649 100644 --- a/docs/latest/client-download.html +++ b/docs/latest/client-download.html @@ -1,7 +1,7 @@ - + Main Page diff --git a/docs/latest/images/diagram_pds_events_storage.svg b/docs/latest/images/diagram_pds_events_storage.svg index e3caf006e4..f60aa33e0f 100644 --- a/docs/latest/images/diagram_pds_events_storage.svg +++ b/docs/latest/images/diagram_pds_events_storage.svg @@ -1 +1 @@ -$workspace/$jobUUID/eventsPDS-Job-QueuelauncherScriptEvent FilePDSWorkspaceServicevoid sendEvent(UUID jobUUID, ExecutionEventType eventType,ExecutionEventData eventData)ExecutionEventData fetchEventDataOrNull(UUID jobUUID, ExecutionEventType eventType) {ExecutionEventDataPDSExecutionCallableFactoryPDSExecutionCallablePDSBatchTriggerServicevoid triggerExecutionOfNextJob()PDSJobCancelTriggerServicevoid triggerHandleCancelRequests()PDSCancelServicevoid handleJobCancelRequests()PDSExecutionServiceInside the event folder we havefiles with name pattern"${eventTypeName}.json". Someevents have only one file.Remark: Currently not implemented,but if an event type shall supports multiplefiles in fture the name pattern shall be:"${eventTypeName}[${nr}].json"cancel job by job UUIDcreatescreates/useswrites/reads event filesinto workspace foldercontains files whichhave JSOn contentcan readcreates processprepares workspace, sends eventscallsuses \ No newline at end of file +$workspace/$jobUUID/eventsPDS-Job-QueuelauncherScriptEvent FilePDSWorkspaceServicevoid sendEvent(UUID jobUUID, ExecutionEventType eventType,ExecutionEventData eventData)ExecutionEventData fetchEventDataOrNull(UUID jobUUID, ExecutionEventType eventType) {ExecutionEventDataPDSExecutionCallableFactoryPDSExecutionCallablePDSBatchTriggerServicevoid triggerExecutionOfNextJob()PDSJobCancelTriggerServicevoid triggerHandleCancelRequests()PDSCancelServicevoid handleJobCancelRequests()PDSExecutionServiceInside the event folder we havefiles with name pattern"${eventTypeName}.json". Someevents have only one file.Remark: Currently not implemented,but if an event type shall supports multiplefiles in fture the name pattern shall be:"${eventTypeName}[${nr}].json"cancel job by job UUIDcreatescreates/useswrites/reads event filesinto workspace foldercontains files whichhave JSOn contentcan readcreates processprepares workspace, sends eventscallsuses \ No newline at end of file diff --git a/docs/latest/images/diagram_sechub_job_cancellation.svg b/docs/latest/images/diagram_sechub_job_cancellation.svg index d117e7398a..9a288cbffa 100644 --- a/docs/latest/images/diagram_sechub_job_cancellation.svg +++ b/docs/latest/images/diagram_sechub_job_cancellation.svg @@ -1 +1 @@ -Event Nr.Message IDWhat happens at this event ?A1START_SCANScan - runningB1REQUEST_SCHEDULER_JOB_STATUSScan - periodic inspection if scheduler job marked as cancel requestedC1REQUEST_JOB_CANCELLATIONCancel request startedD1CANCELLATION_RUNNINGCancel scan running/ ongoingE1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONEProduct execucutor cancel operations have finished (post processing donecom.mercedesbenz.sechub.domain.schedulecom.mercedesbenz.sechub.sharedkernelcom.mercedesbenz.sechub.domain.scancom.mercedesbenz.sechub.domain.administrationcom.mercedesbenz.sechub.domain.notification«Entity»ScheduleSecHubJobExecutionStateINITIALIZINGREADY_TO_STARTSTARTEDCANCEL_REQUESTEDCANCELEDENDEDExecutionResultNONEOKFAILEDSynchronSecHubJobExecutorSchedulerJobStatusRequestHandlerScheduleJobLauncherServiceSchedulerJobBatchTriggerServiceScheduleMessagehandlerhandleCancelJobRequested()SchedulerCancelJobServiceThe steps- D*are only triggered when the SecHub job hasthe execution result NONE.The execution state isnotinspected.DomainMessageServiceEventBus«Entity»ProductResultUUID uuidUUID secHubJobUUIDUUID productExecutorConfigUUIDString resultString messagesString metaDataLocalDateTime startedLocalDateTime endedSecHubExecutionContextmarkCancelRequested()ScanProgressMonitorProductExecutorList<ProductResult> execute(SecHubExecutionContext context, ProductExecutorContext executorContext)ScanServicestartScan()ScanJobExecutorScanJobExecutionRunnableScanJobCancellationRunnableAdapterAdapterExecutionResult start(C config, AdapterMetaDataCallback callback)boolean cancel(C config, AdapterMetaDataCallback callback)ProductExecutionStoreServiceexecuteProductsAndStoreResults(SecHubExecutionContext context)AbstractProductExecutionServiceAbstractProductExecutorCanceableProductExecutorboolean cancel(ProductExecutorData data)ScanJobRunnableDataProductExecutorDataSecHubExecutionHistorySecHubExecutionHistoryElementThe scan job executor is central point ofthe scan steep in scan domain.It does the start of the scan itself anddoes also periodically the inspect the schedulerjob status via event busExecutorThreadCancellationThreadJobAdministrationRestControllerJobAdministrationMessageHandlerJobCancelServiceNotificationMessageHandlerProcuctIs used to have eventcommunications between domainssends async REQUEST_JOB_CANCELLATION (C1)sends async CANCELLATION_RUNNING (D1)sends async CANCELLATION_RUNNING (D1)stores resultusescalls cancel servicebecause of C2marks as CANCEL_REQUESTED (C3)callssends async CANCELLATION_RUNNING (D1)sends async REQUEST_JOB_CANCELLATION (C1)receives "PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE" (E1) ASYNCHRONsends synch REQUEST_SCHEDULER_JOB_STATUS (B1)set SecHub job finally as CANCELEDcreatesusesstores resultsusescallsusesconfigures and usesusescreates + uses (A3)runsinterrupts ExecutorThreadwhen being canceled.This immediately interrupts all product calls hard.runscreatescancelsstartscreates if necessarystarts when necessarycreates contextcreatesmarks as cancel requestedso available in product executorscallsuses information aboutproduct executors and datasends "START_SCAN" (A1) SYNCHRONsends synchron REQUEST_SCHEDULER_JOB_STATUS (B1)and receives job statusrecevies "START_SCAN" (A2) SYNCHRON (returns result)communicationsends "PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE" (E1) ASYNCHRON \ No newline at end of file +Event Nr.Message IDWhat happens at this event ?A1START_SCANScan - runningB1REQUEST_SCHEDULER_JOB_STATUSScan - periodic inspection if scheduler job marked as cancel requestedC1REQUEST_JOB_CANCELLATIONCancel request startedD1CANCELLATION_RUNNINGCancel scan running/ ongoingE1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONEProduct execucutor cancel operations have finished (post processing donecom.mercedesbenz.sechub.domain.schedulecom.mercedesbenz.sechub.sharedkernelcom.mercedesbenz.sechub.domain.scancom.mercedesbenz.sechub.domain.administrationcom.mercedesbenz.sechub.domain.notification«Entity»ScheduleSecHubJobExecutionStateINITIALIZINGREADY_TO_STARTSTARTEDCANCEL_REQUESTEDCANCELEDENDEDExecutionResultNONEOKFAILEDSynchronSecHubJobExecutorSchedulerJobStatusRequestHandlerScheduleJobLauncherServiceSchedulerJobBatchTriggerServiceScheduleMessagehandlerhandleCancelJobRequested()SchedulerCancelJobServiceThe steps- D*are only triggered when the SecHub job hasthe execution result NONE.The execution state isnotinspected.DomainMessageServiceEventBus«Entity»ProductResultUUID uuidUUID secHubJobUUIDUUID productExecutorConfigUUIDString resultString messagesString metaDataLocalDateTime startedLocalDateTime endedSecHubExecutionContextmarkCancelRequested()ScanProgressMonitorProductExecutorList<ProductResult> execute(SecHubExecutionContext context, ProductExecutorContext executorContext)ScanServicestartScan()ScanJobExecutorScanJobExecutionRunnableScanJobCancellationRunnableAdapterAdapterExecutionResult start(C config, AdapterMetaDataCallback callback)boolean cancel(C config, AdapterMetaDataCallback callback)ProductExecutionStoreServiceexecuteProductsAndStoreResults(SecHubExecutionContext context)AbstractProductExecutionServiceAbstractProductExecutorCanceableProductExecutorboolean cancel(ProductExecutorData data)ScanJobRunnableDataProductExecutorDataSecHubExecutionHistorySecHubExecutionHistoryElementThe scan job executor is central point ofthe scan steep in scan domain.It does the start of the scan itself anddoes also periodically the inspect the schedulerjob status via event busExecutorThreadCancellationThreadJobAdministrationRestControllerJobAdministrationMessageHandlerJobCancelServiceNotificationMessageHandlerProcuctIs used to have eventcommunications between domainssends async REQUEST_JOB_CANCELLATION (C1)sends async CANCELLATION_RUNNING (D1)sends async CANCELLATION_RUNNING (D1)stores resultusescalls cancel servicebecause of C2marks as CANCEL_REQUESTED (C3)callssends async CANCELLATION_RUNNING (D1)sends async REQUEST_JOB_CANCELLATION (C1)receives "PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE" (E1) ASYNCHRONsends synch REQUEST_SCHEDULER_JOB_STATUS (B1)set SecHub job finally as CANCELEDcreatesusesstores resultsusescallsusesconfigures and usesusescreates + uses (A3)runsinterrupts ExecutorThreadwhen being canceled.This immediately interrupts all product calls hard.runscreatescancelsstartscreates if necessarystarts when necessarycreates contextcreatesmarks as cancel requestedso available in product executorscallsuses information aboutproduct executors and datasends "START_SCAN" (A1) SYNCHRONsends synchron REQUEST_SCHEDULER_JOB_STATUS (B1)and receives job statusrecevies "START_SCAN" (A2) SYNCHRON (returns result)communicationsends "PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE" (E1) ASYNCHRON \ No newline at end of file diff --git a/docs/latest/images/diagram_target_architecture.svg b/docs/latest/images/diagram_target_architecture.svg index 4e12aaaeec..5ce19c0f7d 100644 --- a/docs/latest/images/diagram_target_architecture.svg +++ b/docs/latest/images/diagram_target_architecture.svg @@ -1 +1 @@ -ProductExecutorList<ProductResult> execute()ScanType getScanType()int getVersion()boolean isMultipleConfigurationAllowed()SerecoReportProductExecutorProductExecutorDataNetworkLocationProviderList<URI> getURIs();List<InetAddress> getInetAdresses();NetworkTargetProductServerDataProviderString getIdentifierWhenInternetTarget();String getIdentifierWhenIntranetTarget();String getBaseURLWhenInternetTarget();String getBaseURLWhenIntranetTarget();String getUsernameWhenInternetTarget();String getUsernameWhenIntranetTarget();String getPasswordWhenInternetTarget();String getPasswordWhenIntranetTarget();boolean hasUntrustedCertificateWhenIntranetTarget();boolean hasUntrustedCertificateWhenInternetTarget();NetworkTargetInfoNetworkTargetType getNetworkTargetType()Set<URI> getNetworkTargetURIs()Set<InetAddress> getNetworkTargetIPs()AbstractProductExecutorabstract void customize(ProductExecutorData data);abstract List<ProductResult> executeByAdapter(ProductExecutorData data)NetworkTargetResolverNetworkTarget resolveTarget(URI uri);NetworkTarget resolveTarget(InetAddress inetAdress);The base class for mostly all product executors (except for Sereco).The child classes must implmemnt the `customize` method andconfigure the product executor data object accordingly.It will handle automatically target specific partsfor scan types where it is necessary (WebScan, InfraScan).All other scan types (e.g. CodeScan) do notneed to setup specific product executor data(like NetworkLocationProvider).NetworkTargetgetURI()getInetAdress()NetworkTargetType getType()Represents a network targetto use for a dedicated network typeNetworkTargetTypeNetworkTargetRegistryNetworkTargetInfoFactoryNetworkTargetInfo createInfo()Represents (final) information about whichURIs /IPs are for a dedicated networktarget type (e.g. INTERNET).NetworkTargetProductServerDataSuppportString getIdentifier(NetworkTargetType target)boolean isAbletoScan(NetworkTargetType target)String getBaseURL(NetworkTargetType type)String getUserId(NetworkTargetType type)String getPassword(NetworkTargetType target)Data normally comes fromsechub configurationData normally comes from aninstall setupcreates + customizesusesuses data supportcreate+use (if necessary)create+use (if necessary)internally created + usedusesusescontains1nprovides \ No newline at end of file +ProductExecutorList<ProductResult> execute()ScanType getScanType()int getVersion()boolean isMultipleConfigurationAllowed()SerecoReportProductExecutorProductExecutorDataNetworkLocationProviderList<URI> getURIs();List<InetAddress> getInetAdresses();NetworkTargetProductServerDataProviderString getIdentifierWhenInternetTarget();String getIdentifierWhenIntranetTarget();String getBaseURLWhenInternetTarget();String getBaseURLWhenIntranetTarget();String getUsernameWhenInternetTarget();String getUsernameWhenIntranetTarget();String getPasswordWhenInternetTarget();String getPasswordWhenIntranetTarget();boolean hasUntrustedCertificateWhenIntranetTarget();boolean hasUntrustedCertificateWhenInternetTarget();NetworkTargetInfoNetworkTargetType getNetworkTargetType()Set<URI> getNetworkTargetURIs()Set<InetAddress> getNetworkTargetIPs()AbstractProductExecutorabstract void customize(ProductExecutorData data);abstract List<ProductResult> executeByAdapter(ProductExecutorData data)NetworkTargetResolverNetworkTarget resolveTarget(URI uri);NetworkTarget resolveTarget(InetAddress inetAdress);The base class for mostly all product executors (except for Sereco).The child classes must implmemnt the `customize` method andconfigure the product executor data object accordingly.It will handle automatically target specific partsfor scan types where it is necessary (WebScan, InfraScan).All other scan types (e.g. CodeScan) do notneed to setup specific product executor data(like NetworkLocationProvider).NetworkTargetgetURI()getInetAdress()NetworkTargetType getType()Represents a network targetto use for a dedicated network typeNetworkTargetTypeNetworkTargetRegistryNetworkTargetInfoFactoryNetworkTargetInfo createInfo()Represents (final) information about whichURIs /IPs are for a dedicated networktarget type (e.g. INTERNET).NetworkTargetProductServerDataSuppportString getIdentifier(NetworkTargetType target)boolean isAbletoScan(NetworkTargetType target)String getBaseURL(NetworkTargetType type)String getUserId(NetworkTargetType type)String getPassword(NetworkTargetType target)Data normally comes fromsechub configurationData normally comes from aninstall setupcreates + customizesusesuses data supportcreate+use (if necessary)create+use (if necessary)internally created + usedusesusescontains1nprovides \ No newline at end of file diff --git a/docs/latest/images/event_overview_uc_admin_assigns_user_to_project.svg b/docs/latest/images/event_overview_uc_admin_assigns_user_to_project.svg index 1645550108..bc0cdfe6d2 100644 --- a/docs/latest/images/event_overview_uc_admin_assigns_user_to_project.svg +++ b/docs/latest/images/event_overview_uc_admin_assigns_user_to_project.svg @@ -1 +1 @@ -UC_ADMIN_ASSIGNS_USER_TO_PROJECTadministrationauthorizationscanschedule0executedUSER_ADDED_TO_PROJECTUSER_ADDED_TO_PROJECT1REQUEST_USER_ROLE_RECALCULATION2USER_ROLES_CHANGED \ No newline at end of file +UC_ADMIN_ASSIGNS_USER_TO_PROJECTadministrationauthorizationscanschedule0executedUSER_ADDED_TO_PROJECTUSER_ADDED_TO_PROJECT1REQUEST_USER_ROLE_RECALCULATION2USER_ROLES_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_analyze_scan_results_available.svg b/docs/latest/images/gen_domain_messaging_analyze_scan_results_available.svg index 8b40d97ea6..29fd010970 100644 --- a/docs/latest/images/gen_domain_messaging_analyze_scan_results_available.svg +++ b/docs/latest/images/gen_domain_messaging_analyze_scan_results_available.svg @@ -1 +1 @@ -Communication detailsofmessage ANALYZE_SCAN_RESULTS_AVAILABLEstatisticscanEventBusStatisticMessageHandlerAnalyticsProductExecutionServiceImpl1ANALYZE_SCAN_RESULTS_AVAILABLE2ANALYZE_SCAN_RESULTS_AVAILABLE \ No newline at end of file +Communication detailsofmessage ANALYZE_SCAN_RESULTS_AVAILABLEscanstatisticEventBusAnalyticsProductExecutionServiceImplStatisticMessageHandler1ANALYZE_SCAN_RESULTS_AVAILABLE2ANALYZE_SCAN_RESULTS_AVAILABLE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_auto_cleanup_configuration_changed.svg b/docs/latest/images/gen_domain_messaging_auto_cleanup_configuration_changed.svg index 91f979b50d..d1ffa50456 100644 --- a/docs/latest/images/gen_domain_messaging_auto_cleanup_configuration_changed.svg +++ b/docs/latest/images/gen_domain_messaging_auto_cleanup_configuration_changed.svg @@ -1 +1 @@ -Communication detailsofmessage AUTO_CLEANUP_CONFIGURATION_CHANGEDscheduleadministrationscanEventBusScheduleMessageHandlerJobAdministrationMessageHandlerAdministrationConfigServiceScanMessageHandler1AUTO_CLEANUP_CONFIGURATION_CHANGED2AUTO_CLEANUP_CONFIGURATION_CHANGED3AUTO_CLEANUP_CONFIGURATION_CHANGED4AUTO_CLEANUP_CONFIGURATION_CHANGED \ No newline at end of file +Communication detailsofmessage AUTO_CLEANUP_CONFIGURATION_CHANGEDscanscheduleadministrationEventBusScanMessageHandlerScheduleMessageHandlerAdministrationConfigServiceJobAdministrationMessageHandler1AUTO_CLEANUP_CONFIGURATION_CHANGED2AUTO_CLEANUP_CONFIGURATION_CHANGED3AUTO_CLEANUP_CONFIGURATION_CHANGED4AUTO_CLEANUP_CONFIGURATION_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_binary_upload_done.svg b/docs/latest/images/gen_domain_messaging_binary_upload_done.svg index e78e62ff66..9c1b12d5f9 100644 --- a/docs/latest/images/gen_domain_messaging_binary_upload_done.svg +++ b/docs/latest/images/gen_domain_messaging_binary_upload_done.svg @@ -1 +1 @@ -Communication detailsofmessage BINARY_UPLOAD_DONEschedulestatisticEventBusSchedulerBinariesUploadServiceStatisticMessageHandler1BINARY_UPLOAD_DONE2BINARY_UPLOAD_DONE \ No newline at end of file +Communication detailsofmessage BINARY_UPLOAD_DONEschedulestatisticEventBusSchedulerBinariesUploadServiceStatisticMessageHandler1BINARY_UPLOAD_DONE2BINARY_UPLOAD_DONE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_cancellation_running.svg b/docs/latest/images/gen_domain_messaging_job_cancellation_running.svg index af41990828..d7f110f404 100644 --- a/docs/latest/images/gen_domain_messaging_job_cancellation_running.svg +++ b/docs/latest/images/gen_domain_messaging_job_cancellation_running.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_CANCELLATION_RUNNINGschedulenotificationadministrationEventBusSchedulerCancelJobServiceNotificationMessageHandlerJobAdministrationMessageHandler1JOB_CANCELLATION_RUNNING2JOB_CANCELLATION_RUNNING3JOB_CANCELLATION_RUNNING \ No newline at end of file +Communication detailsofmessage JOB_CANCELLATION_RUNNINGscheduleadministrationnotificationEventBusSchedulerCancelJobServiceJobAdministrationMessageHandlerNotificationMessageHandler1JOB_CANCELLATION_RUNNING2JOB_CANCELLATION_RUNNING3JOB_CANCELLATION_RUNNING \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_created.svg b/docs/latest/images/gen_domain_messaging_job_created.svg index 66f8b00e84..2d72d85371 100644 --- a/docs/latest/images/gen_domain_messaging_job_created.svg +++ b/docs/latest/images/gen_domain_messaging_job_created.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_CREATEDschedulestatisticEventBusSchedulerCreateJobServiceStatisticMessageHandler1JOB_CREATED2JOB_CREATED \ No newline at end of file +Communication detailsofmessage JOB_CREATEDschedulestatisticEventBusSchedulerCreateJobServiceStatisticMessageHandler1JOB_CREATED2JOB_CREATED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_done.svg b/docs/latest/images/gen_domain_messaging_job_done.svg index 27bba06a8b..ec88ad4543 100644 --- a/docs/latest/images/gen_domain_messaging_job_done.svg +++ b/docs/latest/images/gen_domain_messaging_job_done.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_DONEscheduleadministrationstatisticEventBusSynchronSecHubJobExecutorJobAdministrationMessageHandlerStatisticMessageHandler1JOB_DONE2JOB_DONE3JOB_DONE \ No newline at end of file +Communication detailsofmessage JOB_DONEscheduleadministrationstatisticEventBusSynchronSecHubJobExecutorJobAdministrationMessageHandlerStatisticMessageHandler1JOB_DONE2JOB_DONE3JOB_DONE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_execution_starting.svg b/docs/latest/images/gen_domain_messaging_job_execution_starting.svg index ece98e84ad..b4a9da9b6f 100644 --- a/docs/latest/images/gen_domain_messaging_job_execution_starting.svg +++ b/docs/latest/images/gen_domain_messaging_job_execution_starting.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_EXECUTION_STARTINGschedulestatisticEventBusSynchronSecHubJobExecutorStatisticMessageHandler1JOB_EXECUTION_STARTING2JOB_EXECUTION_STARTING \ No newline at end of file +Communication detailsofmessage JOB_EXECUTION_STARTINGschedulestatisticEventBusSynchronSecHubJobExecutorStatisticMessageHandler1JOB_EXECUTION_STARTING2JOB_EXECUTION_STARTING \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_failed.svg b/docs/latest/images/gen_domain_messaging_job_failed.svg index 1b6c6e074e..4778c7dd07 100644 --- a/docs/latest/images/gen_domain_messaging_job_failed.svg +++ b/docs/latest/images/gen_domain_messaging_job_failed.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_FAILEDscheduleadministrationstatisticEventBusSynchronSecHubJobExecutorJobAdministrationMessageHandlerStatisticMessageHandler1JOB_FAILED2JOB_FAILED3JOB_FAILED \ No newline at end of file +Communication detailsofmessage JOB_FAILEDscheduleadministrationstatisticEventBusSynchronSecHubJobExecutorJobAdministrationMessageHandlerStatisticMessageHandler1JOB_FAILED2JOB_FAILED3JOB_FAILED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_restart_canceled.svg b/docs/latest/images/gen_domain_messaging_job_restart_canceled.svg index f872cc8855..7294b320e8 100644 --- a/docs/latest/images/gen_domain_messaging_job_restart_canceled.svg +++ b/docs/latest/images/gen_domain_messaging_job_restart_canceled.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_RESTART_CANCELEDschedulenotificationEventBusSchedulerRestartJobServiceNotificationMessageHandler1JOB_RESTART_CANCELED2JOB_RESTART_CANCELED \ No newline at end of file +Communication detailsofmessage JOB_RESTART_CANCELEDschedulenotificationEventBusSchedulerRestartJobServiceNotificationMessageHandler1JOB_RESTART_CANCELED2JOB_RESTART_CANCELED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_restart_triggered.svg b/docs/latest/images/gen_domain_messaging_job_restart_triggered.svg index 12c8b74c3f..9b04162f22 100644 --- a/docs/latest/images/gen_domain_messaging_job_restart_triggered.svg +++ b/docs/latest/images/gen_domain_messaging_job_restart_triggered.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_RESTART_TRIGGEREDschedulenotificationEventBusSchedulerRestartJobServiceNotificationMessageHandler1JOB_RESTART_TRIGGERED2JOB_RESTART_TRIGGERED \ No newline at end of file +Communication detailsofmessage JOB_RESTART_TRIGGEREDschedulenotificationEventBusSchedulerRestartJobServiceNotificationMessageHandler1JOB_RESTART_TRIGGERED2JOB_RESTART_TRIGGERED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_result_purge_done.svg b/docs/latest/images/gen_domain_messaging_job_result_purge_done.svg index b730b7bf14..ad178c0dc1 100644 --- a/docs/latest/images/gen_domain_messaging_job_result_purge_done.svg +++ b/docs/latest/images/gen_domain_messaging_job_result_purge_done.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_RESULT_PURGE_DONEscanEventBusScanMessageHandler \ No newline at end of file +Communication detailsofmessage JOB_RESULT_PURGE_DONEscanEventBusScanMessageHandler \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_result_purge_failed.svg b/docs/latest/images/gen_domain_messaging_job_result_purge_failed.svg index 6d348a7e2f..72cdd4aa0f 100644 --- a/docs/latest/images/gen_domain_messaging_job_result_purge_failed.svg +++ b/docs/latest/images/gen_domain_messaging_job_result_purge_failed.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_RESULT_PURGE_FAILEDscanEventBusScanMessageHandler \ No newline at end of file +Communication detailsofmessage JOB_RESULT_PURGE_FAILEDscanEventBusScanMessageHandler \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_results_purged.svg b/docs/latest/images/gen_domain_messaging_job_results_purged.svg index d414f7571f..1106ba6449 100644 --- a/docs/latest/images/gen_domain_messaging_job_results_purged.svg +++ b/docs/latest/images/gen_domain_messaging_job_results_purged.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_RESULTS_PURGEDnotificationscanEventBusNotificationMessageHandlerProductResultService1JOB_RESULTS_PURGED2JOB_RESULTS_PURGED \ No newline at end of file +Communication detailsofmessage JOB_RESULTS_PURGEDscannotificationEventBusProductResultServiceNotificationMessageHandler1JOB_RESULTS_PURGED2JOB_RESULTS_PURGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_job_started.svg b/docs/latest/images/gen_domain_messaging_job_started.svg index 15c0657843..b8956f9775 100644 --- a/docs/latest/images/gen_domain_messaging_job_started.svg +++ b/docs/latest/images/gen_domain_messaging_job_started.svg @@ -1 +1 @@ -Communication detailsofmessage JOB_STARTEDscheduleadministrationEventBusScheduleJobLauncherServiceJobAdministrationMessageHandler1JOB_STARTED2JOB_STARTED \ No newline at end of file +Communication detailsofmessage JOB_STARTEDscheduleadministrationEventBusScheduleJobLauncherServiceJobAdministrationMessageHandler1JOB_STARTED2JOB_STARTED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_mapping_configuration_changed.svg b/docs/latest/images/gen_domain_messaging_mapping_configuration_changed.svg index d85fec5b91..12c9d74e9f 100644 --- a/docs/latest/images/gen_domain_messaging_mapping_configuration_changed.svg +++ b/docs/latest/images/gen_domain_messaging_mapping_configuration_changed.svg @@ -1 +1 @@ -Communication detailsofmessage MAPPING_CONFIGURATION_CHANGEDadministrationscanEventBusUpdateMappingServiceScanMessageHandler1MAPPING_CONFIGURATION_CHANGED2MAPPING_CONFIGURATION_CHANGED \ No newline at end of file +Communication detailsofmessage MAPPING_CONFIGURATION_CHANGEDscanadministrationEventBusScanMessageHandlerUpdateMappingService1MAPPING_CONFIGURATION_CHANGED2MAPPING_CONFIGURATION_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_overview.svg b/docs/latest/images/gen_domain_messaging_overview.svg index 3ca3c5ae03..1117a65544 100644 --- a/docs/latest/images/gen_domain_messaging_overview.svg +++ b/docs/latest/images/gen_domain_messaging_overview.svg @@ -1 +1 @@ -Overviewof domainmessagingschedulenotificationadministrationstatisticauthorizationscanEventBusschedulenotificationadministrationstatisticauthorizationscan1START_SCAN2START_SCANalt[failure]3UNSUPPORTED_OPERATION[success]4SCAN_DONE[failure]5SCAN_FAILED61USER_CREATED2USER_CREATED3USER_CREATED1USER_API_TOKEN_CHANGED2USER_API_TOKEN_CHANGED3USER_API_TOKEN_CHANGED4USER_API_TOKEN_CHANGED1USER_NEW_API_TOKEN_REQUESTED2USER_NEW_API_TOKEN_REQUESTED3USER_NEW_API_TOKEN_REQUESTED1USER_ADDED_TO_PROJECT2USER_ADDED_TO_PROJECT3USER_ADDED_TO_PROJECT1USER_REMOVED_FROM_PROJECT2USER_REMOVED_FROM_PROJECT3USER_REMOVED_FROM_PROJECT1USER_ROLES_CHANGED2USER_ROLES_CHANGED1USER_DELETED2USER_DELETED3USER_DELETED4USER_DELETED5USER_DELETED1PROJECT_CREATED2PROJECT_CREATED1PROJECT_DELETED2PROJECT_DELETED3PROJECT_DELETED4PROJECT_DELETED1PROJECT_WHITELIST_UPDATED2PROJECT_WHITELIST_UPDATED1JOB_CREATED2JOB_CREATED1JOB_STARTED2JOB_STARTED1JOB_EXECUTION_STARTING2JOB_EXECUTION_STARTING1JOB_DONE2JOB_DONE3JOB_DONE1USER_SIGNUP_REQUESTED2USER_SIGNUP_REQUESTED1JOB_FAILED2JOB_FAILED3JOB_FAILED1REQUEST_USER_ROLE_RECALCULATION2REQUEST_USER_ROLE_RECALCULATION3REQUEST_USER_ROLE_RECALCULATION4REQUEST_USER_ROLE_RECALCULATION5REQUEST_USER_ROLE_RECALCULATION6REQUEST_USER_ROLE_RECALCULATION7REQUEST_USER_ROLE_RECALCULATION8REQUEST_USER_ROLE_RECALCULATION9REQUEST_USER_ROLE_RECALCULATION1USER_BECOMES_SUPERADMIN2USER_BECOMES_SUPERADMIN1USER_NO_LONGER_SUPERADMIN2USER_NO_LONGER_SUPERADMIN1REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING2REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING1SCHEDULER_JOB_PROCESSING_ENABLED2SCHEDULER_JOB_PROCESSING_ENABLED3SCHEDULER_JOB_PROCESSING_ENABLED1SCHEDULER_JOB_PROCESSING_DISABLED2SCHEDULER_JOB_PROCESSING_DISABLED3SCHEDULER_JOB_PROCESSING_DISABLED1REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING2REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING1REQUEST_SCHEDULER_STATUS_UPDATE2REQUEST_SCHEDULER_STATUS_UPDATE1SCHEDULER_STATUS_UPDATE2SCHEDULER_STATUS_UPDATE1REQUEST_JOB_CANCELLATION2REQUEST_JOB_CANCELLATION1JOB_CANCELLATION_RUNNING2JOB_CANCELLATION_RUNNING3JOB_CANCELLATION_RUNNING1MAPPING_CONFIGURATION_CHANGED2MAPPING_CONFIGURATION_CHANGED1REQUEST_JOB_RESTART2REQUEST_JOB_RESTART1REQUEST_JOB_RESTART_HARD2REQUEST_JOB_RESTART_HARD1JOB_RESTART_TRIGGERED2JOB_RESTART_TRIGGERED1JOB_RESTART_CANCELED2JOB_RESTART_CANCELED1JOB_RESULTS_PURGED2JOB_RESULTS_PURGED1REQUEST_PURGE_JOB_RESULTS2REQUEST_PURGE_JOB_RESULTSalt[success]3JOB_RESULT_PURGE_DONE[failed]4JOB_RESULT_PURGE_FAILED51REQUEST_SCHEDULER_JOB_STATUS2REQUEST_SCHEDULER_JOB_STATUS3SCHEDULER_JOB_STATUS41SCHEDULER_STARTED2SCHEDULER_STARTED1PROJECT_OWNER_CHANGED2PROJECT_OWNER_CHANGED1PROJECT_ACCESS_LEVEL_CHANGED2PROJECT_ACCESS_LEVEL_CHANGED3PROJECT_ACCESS_LEVEL_CHANGED1USER_EMAIL_ADDRESS_CHANGED2USER_EMAIL_ADDRESS_CHANGED1AUTO_CLEANUP_CONFIGURATION_CHANGED2AUTO_CLEANUP_CONFIGURATION_CHANGED3AUTO_CLEANUP_CONFIGURATION_CHANGED4AUTO_CLEANUP_CONFIGURATION_CHANGED1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE2PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE1ANALYZE_SCAN_RESULTS_AVAILABLE2ANALYZE_SCAN_RESULTS_AVAILABLE1SOURCE_UPLOAD_DONE2SOURCE_UPLOAD_DONE1BINARY_UPLOAD_DONE2BINARY_UPLOAD_DONE \ No newline at end of file +Overviewof domainmessagingscanscheduleauthorizationadministrationstatisticnotificationEventBusscanscheduleauthorizationadministrationstatisticnotification1START_SCAN2START_SCANalt[success]3SCAN_DONE[failure]4SCAN_FAILED[failure]5UNSUPPORTED_OPERATION61USER_CREATED2USER_CREATED3USER_CREATED1USER_API_TOKEN_CHANGED2USER_API_TOKEN_CHANGED3USER_API_TOKEN_CHANGED4USER_API_TOKEN_CHANGED1USER_NEW_API_TOKEN_REQUESTED2USER_NEW_API_TOKEN_REQUESTED3USER_NEW_API_TOKEN_REQUESTED1USER_ADDED_TO_PROJECT2USER_ADDED_TO_PROJECT3USER_ADDED_TO_PROJECT1USER_REMOVED_FROM_PROJECT2USER_REMOVED_FROM_PROJECT3USER_REMOVED_FROM_PROJECT1USER_ROLES_CHANGED2USER_ROLES_CHANGED1USER_DELETED2USER_DELETED3USER_DELETED4USER_DELETED5USER_DELETED1PROJECT_CREATED2PROJECT_CREATED1PROJECT_DELETED2PROJECT_DELETED3PROJECT_DELETED4PROJECT_DELETED1PROJECT_WHITELIST_UPDATED2PROJECT_WHITELIST_UPDATED1JOB_CREATED2JOB_CREATED1JOB_STARTED2JOB_STARTED1JOB_EXECUTION_STARTING2JOB_EXECUTION_STARTING1JOB_DONE2JOB_DONE3JOB_DONE1USER_SIGNUP_REQUESTED2USER_SIGNUP_REQUESTED1JOB_FAILED2JOB_FAILED3JOB_FAILED1REQUEST_USER_ROLE_RECALCULATION2REQUEST_USER_ROLE_RECALCULATION3REQUEST_USER_ROLE_RECALCULATION4REQUEST_USER_ROLE_RECALCULATION5REQUEST_USER_ROLE_RECALCULATION6REQUEST_USER_ROLE_RECALCULATION7REQUEST_USER_ROLE_RECALCULATION8REQUEST_USER_ROLE_RECALCULATION9REQUEST_USER_ROLE_RECALCULATION1USER_BECOMES_SUPERADMIN2USER_BECOMES_SUPERADMIN1USER_NO_LONGER_SUPERADMIN2USER_NO_LONGER_SUPERADMIN1REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING2REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING1SCHEDULER_JOB_PROCESSING_ENABLED2SCHEDULER_JOB_PROCESSING_ENABLED3SCHEDULER_JOB_PROCESSING_ENABLED1SCHEDULER_JOB_PROCESSING_DISABLED2SCHEDULER_JOB_PROCESSING_DISABLED3SCHEDULER_JOB_PROCESSING_DISABLED1REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING2REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING1REQUEST_SCHEDULER_STATUS_UPDATE2REQUEST_SCHEDULER_STATUS_UPDATE1SCHEDULER_STATUS_UPDATE2SCHEDULER_STATUS_UPDATE1REQUEST_JOB_CANCELLATION2REQUEST_JOB_CANCELLATION1JOB_CANCELLATION_RUNNING2JOB_CANCELLATION_RUNNING3JOB_CANCELLATION_RUNNING1MAPPING_CONFIGURATION_CHANGED2MAPPING_CONFIGURATION_CHANGED1REQUEST_JOB_RESTART2REQUEST_JOB_RESTART1REQUEST_JOB_RESTART_HARD2REQUEST_JOB_RESTART_HARD1JOB_RESTART_TRIGGERED2JOB_RESTART_TRIGGERED1JOB_RESTART_CANCELED2JOB_RESTART_CANCELED1JOB_RESULTS_PURGED2JOB_RESULTS_PURGED1REQUEST_PURGE_JOB_RESULTS2REQUEST_PURGE_JOB_RESULTSalt[success]3JOB_RESULT_PURGE_DONE[failed]4JOB_RESULT_PURGE_FAILED51REQUEST_SCHEDULER_JOB_STATUS2REQUEST_SCHEDULER_JOB_STATUS3SCHEDULER_JOB_STATUS41SCHEDULER_STARTED2SCHEDULER_STARTED1PROJECT_OWNER_CHANGED2PROJECT_OWNER_CHANGED1PROJECT_ACCESS_LEVEL_CHANGED2PROJECT_ACCESS_LEVEL_CHANGED3PROJECT_ACCESS_LEVEL_CHANGED1USER_EMAIL_ADDRESS_CHANGED2USER_EMAIL_ADDRESS_CHANGED1AUTO_CLEANUP_CONFIGURATION_CHANGED2AUTO_CLEANUP_CONFIGURATION_CHANGED3AUTO_CLEANUP_CONFIGURATION_CHANGED4AUTO_CLEANUP_CONFIGURATION_CHANGED1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE2PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE1ANALYZE_SCAN_RESULTS_AVAILABLE2ANALYZE_SCAN_RESULTS_AVAILABLE1SOURCE_UPLOAD_DONE2SOURCE_UPLOAD_DONE1BINARY_UPLOAD_DONE2BINARY_UPLOAD_DONE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_product_executor_cancel_operations_done.svg b/docs/latest/images/gen_domain_messaging_product_executor_cancel_operations_done.svg index 8b50069c6a..8ddd4a37df 100644 --- a/docs/latest/images/gen_domain_messaging_product_executor_cancel_operations_done.svg +++ b/docs/latest/images/gen_domain_messaging_product_executor_cancel_operations_done.svg @@ -1 +1 @@ -Communication detailsofmessage PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONEschedulescanEventBusScheduleMessageHandlerScanJobCancellationRunnable1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE2PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE \ No newline at end of file +Communication detailsofmessage PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONEscanscheduleEventBusScanJobCancellationRunnableScheduleMessageHandler1PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE2PRODUCT_EXECUTOR_CANCEL_OPERATIONS_DONE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_project_access_level_changed.svg b/docs/latest/images/gen_domain_messaging_project_access_level_changed.svg index 0b2735bd07..8f834111a8 100644 --- a/docs/latest/images/gen_domain_messaging_project_access_level_changed.svg +++ b/docs/latest/images/gen_domain_messaging_project_access_level_changed.svg @@ -1 +1 @@ -Communication detailsofmessage PROJECT_ACCESS_LEVEL_CHANGEDscheduleadministrationscanEventBusScheduleMessageHandlerProjectChangeAccessLevelServiceScanMessageHandler1PROJECT_ACCESS_LEVEL_CHANGED2PROJECT_ACCESS_LEVEL_CHANGED3PROJECT_ACCESS_LEVEL_CHANGED \ No newline at end of file +Communication detailsofmessage PROJECT_ACCESS_LEVEL_CHANGEDscanscheduleadministrationEventBusScanMessageHandlerScheduleMessageHandlerProjectChangeAccessLevelService1PROJECT_ACCESS_LEVEL_CHANGED2PROJECT_ACCESS_LEVEL_CHANGED3PROJECT_ACCESS_LEVEL_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_project_created.svg b/docs/latest/images/gen_domain_messaging_project_created.svg index a778f0a378..14d17d8696 100644 --- a/docs/latest/images/gen_domain_messaging_project_created.svg +++ b/docs/latest/images/gen_domain_messaging_project_created.svg @@ -1 +1 @@ -Communication detailsofmessage PROJECT_CREATEDscheduleadministrationEventBusScheduleMessageHandlerProjectCreationService1PROJECT_CREATED2PROJECT_CREATED \ No newline at end of file +Communication detailsofmessage PROJECT_CREATEDscheduleadministrationEventBusScheduleMessageHandlerProjectCreationService1PROJECT_CREATED2PROJECT_CREATED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_project_deleted.svg b/docs/latest/images/gen_domain_messaging_project_deleted.svg index 3ff37ecdb3..ffa78d1a05 100644 --- a/docs/latest/images/gen_domain_messaging_project_deleted.svg +++ b/docs/latest/images/gen_domain_messaging_project_deleted.svg @@ -1 +1 @@ -Communication detailsofmessage PROJECT_DELETEDschedulenotificationadministrationscanEventBusScheduleMessageHandlerNotificationMessageHandlerProjectDeleteServiceScanMessageHandler1PROJECT_DELETED2PROJECT_DELETED3PROJECT_DELETED4PROJECT_DELETED \ No newline at end of file +Communication detailsofmessage PROJECT_DELETEDscanscheduleadministrationnotificationEventBusScanMessageHandlerScheduleMessageHandlerProjectDeleteServiceNotificationMessageHandler1PROJECT_DELETED2PROJECT_DELETED3PROJECT_DELETED4PROJECT_DELETED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_project_owner_changed.svg b/docs/latest/images/gen_domain_messaging_project_owner_changed.svg index ca156846ed..f16c82f2c0 100644 --- a/docs/latest/images/gen_domain_messaging_project_owner_changed.svg +++ b/docs/latest/images/gen_domain_messaging_project_owner_changed.svg @@ -1 +1 @@ -Communication detailsofmessage PROJECT_OWNER_CHANGEDnotificationadministrationEventBusNotificationMessageHandlerProjectChangeOwnerService1PROJECT_OWNER_CHANGED2PROJECT_OWNER_CHANGED \ No newline at end of file +Communication detailsofmessage PROJECT_OWNER_CHANGEDadministrationnotificationEventBusProjectChangeOwnerServiceNotificationMessageHandler1PROJECT_OWNER_CHANGED2PROJECT_OWNER_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_project_whitelist_updated.svg b/docs/latest/images/gen_domain_messaging_project_whitelist_updated.svg index d6d09531b1..83c68adf03 100644 --- a/docs/latest/images/gen_domain_messaging_project_whitelist_updated.svg +++ b/docs/latest/images/gen_domain_messaging_project_whitelist_updated.svg @@ -1 +1 @@ -Communication detailsofmessage PROJECT_WHITELIST_UPDATEDscheduleadministrationEventBusScheduleMessageHandlerProjectUpdateWhitelistService1PROJECT_WHITELIST_UPDATED2PROJECT_WHITELIST_UPDATED \ No newline at end of file +Communication detailsofmessage PROJECT_WHITELIST_UPDATEDscheduleadministrationEventBusScheduleMessageHandlerProjectUpdateWhitelistService1PROJECT_WHITELIST_UPDATED2PROJECT_WHITELIST_UPDATED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_job_cancellation.svg b/docs/latest/images/gen_domain_messaging_request_job_cancellation.svg index dc5409f55b..772facd4cb 100644 --- a/docs/latest/images/gen_domain_messaging_request_job_cancellation.svg +++ b/docs/latest/images/gen_domain_messaging_request_job_cancellation.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_JOB_CANCELLATIONscheduleadministrationEventBusScheduleMessageHandlerJobCancelService1REQUEST_JOB_CANCELLATION2REQUEST_JOB_CANCELLATION \ No newline at end of file +Communication detailsofmessage REQUEST_JOB_CANCELLATIONscheduleadministrationEventBusScheduleMessageHandlerJobCancelService1REQUEST_JOB_CANCELLATION2REQUEST_JOB_CANCELLATION \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_job_restart.svg b/docs/latest/images/gen_domain_messaging_request_job_restart.svg index 3f0e8cc2ac..c0e417cb0b 100644 --- a/docs/latest/images/gen_domain_messaging_request_job_restart.svg +++ b/docs/latest/images/gen_domain_messaging_request_job_restart.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_JOB_RESTARTscheduleadministrationEventBusScheduleMessageHandlerJobRestartRequestService1REQUEST_JOB_RESTART2REQUEST_JOB_RESTART \ No newline at end of file +Communication detailsofmessage REQUEST_JOB_RESTARTscheduleadministrationEventBusScheduleMessageHandlerJobRestartRequestService1REQUEST_JOB_RESTART2REQUEST_JOB_RESTART \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_job_restart_hard.svg b/docs/latest/images/gen_domain_messaging_request_job_restart_hard.svg index f01267e46c..33c1bfec5b 100644 --- a/docs/latest/images/gen_domain_messaging_request_job_restart_hard.svg +++ b/docs/latest/images/gen_domain_messaging_request_job_restart_hard.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_JOB_RESTART_HARDscheduleadministrationEventBusScheduleMessageHandlerJobRestartRequestService1REQUEST_JOB_RESTART_HARD2REQUEST_JOB_RESTART_HARD \ No newline at end of file +Communication detailsofmessage REQUEST_JOB_RESTART_HARDscheduleadministrationEventBusScheduleMessageHandlerJobRestartRequestService1REQUEST_JOB_RESTART_HARD2REQUEST_JOB_RESTART_HARD \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_purge_job_results.svg b/docs/latest/images/gen_domain_messaging_request_purge_job_results.svg index dfc75650f3..c85a528dcf 100644 --- a/docs/latest/images/gen_domain_messaging_request_purge_job_results.svg +++ b/docs/latest/images/gen_domain_messaging_request_purge_job_results.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_PURGE_JOB_RESULTSschedulescanEventBusSchedulerRestartJobServiceScanMessageHandler1REQUEST_PURGE_JOB_RESULTS2REQUEST_PURGE_JOB_RESULTSalt[success]3JOB_RESULT_PURGE_DONE[failed]4JOB_RESULT_PURGE_FAILED5 \ No newline at end of file +Communication detailsofmessage REQUEST_PURGE_JOB_RESULTSscanscheduleEventBusScanMessageHandlerSchedulerRestartJobService1REQUEST_PURGE_JOB_RESULTS2REQUEST_PURGE_JOB_RESULTSalt[success]3JOB_RESULT_PURGE_DONE[failed]4JOB_RESULT_PURGE_FAILED5 \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_scheduler_disable_job_processing.svg b/docs/latest/images/gen_domain_messaging_request_scheduler_disable_job_processing.svg index 9aae7362b2..89b343ab3a 100644 --- a/docs/latest/images/gen_domain_messaging_request_scheduler_disable_job_processing.svg +++ b/docs/latest/images/gen_domain_messaging_request_scheduler_disable_job_processing.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_SCHEDULER_DISABLE_JOB_PROCESSINGscheduleadministrationEventBusScheduleMessageHandlerSwitchSchedulerJobProcessingService1REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING2REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING \ No newline at end of file +Communication detailsofmessage REQUEST_SCHEDULER_DISABLE_JOB_PROCESSINGscheduleadministrationEventBusScheduleMessageHandlerSwitchSchedulerJobProcessingService1REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING2REQUEST_SCHEDULER_DISABLE_JOB_PROCESSING \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_scheduler_enable_job_processing.svg b/docs/latest/images/gen_domain_messaging_request_scheduler_enable_job_processing.svg index e6c281de8b..e1615438a6 100644 --- a/docs/latest/images/gen_domain_messaging_request_scheduler_enable_job_processing.svg +++ b/docs/latest/images/gen_domain_messaging_request_scheduler_enable_job_processing.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_SCHEDULER_ENABLE_JOB_PROCESSINGscheduleadministrationEventBusScheduleMessageHandlerSwitchSchedulerJobProcessingService1REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING2REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING \ No newline at end of file +Communication detailsofmessage REQUEST_SCHEDULER_ENABLE_JOB_PROCESSINGscheduleadministrationEventBusScheduleMessageHandlerSwitchSchedulerJobProcessingService1REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING2REQUEST_SCHEDULER_ENABLE_JOB_PROCESSING \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_scheduler_job_status.svg b/docs/latest/images/gen_domain_messaging_request_scheduler_job_status.svg index 456b84cad9..d56e5b0c82 100644 --- a/docs/latest/images/gen_domain_messaging_request_scheduler_job_status.svg +++ b/docs/latest/images/gen_domain_messaging_request_scheduler_job_status.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_SCHEDULER_JOB_STATUSschedulescanEventBusSchedulerJobStatusRequestHandlerScanProgressMonitor1REQUEST_SCHEDULER_JOB_STATUS2REQUEST_SCHEDULER_JOB_STATUS3SCHEDULER_JOB_STATUS4 \ No newline at end of file +Communication detailsofmessage REQUEST_SCHEDULER_JOB_STATUSscanscheduleEventBusScanProgressMonitorSchedulerJobStatusRequestHandler1REQUEST_SCHEDULER_JOB_STATUS2REQUEST_SCHEDULER_JOB_STATUS3SCHEDULER_JOB_STATUS4 \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_scheduler_status_update.svg b/docs/latest/images/gen_domain_messaging_request_scheduler_status_update.svg index bcaca00a8f..ffb3acb07e 100644 --- a/docs/latest/images/gen_domain_messaging_request_scheduler_status_update.svg +++ b/docs/latest/images/gen_domain_messaging_request_scheduler_status_update.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_SCHEDULER_STATUS_UPDATEscheduleadministrationEventBusScheduleMessageHandlerTriggerSchedulerStatusRefreshService1REQUEST_SCHEDULER_STATUS_UPDATE2REQUEST_SCHEDULER_STATUS_UPDATE \ No newline at end of file +Communication detailsofmessage REQUEST_SCHEDULER_STATUS_UPDATEscheduleadministrationEventBusScheduleMessageHandlerTriggerSchedulerStatusRefreshService1REQUEST_SCHEDULER_STATUS_UPDATE2REQUEST_SCHEDULER_STATUS_UPDATE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_request_user_role_recalculation.svg b/docs/latest/images/gen_domain_messaging_request_user_role_recalculation.svg index d8c9afd0e1..40d799cbcf 100644 --- a/docs/latest/images/gen_domain_messaging_request_user_role_recalculation.svg +++ b/docs/latest/images/gen_domain_messaging_request_user_role_recalculation.svg @@ -1 +1 @@ -Communication detailsofmessage REQUEST_USER_ROLE_RECALCULATIONadministrationauthorizationEventBusUserRoleAdministrationMessageHandlerProjectDeleteServiceProjectChangeOwnerServiceProjectCreationServiceProjectAssignUserServiceProjectUnassignUserServiceUserRevokeSuperAdminRightsServiceUserGrantSuperAdminRightsServiceAuthUserCreationService1REQUEST_USER_ROLE_RECALCULATION2REQUEST_USER_ROLE_RECALCULATION3REQUEST_USER_ROLE_RECALCULATION4REQUEST_USER_ROLE_RECALCULATION5REQUEST_USER_ROLE_RECALCULATION6REQUEST_USER_ROLE_RECALCULATION7REQUEST_USER_ROLE_RECALCULATION8REQUEST_USER_ROLE_RECALCULATION9REQUEST_USER_ROLE_RECALCULATION \ No newline at end of file +Communication detailsofmessage REQUEST_USER_ROLE_RECALCULATIONauthorizationadministrationEventBusAuthUserCreationServiceProjectUnassignUserServiceProjectAssignUserServiceProjectCreationServiceProjectDeleteServiceProjectChangeOwnerServiceUserRevokeSuperAdminRightsServiceUserGrantSuperAdminRightsServiceUserRoleAdministrationMessageHandler1REQUEST_USER_ROLE_RECALCULATION2REQUEST_USER_ROLE_RECALCULATION3REQUEST_USER_ROLE_RECALCULATION4REQUEST_USER_ROLE_RECALCULATION5REQUEST_USER_ROLE_RECALCULATION6REQUEST_USER_ROLE_RECALCULATION7REQUEST_USER_ROLE_RECALCULATION8REQUEST_USER_ROLE_RECALCULATION9REQUEST_USER_ROLE_RECALCULATION \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scan_done.svg b/docs/latest/images/gen_domain_messaging_scan_done.svg index 0605aa46d8..3dc087bfcf 100644 --- a/docs/latest/images/gen_domain_messaging_scan_done.svg +++ b/docs/latest/images/gen_domain_messaging_scan_done.svg @@ -1 +1 @@ -Communication detailsofmessage SCAN_DONEscanEventBusScanService \ No newline at end of file +Communication detailsofmessage SCAN_DONEscanEventBusScanService \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scan_failed.svg b/docs/latest/images/gen_domain_messaging_scan_failed.svg index da0d4176e7..3e47e82607 100644 --- a/docs/latest/images/gen_domain_messaging_scan_failed.svg +++ b/docs/latest/images/gen_domain_messaging_scan_failed.svg @@ -1 +1 @@ -Communication detailsofmessage SCAN_FAILEDscanEventBusScanService \ No newline at end of file +Communication detailsofmessage SCAN_FAILEDscanEventBusScanService \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scheduler_job_processing_disabled.svg b/docs/latest/images/gen_domain_messaging_scheduler_job_processing_disabled.svg index 2b17d88f5e..2e8d228bcc 100644 --- a/docs/latest/images/gen_domain_messaging_scheduler_job_processing_disabled.svg +++ b/docs/latest/images/gen_domain_messaging_scheduler_job_processing_disabled.svg @@ -1 +1 @@ -Communication detailsofmessage SCHEDULER_JOB_PROCESSING_DISABLEDschedulenotificationadministrationEventBusSchedulerConfigServiceNotificationMessageHandlerSchedulerAdministrationMessageHandler1SCHEDULER_JOB_PROCESSING_DISABLED2SCHEDULER_JOB_PROCESSING_DISABLED3SCHEDULER_JOB_PROCESSING_DISABLED \ No newline at end of file +Communication detailsofmessage SCHEDULER_JOB_PROCESSING_DISABLEDscheduleadministrationnotificationEventBusSchedulerConfigServiceSchedulerAdministrationMessageHandlerNotificationMessageHandler1SCHEDULER_JOB_PROCESSING_DISABLED2SCHEDULER_JOB_PROCESSING_DISABLED3SCHEDULER_JOB_PROCESSING_DISABLED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scheduler_job_processing_enabled.svg b/docs/latest/images/gen_domain_messaging_scheduler_job_processing_enabled.svg index b61fa51600..f9d4c779c1 100644 --- a/docs/latest/images/gen_domain_messaging_scheduler_job_processing_enabled.svg +++ b/docs/latest/images/gen_domain_messaging_scheduler_job_processing_enabled.svg @@ -1 +1 @@ -Communication detailsofmessage SCHEDULER_JOB_PROCESSING_ENABLEDschedulenotificationadministrationEventBusSchedulerConfigServiceNotificationMessageHandlerSchedulerAdministrationMessageHandler1SCHEDULER_JOB_PROCESSING_ENABLED2SCHEDULER_JOB_PROCESSING_ENABLED3SCHEDULER_JOB_PROCESSING_ENABLED \ No newline at end of file +Communication detailsofmessage SCHEDULER_JOB_PROCESSING_ENABLEDscheduleadministrationnotificationEventBusSchedulerConfigServiceSchedulerAdministrationMessageHandlerNotificationMessageHandler1SCHEDULER_JOB_PROCESSING_ENABLED2SCHEDULER_JOB_PROCESSING_ENABLED3SCHEDULER_JOB_PROCESSING_ENABLED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scheduler_job_status.svg b/docs/latest/images/gen_domain_messaging_scheduler_job_status.svg index 8b38e1c31d..0f2627ab51 100644 --- a/docs/latest/images/gen_domain_messaging_scheduler_job_status.svg +++ b/docs/latest/images/gen_domain_messaging_scheduler_job_status.svg @@ -1 +1 @@ -Communication detailsofmessage SCHEDULER_JOB_STATUSscheduleEventBusSchedulerJobStatusRequestHandler \ No newline at end of file +Communication detailsofmessage SCHEDULER_JOB_STATUSscheduleEventBusSchedulerJobStatusRequestHandler \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scheduler_started.svg b/docs/latest/images/gen_domain_messaging_scheduler_started.svg index e81032306a..9c48036c84 100644 --- a/docs/latest/images/gen_domain_messaging_scheduler_started.svg +++ b/docs/latest/images/gen_domain_messaging_scheduler_started.svg @@ -1 +1 @@ -Communication detailsofmessage SCHEDULER_STARTEDschedulenotificationEventBusSchedulerStartHandlerNotificationMessageHandler1SCHEDULER_STARTED2SCHEDULER_STARTED \ No newline at end of file +Communication detailsofmessage SCHEDULER_STARTEDschedulenotificationEventBusSchedulerStartHandlerNotificationMessageHandler1SCHEDULER_STARTED2SCHEDULER_STARTED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_scheduler_status_update.svg b/docs/latest/images/gen_domain_messaging_scheduler_status_update.svg index ae4a4230df..a54f571c53 100644 --- a/docs/latest/images/gen_domain_messaging_scheduler_status_update.svg +++ b/docs/latest/images/gen_domain_messaging_scheduler_status_update.svg @@ -1 +1 @@ -Communication detailsofmessage SCHEDULER_STATUS_UPDATEscheduleadministrationEventBusSchedulerStatusServiceSchedulerAdministrationMessageHandler1SCHEDULER_STATUS_UPDATE2SCHEDULER_STATUS_UPDATE \ No newline at end of file +Communication detailsofmessage SCHEDULER_STATUS_UPDATEscheduleadministrationEventBusSchedulerStatusServiceSchedulerAdministrationMessageHandler1SCHEDULER_STATUS_UPDATE2SCHEDULER_STATUS_UPDATE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_source_upload_done.svg b/docs/latest/images/gen_domain_messaging_source_upload_done.svg index a332ecee36..81db164ad3 100644 --- a/docs/latest/images/gen_domain_messaging_source_upload_done.svg +++ b/docs/latest/images/gen_domain_messaging_source_upload_done.svg @@ -1 +1 @@ -Communication detailsofmessage SOURCE_UPLOAD_DONEschedulestatisticEventBusSchedulerSourcecodeUploadServiceStatisticMessageHandler1SOURCE_UPLOAD_DONE2SOURCE_UPLOAD_DONE \ No newline at end of file +Communication detailsofmessage SOURCE_UPLOAD_DONEschedulestatisticEventBusSchedulerSourcecodeUploadServiceStatisticMessageHandler1SOURCE_UPLOAD_DONE2SOURCE_UPLOAD_DONE \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_start_scan.svg b/docs/latest/images/gen_domain_messaging_start_scan.svg index fae7bc992f..c2a3f3d669 100644 --- a/docs/latest/images/gen_domain_messaging_start_scan.svg +++ b/docs/latest/images/gen_domain_messaging_start_scan.svg @@ -1 +1 @@ -Communication detailsofmessage START_SCANschedulescanEventBusSynchronSecHubJobExecutorScanService1START_SCAN2START_SCANalt[failure]3UNSUPPORTED_OPERATION[success]4SCAN_DONE[failure]5SCAN_FAILED6 \ No newline at end of file +Communication detailsofmessage START_SCANscanscheduleEventBusScanServiceSynchronSecHubJobExecutor1START_SCAN2START_SCANalt[success]3SCAN_DONE[failure]4SCAN_FAILED[failure]5UNSUPPORTED_OPERATION6 \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_unsupported_operation.svg b/docs/latest/images/gen_domain_messaging_unsupported_operation.svg index b2f2ab14c8..92259b7c7d 100644 --- a/docs/latest/images/gen_domain_messaging_unsupported_operation.svg +++ b/docs/latest/images/gen_domain_messaging_unsupported_operation.svg @@ -1 +1 @@ -Communication detailsofmessage UNSUPPORTED_OPERATIONscanEventBusScanService \ No newline at end of file +Communication detailsofmessage UNSUPPORTED_OPERATIONscanEventBusScanService \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_added_to_project.svg b/docs/latest/images/gen_domain_messaging_user_added_to_project.svg index 9ef9f94b61..8e786526c9 100644 --- a/docs/latest/images/gen_domain_messaging_user_added_to_project.svg +++ b/docs/latest/images/gen_domain_messaging_user_added_to_project.svg @@ -1 +1 @@ -Communication detailsofmessage USER_ADDED_TO_PROJECTscheduleadministrationscanEventBusScheduleMessageHandlerProjectAssignUserServiceScanMessageHandler1USER_ADDED_TO_PROJECT2USER_ADDED_TO_PROJECT3USER_ADDED_TO_PROJECT \ No newline at end of file +Communication detailsofmessage USER_ADDED_TO_PROJECTscanscheduleadministrationEventBusScanMessageHandlerScheduleMessageHandlerProjectAssignUserService1USER_ADDED_TO_PROJECT2USER_ADDED_TO_PROJECT3USER_ADDED_TO_PROJECT \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_api_token_changed.svg b/docs/latest/images/gen_domain_messaging_user_api_token_changed.svg index 807e6f17e1..73a07b245b 100644 --- a/docs/latest/images/gen_domain_messaging_user_api_token_changed.svg +++ b/docs/latest/images/gen_domain_messaging_user_api_token_changed.svg @@ -1 +1 @@ -Communication detailsofmessage USER_API_TOKEN_CHANGEDnotificationadministrationauthorizationEventBusNotificationMessageHandlerAnonymousUserGetAPITokenByOneTimeTokenServiceInternalInitialDataServiceAuthMessageHandler1USER_API_TOKEN_CHANGED2USER_API_TOKEN_CHANGED3USER_API_TOKEN_CHANGED4USER_API_TOKEN_CHANGED \ No newline at end of file +Communication detailsofmessage USER_API_TOKEN_CHANGEDauthorizationadministrationnotificationEventBusAuthMessageHandlerInternalInitialDataServiceAnonymousUserGetAPITokenByOneTimeTokenServiceNotificationMessageHandler1USER_API_TOKEN_CHANGED2USER_API_TOKEN_CHANGED3USER_API_TOKEN_CHANGED4USER_API_TOKEN_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_becomes_superadmin.svg b/docs/latest/images/gen_domain_messaging_user_becomes_superadmin.svg index c8a6983041..5e27f80058 100644 --- a/docs/latest/images/gen_domain_messaging_user_becomes_superadmin.svg +++ b/docs/latest/images/gen_domain_messaging_user_becomes_superadmin.svg @@ -1 +1 @@ -Communication detailsofmessage USER_BECOMES_SUPERADMINnotificationadministrationEventBusNotificationMessageHandlerUserGrantSuperAdminRightsService1USER_BECOMES_SUPERADMIN2USER_BECOMES_SUPERADMIN \ No newline at end of file +Communication detailsofmessage USER_BECOMES_SUPERADMINadministrationnotificationEventBusUserGrantSuperAdminRightsServiceNotificationMessageHandler1USER_BECOMES_SUPERADMIN2USER_BECOMES_SUPERADMIN \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_created.svg b/docs/latest/images/gen_domain_messaging_user_created.svg index e3db11b2dd..fb1e4080a3 100644 --- a/docs/latest/images/gen_domain_messaging_user_created.svg +++ b/docs/latest/images/gen_domain_messaging_user_created.svg @@ -1 +1 @@ -Communication detailsofmessage USER_CREATEDadministrationauthorizationEventBusUserCreationServiceInternalInitialDataServiceAuthMessageHandler1USER_CREATED2USER_CREATED3USER_CREATED \ No newline at end of file +Communication detailsofmessage USER_CREATEDauthorizationadministrationEventBusAuthMessageHandlerUserCreationServiceInternalInitialDataService1USER_CREATED2USER_CREATED3USER_CREATED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_deleted.svg b/docs/latest/images/gen_domain_messaging_user_deleted.svg index c6636c972f..15c09f8780 100644 --- a/docs/latest/images/gen_domain_messaging_user_deleted.svg +++ b/docs/latest/images/gen_domain_messaging_user_deleted.svg @@ -1 +1 @@ -Communication detailsofmessage USER_DELETEDschedulenotificationadministrationauthorizationscanEventBusScheduleMessageHandlerNotificationMessageHandlerUserDeleteServiceAuthMessageHandlerScanMessageHandler1USER_DELETED2USER_DELETED3USER_DELETED4USER_DELETED5USER_DELETED \ No newline at end of file +Communication detailsofmessage USER_DELETEDscanscheduleauthorizationadministrationnotificationEventBusScanMessageHandlerScheduleMessageHandlerAuthMessageHandlerUserDeleteServiceNotificationMessageHandler1USER_DELETED2USER_DELETED3USER_DELETED4USER_DELETED5USER_DELETED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_email_address_changed.svg b/docs/latest/images/gen_domain_messaging_user_email_address_changed.svg index 2f7d401bf6..61b81fce10 100644 --- a/docs/latest/images/gen_domain_messaging_user_email_address_changed.svg +++ b/docs/latest/images/gen_domain_messaging_user_email_address_changed.svg @@ -1 +1 @@ -Communication detailsofmessage USER_EMAIL_ADDRESS_CHANGEDnotificationadministrationEventBusNotificationMessageHandlerUserEmailAddressUpdateService1USER_EMAIL_ADDRESS_CHANGED2USER_EMAIL_ADDRESS_CHANGED \ No newline at end of file +Communication detailsofmessage USER_EMAIL_ADDRESS_CHANGEDadministrationnotificationEventBusUserEmailAddressUpdateServiceNotificationMessageHandler1USER_EMAIL_ADDRESS_CHANGED2USER_EMAIL_ADDRESS_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_new_api_token_requested.svg b/docs/latest/images/gen_domain_messaging_user_new_api_token_requested.svg index c2c19dd568..7614251efc 100644 --- a/docs/latest/images/gen_domain_messaging_user_new_api_token_requested.svg +++ b/docs/latest/images/gen_domain_messaging_user_new_api_token_requested.svg @@ -1 +1 @@ -Communication detailsofmessage USER_NEW_API_TOKEN_REQUESTEDnotificationadministrationEventBusNotificationMessageHandlerAnonymousUserRequestsNewApiTokenServiceUserCreationService1USER_NEW_API_TOKEN_REQUESTED2USER_NEW_API_TOKEN_REQUESTED3USER_NEW_API_TOKEN_REQUESTED \ No newline at end of file +Communication detailsofmessage USER_NEW_API_TOKEN_REQUESTEDadministrationnotificationEventBusUserCreationServiceAnonymousUserRequestsNewApiTokenServiceNotificationMessageHandler1USER_NEW_API_TOKEN_REQUESTED2USER_NEW_API_TOKEN_REQUESTED3USER_NEW_API_TOKEN_REQUESTED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_no_longer_superadmin.svg b/docs/latest/images/gen_domain_messaging_user_no_longer_superadmin.svg index 1efd90fce1..402baad3a7 100644 --- a/docs/latest/images/gen_domain_messaging_user_no_longer_superadmin.svg +++ b/docs/latest/images/gen_domain_messaging_user_no_longer_superadmin.svg @@ -1 +1 @@ -Communication detailsofmessage USER_NO_LONGER_SUPERADMINnotificationadministrationEventBusNotificationMessageHandlerUserRevokeSuperAdminRightsService1USER_NO_LONGER_SUPERADMIN2USER_NO_LONGER_SUPERADMIN \ No newline at end of file +Communication detailsofmessage USER_NO_LONGER_SUPERADMINadministrationnotificationEventBusUserRevokeSuperAdminRightsServiceNotificationMessageHandler1USER_NO_LONGER_SUPERADMIN2USER_NO_LONGER_SUPERADMIN \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_removed_from_project.svg b/docs/latest/images/gen_domain_messaging_user_removed_from_project.svg index 18f81c0506..692a7a1733 100644 --- a/docs/latest/images/gen_domain_messaging_user_removed_from_project.svg +++ b/docs/latest/images/gen_domain_messaging_user_removed_from_project.svg @@ -1 +1 @@ -Communication detailsofmessage USER_REMOVED_FROM_PROJECTscheduleadministrationscanEventBusScheduleMessageHandlerProjectUnassignUserServiceScanMessageHandler1USER_REMOVED_FROM_PROJECT2USER_REMOVED_FROM_PROJECT3USER_REMOVED_FROM_PROJECT \ No newline at end of file +Communication detailsofmessage USER_REMOVED_FROM_PROJECTscanscheduleadministrationEventBusScanMessageHandlerScheduleMessageHandlerProjectUnassignUserService1USER_REMOVED_FROM_PROJECT2USER_REMOVED_FROM_PROJECT3USER_REMOVED_FROM_PROJECT \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_roles_changed.svg b/docs/latest/images/gen_domain_messaging_user_roles_changed.svg index 675c846932..2b1e237796 100644 --- a/docs/latest/images/gen_domain_messaging_user_roles_changed.svg +++ b/docs/latest/images/gen_domain_messaging_user_roles_changed.svg @@ -1 +1 @@ -Communication detailsofmessage USER_ROLES_CHANGEDadministrationauthorizationEventBusUserRoleCalculationServiceAuthMessageHandler1USER_ROLES_CHANGED2USER_ROLES_CHANGED \ No newline at end of file +Communication detailsofmessage USER_ROLES_CHANGEDauthorizationadministrationEventBusAuthMessageHandlerUserRoleCalculationService1USER_ROLES_CHANGED2USER_ROLES_CHANGED \ No newline at end of file diff --git a/docs/latest/images/gen_domain_messaging_user_signup_requested.svg b/docs/latest/images/gen_domain_messaging_user_signup_requested.svg index 2e82136c00..5d0901ebca 100644 --- a/docs/latest/images/gen_domain_messaging_user_signup_requested.svg +++ b/docs/latest/images/gen_domain_messaging_user_signup_requested.svg @@ -1 +1 @@ -Communication detailsofmessage USER_SIGNUP_REQUESTEDnotificationadministrationEventBusNotificationMessageHandlerAnonymousSignupCreateService1USER_SIGNUP_REQUESTED2USER_SIGNUP_REQUESTED \ No newline at end of file +Communication detailsofmessage USER_SIGNUP_REQUESTEDadministrationnotificationEventBusAnonymousSignupCreateServiceNotificationMessageHandler1USER_SIGNUP_REQUESTED2USER_SIGNUP_REQUESTED \ No newline at end of file diff --git a/docs/latest/images/gen_springprofiles-dev.svg b/docs/latest/images/gen_springprofiles-dev.svg index 497985d533..480c527ca8 100644 --- a/docs/latest/images/gen_springprofiles-dev.svg +++ b/docs/latest/images/gen_springprofiles-dev.svg @@ -1 +1 @@ -<dev>devmocked_productsinitial_admin_predefineddefaultreal_productspostgresadmin_accessmocked_notificationsh2localserver \ No newline at end of file +<dev>devreal_productsadmin_accessinitial_admin_predefinedmocked_notificationspostgresdefaulth2localservermocked_products \ No newline at end of file diff --git a/docs/latest/images/gen_springprofiles-integrationtest.svg b/docs/latest/images/gen_springprofiles-integrationtest.svg index 83f838449a..dab3b248d2 100644 --- a/docs/latest/images/gen_springprofiles-integrationtest.svg +++ b/docs/latest/images/gen_springprofiles-integrationtest.svg @@ -1 +1 @@ -<integrationtest>integrationtestmocked_productsdefaultreal_productspostgresadmin_accessmocked_notificationsh2initial_admin_staticlocalserver \ No newline at end of file +<integrationtest>integrationtestreal_productsadmin_accessmocked_notificationspostgresdefaulth2localservermocked_productsinitial_admin_static \ No newline at end of file diff --git a/docs/latest/images/gen_springprofiles-prod.svg b/docs/latest/images/gen_springprofiles-prod.svg index d556eaffea..7b811eb797 100644 --- a/docs/latest/images/gen_springprofiles-prod.svg +++ b/docs/latest/images/gen_springprofiles-prod.svg @@ -1 +1 @@ -<prod>proddefaultreal_productspostgresinitial_admin_createdserver \ No newline at end of file +<prod>prodreal_productsinitial_admin_createdserverpostgresdefault \ No newline at end of file diff --git a/docs/latest/images/gen_springprofiles.svg b/docs/latest/images/gen_springprofiles.svg index 74d4a78b88..f9fadebed1 100644 --- a/docs/latest/images/gen_springprofiles.svg +++ b/docs/latest/images/gen_springprofiles.svg @@ -1 +1 @@ -mocked_productsinitial_admin_predefineddevdefaultreal_productsprodpostgresadmin_accessmocked_notificationsdebuginitial_admin_createdh2initial_admin_staticlocalserverintegrationtestservertest \ No newline at end of file +devreal_productsadmin_accessinitial_admin_createdserverinitial_admin_predefinedmocked_notificationsintegrationtestpostgresdefaulth2localservermocked_productsinitial_admin_staticproddebugtest \ No newline at end of file diff --git a/docs/latest/pds-download.html b/docs/latest/pds-download.html index 21039aa231..2bd9d3e581 100644 --- a/docs/latest/pds-download.html +++ b/docs/latest/pds-download.html @@ -1,7 +1,7 @@ - + Main Page diff --git a/docs/latest/sechub-architecture.html b/docs/latest/sechub-architecture.html index 0d8d6681c6..235c5a23db 100644 --- a/docs/latest/sechub-architecture.html +++ b/docs/latest/sechub-architecture.html @@ -531,7 +531,7 @@
-
7.6.2.2. GET variant
+
7.6.2.2. HEAD variant

Definition

@@ -7085,7 +7087,7 @@
7.6.2.2. GET variant

Method

-

GET

+

HEAD

Status code

@@ -7101,7 +7103,7 @@
7.6.2.2. GET variant
-
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X GET
+
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X HEAD
@@ -7816,7 +7818,7 @@

7.6.9. Admin downloads all

-
$ curl 'https://sechub.example.com/api/admin/scan/download/5ea6d812-a01a-4264-918c-dc25afead94e' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/admin/scan/download/cc83453f-2197-45fe-81ae-83b3e69d824d' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -8981,7 +8983,7 @@

7.6.20. Admin shows scan logs for pro
-
[{"sechubJobUUID":"c52205e9-5941-4c6d-a8c6-7ca33b6cefcb","executedBy":"spartakus","started":"2023-10-29T15:26:52.84720329","ended":"2023-10-30T15:26:52.84723169","status":"OK"}]
+
[{"sechubJobUUID":"e6713e74-754d-491e-8fef-8bcebb0e6285","executedBy":"spartakus","started":"2023-11-23T13:02:38.528398267","ended":"2023-11-24T13:02:38.52843186","status":"OK"}]
@@ -9437,7 +9439,7 @@

7.6.25. User creates a new sechub job

REST API for usecase UC_005-User creates a new sechub job

-
7.6.25.1. Code Scan variant
+
7.6.25.1. Web Scan login basic variant

Definition

@@ -9528,6 +9530,180 @@
7.6.25.1. Code Scan variant

The api version, currently only 1.0 is supported

+

webScan

+

Object

+

Webscan configuration block

+ + +

webScan.url

+

String

+

Webscan URI to scan for

+ + +

webScan.login

+

Object

+

Webscan login definition

+ + +

webScan.login.url

+

String

+

Login URL

+ + +

webScan.login.basic

+

Object

+

basic login definition

+ + +

webScan.login.basic.user

+

String

+

username

+ + +

webScan.login.basic.password

+

String

+

password

+ + + +
+

Response fields

+
+ +++++ + + + + + + + + + + + + + + +
PathTypeDescription

jobId

String

A unique job id

+
+

Example

+
+
+

Curl request

+
+
+
+
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
+    -H 'Content-Type: application/json;charset=UTF-8' \
+    -d '{"webScan":{"login":{"url":"https://localhost/mywebapp/login","basic":{"user":"username1","password":"password1"}},"url":"https://localhost/mywebapp"},"apiVersion":"1.0"}'
+
+
+
+

Response body

+
+
+
+
{"jobId":"bda5ed07-67f5-4c33-8818-8d513f5fd530"}
+
+
+
+
+
7.6.25.2. Code Scan variant
+
+

Definition

+
+ + ++++ + + + + + + + + + + + + + + + + + + + + +
Table 45. General request information
Value

Path

/api/project/{projectId}/job

Method

POST

Status code

200 OK

+
+

Path parameters

+
+ + ++++ + + + + + + + + + + + + +
Table 46. https://localhost:8081/api/project/{projectId}/job
ParameterDescription

projectId

The unique id of the project id where a new sechub job shall be created

+
+

Request headers

+
+ ++++ + + + + + + +
NameDescription
+
+

Request fields

+
+ +++++ + + + + + + + + + + + + + + @@ -9591,17 +9767,17 @@
7.6.25.1. Code Scan variant
-
{"jobId":"64a94d76-be86-4200-a2a9-b320872b95d8"}
+
{"jobId":"4bbcb616-ab9b-4382-a18d-43edbe1047df"}
-
7.6.25.2. Code Scan using data section variant
+
7.6.25.3. Code Scan using data section variant

Definition

PathTypeDescription

apiVersion

String

The api version, currently only 1.0 is supported

codeScan

Object

Code scan configuration block
- +@@ -9631,7 +9807,7 @@
7.6.25.2. Code Sc

Path parameters

Table 45. General request informationTable 47. General request information
- +@@ -9770,17 +9946,17 @@
7.6.25.2. Code Sc
-
{"jobId":"1dbc7a95-a94b-4cb3-aadb-b2d29f8c80ab"}
+
{"jobId":"20612a35-b962-4ec5-9275-850b3b573034"}
-
7.6.25.3. Infrastructure scan variant
+
7.6.25.4. Infrastructure scan variant

Definition

Table 46. https://localhost:8081/api/project/{projectId}/jobTable 48. https://localhost:8081/api/project/{projectId}/job
- +@@ -9810,7 +9986,7 @@
7.6.25.3. Infrastructure s

Path parameters

Table 47. General request informationTable 49. General request information
- +@@ -9924,17 +10100,17 @@
7.6.25.3. Infrastructure s
-
{"jobId":"e443055a-6335-4017-84fd-21fb6a9974f7"}
+
{"jobId":"d3ac6b76-c92f-4a34-8b04-60f7191dbcc6"}
-
7.6.25.4. Web scan anonymous variant
+
7.6.25.5. Web scan anonymous variant

Definition

Table 48. https://localhost:8081/api/project/{projectId}/jobTable 50. https://localhost:8081/api/project/{projectId}/job
- +@@ -9964,7 +10140,7 @@
7.6.25.4. Web scan anonymou

Path parameters

Table 49. General request informationTable 51. General request information
- +@@ -10093,17 +10269,17 @@
7.6.25.4. Web scan anonymou
-
{"jobId":"be5f8dd1-e5e2-4f95-8089-0547dcd1c8f9"}
+
{"jobId":"7a4729e2-6b4d-4429-b572-dde82b78e7e4"}
-
7.6.25.5. Web Scan login basic variant
+
7.6.25.6. Web scan with api definition variant

Definition

Table 50. https://localhost:8081/api/project/{projectId}/jobTable 52. https://localhost:8081/api/project/{projectId}/job
- +@@ -10133,7 +10309,7 @@
7.6.25.5. Web Scan login

Path parameters

Table 51. General request informationTable 53. General request information
- +@@ -10199,29 +10375,173 @@
7.6.25.5. Web Scan login
- - - + + + - + + + + + +
Table 52. https://localhost:8081/api/project/{projectId}/jobTable 54. https://localhost:8081/api/project/{projectId}/job

Webscan URI to scan for

webScan.login

Object

Webscan login definition

webScan.api.type

String

Type of the API definition files that will be provided

webScan.login.url

webScan.api.use

Array

Reference to the data section containing the API definition files. Always use 'sources' with 'files' instead 'folders'.

+
+

Response fields

+
+ +++++ + + + + + + + + + + - + + +
PathTypeDescription

jobId

String

Login URL

A unique job id
+
+

Example

+
+
+

Curl request

+
+
+
+
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
+    -H 'Content-Type: application/json;charset=UTF-8' \
+    -d '{"webScan":{"api":{"type":"OPEN_API","use":["openApi-file-reference"]},"url":"https://localhost/mywebapp/login"},"apiVersion":"1.0"}'
+
+
+
+

Response body

+
+
+
+
{"jobId":"a769623f-1a50-484c-bcac-0325a2ed6132"}
+
+
+
+
+
7.6.25.7. Web scan with client certificate definition variant
+
+

Definition

+
+ + ++++ + - + + + + + + + + + + + + + + + + + + +
Table 55. General request information

webScan.login.basic

Value

Path

/api/project/{projectId}/job

Method

POST

Status code

200 OK

+
+

Path parameters

+
+ + ++++ + + + + + + + + + + + + +
Table 56. https://localhost:8081/api/project/{projectId}/job
ParameterDescription

projectId

The unique id of the project id where a new sechub job shall be created

+
+

Request headers

+
+ ++++ + + + + + + +
NameDescription
+
+

Request fields

+
+ +++++ + + + + + + + + + + + + + + + - + - + - + - + - + + + + + +
PathTypeDescription

apiVersion

String

The api version, currently only 1.0 is supported

webScan

Object

basic login definition

Webscan configuration block

webScan.login.basic.user

webScan.url

String

username

Webscan URI to scan for

webScan.login.basic.password

webScan.clientCertificate.password

String

password

Password the client certificate file is protected with

webScan.clientCertificate.use

Array

Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.
@@ -10259,7 +10579,7 @@
7.6.25.5. Web Scan login 
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"webScan":{"login":{"url":"https://localhost/mywebapp/login","basic":{"user":"username1","password":"password1"}},"url":"https://localhost/mywebapp"},"apiVersion":"1.0"}'
+ -d '{"webScan":{"url":"https://localhost/mywebapp","clientCertificate":{"password":"example-cert-password","use":["client-certificate-file-reference"]}},"apiVersion":"1.0"}'
@@ -10267,17 +10587,17 @@
7.6.25.5. Web Scan login
-
{"jobId":"25f699b7-47cf-4f34-bca1-a297330080ee"}
+
{"jobId":"0c0c7661-bbc3-4917-aa40-52714f117ccd"}
-
7.6.25.6. Web Scan login form scripted variant
+
7.6.25.8. Web Scan login form scripted variant

Definition

- +@@ -10307,7 +10627,7 @@
7.6.25.6. Web Sca

Path parameters

Table 53. General request informationTable 57. General request information
- +@@ -10461,17 +10781,17 @@
7.6.25.6. Web Sca
-
{"jobId":"229b9d0d-3108-4f61-93e6-fbbc27a1ad59"}
+
{"jobId":"80a925a9-bacd-4d52-a93e-49d599518e46"}
-
7.6.25.7. Web Scan headers variant
+
7.6.25.9. Web Scan headers variant

Definition

Table 54. https://localhost:8081/api/project/{projectId}/jobTable 58. https://localhost:8081/api/project/{projectId}/job
- +@@ -10501,7 +10821,7 @@
7.6.25.7. Web Scan headers va

Path parameters

Table 55. General request informationTable 59. General request information
- +@@ -10620,7 +10940,7 @@
7.6.25.7. Web Scan headers va
-
{"jobId":"15a25c3c-4e90-480a-ad8c-f3740ae40416"}
+
{"jobId":"d13cca95-dc19-4a41-b5c9-c10227428e60"}
@@ -10634,7 +10954,7 @@

7.6.26. User uploads source code

Definition

Table 56. https://localhost:8081/api/project/{projectId}/jobTable 60. https://localhost:8081/api/project/{projectId}/job
- +@@ -10664,7 +10984,7 @@

7.6.26. User uploads source code

Path parameters

Table 57. General request informationTable 61. General request information
- +@@ -10730,7 +11050,7 @@

7.6.26. User uploads source code

-
$ curl 'https://sechub.example.com/api/project/project1/job/0ceb402b-07f8-498a-afd7-95b89f391dc3/sourcecode' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/c036c81e-7ccf-4202-afb6-80c89ea77baf/sourcecode' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -F 'file=PK  
       �<M                       test1.txtPK  ?
@@ -10753,7 +11073,7 @@ 
7.6.27. User approves sechub job

 
Definition
Table 58. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecodeTable 62. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecode
- +@@ -10783,7 +11103,7 @@

7.6.27. User approves sechub job

Path parameters

Table 59. General request informationTable 63. General request information
- +@@ -10828,7 +11148,7 @@

7.6.27. User approves sechub job

-
$ curl 'https://sechub.example.com/api/project/project1/job/de12e9e4-299f-4e11-b802-15b66a20ab28/approve' -i -X PUT \
+
$ curl 'https://sechub.example.com/api/project/project1/job/e4fd2f7f-e61f-4e02-9fec-f22fde9f6616/approve' -i -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -10846,7 +11166,7 @@

7.6.28. User checks sechub job state

Definition

Table 60. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approveTable 64. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approve
- +@@ -10876,7 +11196,7 @@

7.6.28. User checks sechub job state

Path parameters

Table 61. General request informationTable 65. General request information
- +@@ -10980,7 +11300,7 @@

7.6.28. User checks sechub job state

-
$ curl 'https://sechub.example.com/api/project/project1/job/91cf9883-947d-4c3c-8c9a-d4896bc17973' -i -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/job/840a1fb9-18bb-4d93-bb80-ae1499112183' -i -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -10989,7 +11309,7 @@

7.6.28. User checks sechub job state

-
{"jobUUID":"91cf9883-947d-4c3c-8c9a-d4896bc17973","owner":"CREATOR1","created":"","started":"2023-10-30T15:12:08.478465955","ended":"2023-10-30T15:27:08.478488055","state":"ENDED","result":"OK","trafficLight":"GREEN"}
+
{"jobUUID":"840a1fb9-18bb-4d93-bb80-ae1499112183","owner":"CREATOR1","created":"","started":"2023-11-24T12:47:51.497412287","ended":"2023-11-24T13:02:51.497441251","state":"ENDED","result":"OK","trafficLight":"GREEN"}
@@ -11004,7 +11324,7 @@
7.6.29.1. JSON variant

Definition

Table 62. https://localhost:8081/api/project/{projectId}/job/{jobUUID}Table 66. https://localhost:8081/api/project/{projectId}/job/{jobUUID}
- +@@ -11034,7 +11354,7 @@
7.6.29.1. JSON variant

Path parameters

Table 63. General request informationTable 67. General request information
- +@@ -11064,7 +11384,7 @@
7.6.29.1. JSON variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/a24d6532-23a8-4423-b56b-083408a5b3a6' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/6f4be195-bc98-4089-9199-abf6786a518c' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -11076,7 +11396,7 @@
7.6.29.2. HTML variant

Definition

Table 64. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 68. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -11106,7 +11426,7 @@
7.6.29.2. HTML variant

Path parameters

Table 65. General request informationTable 69. General request information
- +@@ -11136,7 +11456,7 @@
7.6.29.2. HTML variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/1d6867cb-73bf-471a-a37d-2250030ce9a7' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/9dbdde4e-6cf3-4573-83bd-79e4b379202b' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/xhtml+xml'
@@ -11152,7 +11472,7 @@

7.6.30. User marks f

Definition

Table 66. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 70. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -11182,7 +11502,7 @@

7.6.30. User marks f

Path parameters

Table 67. General request informationTable 71. General request information
- +@@ -11291,7 +11611,7 @@

7.6.31. User unmarks ex

Definition

Table 68. https://localhost:8081/api/project/{projectId}/false-positivesTable 72. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -11321,7 +11641,7 @@

7.6.31. User unmarks ex

Path parameters

Table 69. General request informationTable 73. General request information
- +@@ -11387,7 +11707,7 @@

7.6.32. User fetch

Definition

Table 70. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}Table 74. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}
- +@@ -11417,7 +11737,7 @@

7.6.32. User fetch

Path parameters

Table 71. General request informationTable 75. General request information
- +@@ -11613,7 +11933,7 @@

7.6.33. User uploads binaries

Definition

Table 72. https://localhost:8081/api/project/{projectId}/false-positivesTable 76. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -11643,7 +11963,7 @@

7.6.33. User uploads binaries

Path parameters

Table 73. General request informationTable 77. General request information
- +@@ -11715,7 +12035,7 @@

7.6.33. User uploads binaries

-
$ curl 'https://sechub.example.com/api/project/project1/job/aa2d0c27-dc91-4b9d-bbde-1bb97b304f28/binaries' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/79c393b9-2e0e-4ef8-9dca-dceaad170b70/binaries' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -H 'x-file-size: 10240' \
     -F 'file=test1.txt                                                                                           0000664 0001750 0001750 00000000000 13353454574 012170  0                                                                                                    ustar   albert                          albert                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ' \
@@ -11736,7 +12056,7 @@ 
7.6.34. User downloads job rep
 
Definition
Table 74. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binariesTable 78. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binaries
- +@@ -11766,7 +12086,7 @@

7.6.34. User downloads job rep

Path parameters

Table 75. General request informationTable 79. General request information
- +@@ -11796,7 +12116,7 @@

7.6.34. User downloads job rep
-
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/975d5e0f-5b89-4248-8ca8-3db14855be82' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/bb7b3244-8c75-4122-9397-96ac312fe074' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -11811,7 +12131,7 @@

7.6.35. User self registration

Definition

Table 76. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}Table 80. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}
- +@@ -11898,7 +12218,7 @@

7.6.36. Admin lists open user signups

Definition

Table 77. General request informationTable 81. General request information
- +@@ -12002,7 +12322,7 @@

7.6.37. Admin applies self registration

Definition

Table 78. General request informationTable 82. General request information
- +@@ -12032,7 +12352,7 @@

7.6.37. Admin applies self registration

Path parameters

Table 79. General request informationTable 83. General request information
- +@@ -12090,7 +12410,7 @@

7.6.38. Admin deletes user signup

Definition

Table 80. https://localhost:8081/api/admin/signup/accept/{userId}Table 84. https://localhost:8081/api/admin/signup/accept/{userId}
- +@@ -12120,7 +12440,7 @@

7.6.38. Admin deletes user signup

Path parameters

Table 81. General request informationTable 85. General request information
- +@@ -12178,7 +12498,7 @@

7.6.39. User requests new API token

Definition

Table 82. https://localhost:8081/api/admin/signup/{userId}Table 86. https://localhost:8081/api/admin/signup/{userId}
- +@@ -12208,7 +12528,7 @@

7.6.39. User requests new API token

Path parameters

Table 83. General request informationTable 87. General request information
- +@@ -12252,7 +12572,7 @@

7.6.40. Admin lists all running jobs

Definition

Table 84. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}Table 88. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}
- +@@ -12359,7 +12679,7 @@

7.6.40. Admin lists all running jobs

-
[{"jobUUID":"51836965-000d-4a98-a7a5-8c553187d9a1","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-10-30T15:27:01.189032056","configuration":"{ config data }"}]
+
[{"jobUUID":"44156820-ed0e-4734-ac6e-c13f9071fc26","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-11-24T13:02:44.506400501","configuration":"{ config data }"}]
@@ -12372,7 +12692,7 @@

7.6.41. Admin cancels a job

Definition

Table 85. General request informationTable 89. General request information
- +@@ -12402,7 +12722,7 @@

7.6.41. Admin cancels a job

Path parameters

Table 86. General request informationTable 90. General request information
- +@@ -12443,7 +12763,7 @@

7.6.41. Admin cancels a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/2c010565-ad48-483c-a5fa-28dbf694e21c' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/9eb59a84-2f03-4803-b3f2-9bdcd381991d' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -12461,7 +12781,7 @@

7.6.42. Admin restarts a job

Definition

Table 87. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}Table 91. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}
- +@@ -12491,7 +12811,7 @@

7.6.42. Admin restarts a job

Path parameters

Table 88. General request informationTable 92. General request information
- +@@ -12532,7 +12852,7 @@

7.6.42. Admin restarts a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart/f3982269-f4e1-45fd-b71b-34718513ec89' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart/ffeef992-c0c1-48db-b8e1-d74e240e6513' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -12550,7 +12870,7 @@

7.6.43. Admin restarts a job (hard)

Definition

Table 89. https://localhost:8081/api/admin/jobs/restart/{jobUUID}Table 93. https://localhost:8081/api/admin/jobs/restart/{jobUUID}
- +@@ -12580,7 +12900,7 @@

7.6.43. Admin restarts a job (hard)

Path parameters

Table 90. General request informationTable 94. General request information
- +@@ -12621,7 +12941,7 @@

7.6.43. Admin restarts a job (hard)

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/da1c394e-bef0-4343-9a56-eafa56eabf30' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/bf4f724a-97c3-481e-99f3-d2fdce9c2941' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -12639,7 +12959,7 @@

7.6.44. User defines m

Definition

Table 91. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}Table 95. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}
- +@@ -12708,7 +13028,7 @@

7.6.45. User retriev

Definition

Table 92. General request informationTable 96. General request information
- +@@ -12780,7 +13100,7 @@

7.6.46. Admin updates mapping confi

Definition

Table 93. General request informationTable 97. General request information
- +@@ -12810,7 +13130,7 @@

7.6.46. Admin updates mapping confi

Path parameters

Table 94. General request informationTable 98. General request information
- +@@ -12904,7 +13224,7 @@

7.6.47. Admin fetches mapping confi

Definition

Table 95. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 99. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -12934,7 +13254,7 @@

7.6.47. Admin fetches mapping confi

Path parameters

Table 96. General request informationTable 100. General request information
- +@@ -13031,7 +13351,7 @@

7.6.48. Admin creates an execut

Definition

Table 97. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 101. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -13154,7 +13474,7 @@

7.6.48. Admin creates an execut
-
fe586480-1257-4d7c-8bf5-72d5eb526c2f
+
29006c13-2bc8-4235-926a-e59a194680e7
@@ -13167,7 +13487,7 @@

7.6.49. Admin deletes executor con

Definition

Table 98. General request informationTable 102. General request information
- +@@ -13197,7 +13517,7 @@

7.6.49. Admin deletes executor con

Path parameters

Table 99. General request informationTable 103. General request information
- +@@ -13238,7 +13558,7 @@

7.6.49. Admin deletes executor con
-
$ curl 'https://sechub.example.com/api/admin/config/executor/0aebb695-696d-4c97-9297-b53e7e4e04df' -i -u 'user:secret' -X DELETE \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/30904b46-9ea2-474a-9bac-b800ef74aed8' -i -u 'user:secret' -X DELETE \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -13256,7 +13576,7 @@

7.6.50. Admin fetches executo

Definition

Table 100. https://localhost:8081/api/admin/config/executor/{uuid}Table 104. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -13353,7 +13673,7 @@

7.6.50. Admin fetches executo
-
{"executorConfigurations":[{"uuid":"85281d07-9501-4892-87e7-46ad17e1b24f","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
+
{"executorConfigurations":[{"uuid":"f0594aaf-4fcd-482f-9fe5-c194ea2e5892","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
@@ -13366,7 +13686,7 @@

7.6.51. Admin fetches executor con

Definition

Table 101. General request informationTable 105. General request information
- +@@ -13396,7 +13716,7 @@

7.6.51. Admin fetches executor con

Path parameters

Table 102. General request informationTable 106. General request information
- +@@ -13506,7 +13826,7 @@

7.6.51. Admin fetches executor con
-
$ curl 'https://sechub.example.com/api/admin/config/executor/6447d179-2835-48c1-b7a5-b58d6d291854' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/7f35e685-96b2-414b-8bbc-70c0b9e7dac5' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -13515,7 +13835,7 @@

7.6.51. Admin fetches executor con
-
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"6447d179-2835-48c1-b7a5-b58d6d291854"}
+
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"7f35e685-96b2-414b-8bbc-70c0b9e7dac5"}
@@ -13528,7 +13848,7 @@

7.6.52. Admin updates execut

Definition

Table 103. https://localhost:8081/api/admin/config/executor/{uuid}Table 107. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -13558,7 +13878,7 @@

7.6.52. Admin updates execut

Path parameters

Table 104. General request informationTable 108. General request information
- +@@ -13663,7 +13983,7 @@

7.6.52. Admin updates execut
-
$ curl 'https://sechub.example.com/api/admin/config/executor/3ba26ad1-08b9-4f64-b329-868c41eaf1e4' -i -u 'user:secret' -X PUT \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/f603d4e9-04b7-4cb0-a32d-6a37a30ffa5c' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -d '{"name":"New name","productIdentifier":"PDS_CODESCAN","executorVersion":1,"enabled":false,"setup":{"baseURL":"https://productNew.example.com","credentials":{"user":"env:EXAMPLE_NEW_USENAME","password":"env:EXAMPLE_NEW_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]}}'
@@ -13682,7 +14002,7 @@

7.6.53. Admin creates an execution p

Definition

Table 105. https://localhost:8081/api/admin/config/executor/{uuid}Table 109. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -13712,7 +14032,7 @@

7.6.53. Admin creates an execution p

Path parameters

Table 106. General request informationTable 110. General request information
- +@@ -13811,7 +14131,7 @@

7.6.54. Admin deletes execution profile

Definition

Table 107. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 111. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -13841,7 +14161,7 @@

7.6.54. Admin deletes execution profile

Path parameters

Table 108. General request informationTable 112. General request information
- +@@ -13900,7 +14220,7 @@

7.6.55. Admin updates execution profile

Definition

Table 109. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 113. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -13930,7 +14250,7 @@

7.6.55. Admin updates execution profile

Path parameters

Table 110. General request informationTable 114. General request information
- +@@ -14007,7 +14327,7 @@

7.6.55. Admin updates execution profile 
$ curl 'https://sechub.example.com/api/admin/config/execution/profile/existing-profile-1' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"description":"changed description","configurations":[{"uuid":"d4990550-db53-443a-8564-e5335e9d521a","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
+ -d '{"description":"changed description","configurations":[{"uuid":"0e39c42a-94e7-4601-88ab-d8135585cf30","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
@@ -14024,7 +14344,7 @@

7.6.56. Admin fetches execution profile

Definition

Table 111. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 115. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -14054,7 +14374,7 @@

7.6.56. Admin fetches execution profile

Path parameters

Table 112. General request informationTable 116. General request information
- +@@ -14163,7 +14483,7 @@

7.6.56. Admin fetches execution profile
-
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"5d78a8f5-9bee-4ec9-a63a-4d57954df58c"}],"projectIds":["project-1","project-2"]}
+
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"3ae0c8e8-579e-48d5-925c-87801f82fada"}],"projectIds":["project-1","project-2"]}
@@ -14176,7 +14496,7 @@

7.6.57. Admin fetches execution pr

Definition

Table 113. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 117. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -14286,7 +14606,7 @@

7.6.58. Admin assigns execut

Definition

Table 114. General request informationTable 118. General request information
- +@@ -14316,7 +14636,7 @@

7.6.58. Admin assigns execut

Path parameters

Table 115. General request informationTable 119. General request information
- +@@ -14379,7 +14699,7 @@

7.6.59. Admin unassigns

Definition

Table 116. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 120. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -14409,7 +14729,7 @@

7.6.59. Admin unassigns

Path parameters

Table 117. General request informationTable 121. General request information
- +@@ -14472,7 +14792,7 @@

7.6.60. Admin fetches auto cle

Definition

Table 118. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 122. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -14543,7 +14863,7 @@

7.6.61. Admin updates auto cle

Definition

Table 119. General request informationTable 123. General request information
- +@@ -14611,7 +14931,7 @@

7.6.62. Admin disables job p

Definition

Table 120. General request informationTable 124. General request information
- +@@ -14678,7 +14998,7 @@

7.6.63. Admin enables scheduler

Definition

Table 121. General request informationTable 125. General request information
- +@@ -14745,7 +15065,7 @@

7.6.64. Admin get scheduler status

Definition

Table 122. General request informationTable 126. General request information
- +@@ -14812,7 +15132,7 @@

7.6.65. Admin lists status informationDefinition

Table 123. General request informationTable 127. General request information
- +@@ -14912,7 +15232,7 @@

7.6.66. Admin checks server version

Definition

Table 124. General request informationTable 128. General request information
- +@@ -14983,7 +15303,7 @@

7.6.67. User lists jobs for project

Definition

Table 125. General request informationTable 129. General request information
- +@@ -15013,7 +15333,7 @@

7.6.67. User lists jobs for project

Path parameters

Table 126. General request informationTable 130. General request information
- +@@ -15172,7 +15492,7 @@

7.6.67. User lists jobs for project

-
{"page":0,"totalPages":1,"content":[{"jobUUID":"1cc233ea-dddd-4f23-812e-896a319a3b18","executedBy":"User1","created":"2023-10-30T15:10:08.535549845","started":"2023-10-30T15:12:08.535571445","ended":"2023-10-30T15:27:08.535580745","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
+
{"page":0,"totalPages":1,"content":[{"jobUUID":"4d476ea8-bf68-47e8-8ce4-02507530947e","executedBy":"User1","created":"2023-11-24T12:45:51.536576492","started":"2023-11-24T12:47:51.53660723","ended":"2023-11-24T13:02:51.536619443","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
@@ -15211,7 +15531,7 @@
7.7.2.1. Overview
7.7.2.1.1. Diagram
-Sequence diagram of messaging overview +Sequence diagram of messaging overview
@@ -15388,7 +15708,7 @@
7.7.2.2. Message A
7.7.2.3. Message AUTO_CLEANUP_CONFIGURATION_CHANGED
-Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED +Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED
@@ -15670,7 +15990,7 @@
7.7.2.17.
7.7.2.18. Message PROJECT_ACCESS_LEVEL_CHANGED
-Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED +Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED
@@ -15686,7 +16006,7 @@
7.7.2.19. Message PROJECT_CREATED
7.7.2.20. Message PROJECT_DELETED
-Sequence diagram of messaging PROJECT_DELETED +Sequence diagram of messaging PROJECT_DELETED
@@ -15903,7 +16223,7 @@
7.7.2.30. Message
7.7.2.31. Message REQUEST_USER_ROLE_RECALCULATION
-Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION +Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION
@@ -16044,7 +16364,7 @@
7.7.2.39. Message SOURCE_UPLOA
7.7.2.40. Message START_SCAN
-Sequence diagram of messaging START_SCAN +Sequence diagram of messaging START_SCAN
@@ -16084,7 +16404,7 @@
7.7.2.41. Message UNSUPPORT
7.7.2.42. Message USER_ADDED_TO_PROJECT
-Sequence diagram of messaging USER_ADDED_TO_PROJECT +Sequence diagram of messaging USER_ADDED_TO_PROJECT
@@ -16113,7 +16433,7 @@
7.7.2.42. Message USER_ADDE
7.7.2.43. Message USER_API_TOKEN_CHANGED
-Sequence diagram of messaging USER_API_TOKEN_CHANGED +Sequence diagram of messaging USER_API_TOKEN_CHANGED
@@ -16129,7 +16449,7 @@
7.7.2.44. Message USER_BE
7.7.2.45. Message USER_CREATED
-Sequence diagram of messaging USER_CREATED +Sequence diagram of messaging USER_CREATED
@@ -16158,7 +16478,7 @@
7.7.2.45. Message USER_CREATED
7.7.2.46. Message USER_DELETED
-Sequence diagram of messaging USER_DELETED +Sequence diagram of messaging USER_DELETED
@@ -16174,7 +16494,7 @@
7.7.2.47. Message USER
7.7.2.48. Message USER_NEW_API_TOKEN_REQUESTED
-Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED +Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED
@@ -16203,7 +16523,7 @@
7.7.2.48. Message US
7.7.2.49. Message USER_NO_LONGER_SUPERADMIN
-Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN +Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN
@@ -16211,7 +16531,7 @@
7.7.2.49. Message USER_
7.7.2.50. Message USER_REMOVED_FROM_PROJECT
-Sequence diagram of messaging USER_REMOVED_FROM_PROJECT +Sequence diagram of messaging USER_REMOVED_FROM_PROJECT
@@ -16468,7 +16788,7 @@
8.2.1.1. Server
8.2.1.1.1. Overview
-Diagram +Diagram
Figure 6. Spring profiles and their explicit/implicit included parts
@@ -16505,7 +16825,7 @@
8.2.1.1.2. PROD
8.2.1.1.3. DEV
-Diagram +Diagram
Figure 8. Spring profile dev and its explicit/implicit included parts
@@ -16518,7 +16838,7 @@
8.2.1.1.3. DEV
8.2.1.1.4. Integration-Test
-Diagram +Diagram
Figure 9. Spring profile integrationtest and its explicit/implicit included parts
@@ -16635,7 +16955,7 @@

8.2.3. General configuration

The next text blocks describe the keys available on SecHub:

Table 127. https://localhost:8081/api/project/{projectId}/jobsTable 131. https://localhost:8081/api/project/{projectId}/jobs
- +@@ -16663,7 +16983,7 @@

8.2.3. General configuration

Table 128. Scope 'administration'Table 132. Scope 'administration'
- +@@ -16685,7 +17005,7 @@

8.2.3. General configuration

Table 129. Scope 'anonymous'Table 133. Scope 'anonymous'
- +@@ -16737,7 +17057,7 @@

8.2.3. General configuration

Table 130. Scope 'checkmarx'Table 134. Scope 'checkmarx'
- +@@ -16759,7 +17079,7 @@

8.2.3. General configuration

Table 131. Scope 'development'Table 135. Scope 'development'
- +@@ -16791,7 +17111,7 @@

8.2.3. General configuration

Table 132. Scope 'initial'Table 136. Scope 'initial'
- +@@ -16813,7 +17133,7 @@

8.2.3. General configuration

Table 133. Scope 'migration'Table 137. Scope 'migration'
- +@@ -16835,7 +17155,7 @@

8.2.3. General configuration

Table 134. Scope 'mock'Table 138. Scope 'mock'
- +@@ -16912,7 +17232,7 @@

8.2.3. General configuration

Table 135. Scope 'nessus'Table 139. Scope 'nessus'
- +@@ -16984,7 +17304,7 @@

8.2.3. General configuration

Table 136. Scope 'netsparker'Table 140. Scope 'netsparker'
- +@@ -17006,7 +17326,7 @@

8.2.3. General configuration

Table 137. Scope 'new'Table 141. Scope 'new'
- +@@ -17038,7 +17358,7 @@

8.2.3. General configuration

Table 138. Scope 'notification'Table 142. Scope 'notification'
- +@@ -17085,7 +17405,7 @@

8.2.3. General configuration

Table 139. Scope 'p'Table 143. Scope 'p'
- +@@ -17127,7 +17447,7 @@

8.2.3. General configuration

Table 140. Scope 's'Table 144. Scope 's'
- +@@ -17159,7 +17479,7 @@

8.2.3. General configuration

Table 141. Scope 'scan'Table 145. Scope 'scan'
- +@@ -17221,7 +17541,7 @@

8.2.3. General configuration

Table 142. Scope 'scheduler'Table 146. Scope 'scheduler'
- +@@ -17253,7 +17573,7 @@

8.2.3. General configuration

Table 143. Scope 'sec'Table 147. Scope 'sec'
- +@@ -17275,7 +17595,7 @@

8.2.3. General configuration

Table 144. Scope 'security'Table 148. Scope 'security'
- +@@ -17297,7 +17617,7 @@

8.2.3. General configuration

Table 145. Scope 'server'Table 149. Scope 'server'
- +@@ -17384,7 +17704,7 @@

8.2.3. General configuration

Table 146. Scope 'storage'Table 150. Scope 'storage'
- +@@ -17416,7 +17736,7 @@

8.2.3. General configuration

Table 147. Scope 'system'Table 151. Scope 'system'
- +@@ -17448,7 +17768,7 @@

8.2.3. General configuration

8.2.4. Scheduling definitions

Table 148. Scope 'target'Table 152. Scope 'target'
- +@@ -17470,7 +17790,7 @@

8.2.4. Scheduling definitions

- +@@ -17492,7 +17812,7 @@

8.2.4. Scheduling definitions

Table 150. Scope 'scan'Table 154. Scope 'scan'
- +@@ -17522,7 +17842,7 @@

8.2.4. Scheduling definitions

8.2.5. Configuration properties for mocked adapters

Table 151. Scope 'schedule'Table 155. Scope 'schedule'
- +@@ -17544,7 +17864,7 @@

8.2.5. Configuration properties for mocked adapters

Table 152. Scope 'abstract'Table 156. Scope 'abstract'
- +@@ -20489,7 +20809,7 @@

13. Glossary

diff --git a/docs/latest/sechub-client.html b/docs/latest/sechub-client.html index 3b0821d1b9..20ac854399 100644 --- a/docs/latest/sechub-client.html +++ b/docs/latest/sechub-client.html @@ -531,7 +531,7 @@
Table 153. Scope 'mocked'Table 157. Scope 'mocked'
-

Documentation version: Client 1.2.0-20230803155119

+

Documentation version: Client 1.3.0 - Build date: 20231124130227

@@ -2282,13 +2283,24 @@
2.5.7.1.1. Example anonymous
"apiVersion": "1.0", "webScan": { (1) "url": "https://www.gamechanger.example.org", (2) - "includes": [ - "/special/include" - ], (3) - "excludes": [ + "includes": [ (3) + "/special/include", + "/special/include/<*>", + "<*>/special/<*>/include/<*>", + "<*>/special/include/<*>", + "special/include/<*>", + "special/include", + "special/include/" + ], + "excludes": [ (4) "/en/contact", - "/contact" - ] (4) + "/en/contacts/<*>", + "<*>/en/<*>/contacts/<*>", + "<*>/en/contacts/<*>", + "en/contacts/<*>", + "en/contacts", + "en/contacts/" + ] }, "maxScanDuration": { (5) "duration": 1, @@ -2310,13 +2322,26 @@
2.5.7.1.1. Example anonymous
3 Optional: Define includes, if you have a special path that is linked nowhere, -so the scanner can not detect it automatically while crawling the application. -Always use them starting with a slash (/) because they are interpreted relative to the URL provided before. +so the scanner can not detect it automatically while crawling the application. You can use wildcards by using the symbol <*> like in the example above. +To make the scan work the target URL will always be implicitly included with "https://www.gamechanger.example.org<*>" if no includes are specified. If includes are specified the scan is limited to these includes. +In case you need to include certain parts of your application the scanner cannot detect, +but you want everything else to be scanned as well, please specify a wildcard as include explicitly: "includes": [ "/hidden/from/crawler/", "/<*>" ]. +
+
    +
  • +

    Includes starting with a slash (/) like "includes": [ "/special/include","/special/include/<*>"] they are interpreted relative to the scan target URL provided before.

    +
    • +
  • +

    Includes not starting with a slash (/) like "includes": [ "<*>/en/contacts/<*>","en/contacts/<*>","en/contacts","en/contacts/"] are interpreted as enclosed by wildcards like the first include in the list example: "<*>/en/contacts/<*>".

    +
    • +
+
4 Optional: Define excludes, if you have a special path you want to exclude, from the scan. -Always use them starting with a slash (/) because they are interpreted relative to the URL provided before. +You can use excludes the same way you can use the includes. +Excludes do always overwrite includes if the provided patterns for includes and excludes do have intersections. 5 @@ -2331,6 +2356,24 @@
2.5.7.1.1. Example anonymous
+
+ + + + + +
+ + +
+

Includes are a different from excludes looking at wildcards, because in includes they might not be resolved properly, if the pages behind the wildcards cannot be detected by a web crawler.

+
+
+

If you only want to scan a specific part of your application e.g only the customers section https://my-application.com/customer/, +you can specify the target URL : "url": "https://my-application.com" and the wanted include starting with a slash like this : "includes": [ "/customer/<*>"].

+
+
+
@@ -2403,7 +2446,7 @@
2.5.7.2.1. Options
-
2.5.7.2.2. Example no authentication
+
2.5.7.2.2. Example basic authentication
{
@@ -2430,7 +2473,7 @@ 
2.5.7.2.2. Example no authentication

 
 
 2
-Basic authentication start, needs user id/name and password.
+Basic authentication, needs user id/name and password.
 
 
 3
@@ -2441,22 +2484,28 @@ 
2.5.7.2.2. Example no authentication
-
2.5.7.2.3. Example basic authentication
+
2.5.7.2.3. Example client certificate authentication
+
client certificate authentication
{
-    "apiVersion": "1.0",
-    "webScan": {
-        "url": "https://productfailure.demo.example.org",
-        "login": {
-            "url": "https://productfailure.demo.example.org/login",(1)
-            "basic": {(2)
-                "user": "{{ .LOGIN_USER }}",
-                "password": "{{ .LOGIN_PWD }}",
-                "realm": "{{ .LOGIN_REALM }}" (3)
-            }
-        }
+  "apiVersion" : "1.0",
+  "project" : "example_project",
+  "data" : {
+    "sources" : [ {
+      "name" : "client-certificate-file-reference", (1)
+      "fileSystem" : {
+        "files" : [ "path/to/backend-cert.p12" ]
+      }
+    } ]
+  },
+  "webScan" : {
+    "url" : "https://my-app.com",
+    "clientCertificate" : {
+      "password" : "{{ .CERT_PASSWORD }}", (2)
+      "use" : [ "client-certificate-file-reference" ] (3)
     }
+  }
 }
@@ -2464,16 +2513,21 @@
2.5.7.2.3. Example basic authentication 1 -URL for web login +name of the source data configuration: "client-certificate-file-reference". +Please use single files only instead of folders to specify the client certificate. +If you want to combine this with an openAPI definition that must be uploaded for the scan as well, +please refer to this example. 2 -Basic authentication start, needs user id/name and password. +Optional: If the client certificate is password protected, the password can be specified here. +Using our SecHub GO client you can make use of the GO templating engine. +Like in the example above the you can provide an environment variable containing the password instead of writing the plaintext password in the JSON configuration file. +In the example above the SecHub GO client will substitute the value of "{{ .CERT_PASSWORD }}" with the value of the environment variable CERT_PASSWORD. 3 -You can set the realm used for basic authentication. But normally -this is not necessary and you can use an empty string. +web scan uses the referenced data configuration "client-certificate-file-reference", to obtain the client certificate file.
@@ -2671,7 +2725,62 @@
2.5.7.2.5. Example OpenAPI scan
-
2.5.7.2.6. Example Header scan
+
2.5.7.2.6. Example combination of openAPI definition and client certificate authentication
+
+
Open API scan with client certificate authentication
+
+
{
+  "apiVersion" : "1.0",
+  "data" : {
+    "sources" : [ {
+      "name" : "open-api-file-reference", (1)
+      "fileSystem" : {
+        "files" : [ "gamechanger-webapp/src/main/resources/openapi3.json" ]
+      }
+    }, {
+      "name" : "client-certificate-file-reference", (2)
+      "fileSystem" : {
+        "files" : [ "path/to/backend-cert.p12" ]
+      }
+    } ]
+  },
+  "webScan" : {
+    "url" : "https://productfailure.demo.example.org",
+    "api" : {
+      "type" : "openApi",
+      "use" : [ "open-api-file-reference" ] (3)
+    },
+    "clientCertificate" : {
+      "password" : "{{ .CERT_PASSWORD }}",
+      "use" : [ "client-certificate-file-reference" ] (4)
+    }
+  }
+}
+
+
+
+ + + + + + + + + + + + + + + + + +
1Data section with files referenced by the openAPI definition. Multiple files (NOT folders) are possible.
2Data section with the file referenced by the clientCertificate definition. Only one single file shall be provided here.
3Reference to the data section containing files with your openAPI definitions (e.g. swagger.yml or openAPI.json)
4Reference to the data section containing file with your client certificate for authentication.
+
+
+
+
2.5.7.2.7. Example Header scan
header scan
@@ -3153,6 +3262,27 @@

2.5.11. Code scan: accepted source .xaml

+

Certificates for secrets scans

+

.crt,
+.cer,
+.csr,
+.der,
+.pem,
+.pfx,
+.p12,
+.p7b,
+.p7c,
+.CRT,
+.CER,
+.CSR,
+.DER,
+.PEM,
+.PFX,
+.P12,
+.P7B,
+.P7C

+ +

Cobol

.cbl
.cob
@@ -3231,6 +3361,10 @@

2.5.11. Code scan: accepted source .tpl

+

Lua

+

.lua

+ +

Objective C, Swift

.m
.plist
@@ -3289,6 +3423,11 @@

2.5.11. Code scan: accepted source .rxml

+

Rust

+

.rs
+.rlib

+ +

Scala

.conf
.sc
@@ -3759,7 +3898,7 @@

3.1.2.1. Example cod
diff --git a/docs/latest/sechub-developer-quickstart-guide.html b/docs/latest/sechub-developer-quickstart-guide.html index eaecc76dad..8e978a9400 100644 --- a/docs/latest/sechub-developer-quickstart-guide.html +++ b/docs/latest/sechub-developer-quickstart-guide.html @@ -531,7 +531,7 @@
@@ -1760,7 +1760,7 @@

5.2.3. Run a SecHub + PDS integration

diff --git a/docs/latest/sechub-getting-started.html b/docs/latest/sechub-getting-started.html index 16c3c2584e..eb3ddb2951 100644 --- a/docs/latest/sechub-getting-started.html +++ b/docs/latest/sechub-getting-started.html @@ -531,7 +531,7 @@ @@ -1002,7 +1002,7 @@

1.2.6. Install Sechub’s diff --git a/docs/latest/sechub-operations.html b/docs/latest/sechub-operations.html index 053fd17166..4452354315 100644 --- a/docs/latest/sechub-operations.html +++ b/docs/latest/sechub-operations.html @@ -531,7 +531,7 @@
-
2.2.25.4. Web scan anonymous variant
+
2.2.25.6. Web scan with api definition variant

Definition

- +@@ -5598,7 +6010,7 @@
2.2.25.4. Web scan anonymou

Path parameters

Table 49. General request informationTable 53. General request information
- +@@ -5664,24 +6076,14 @@
2.2.25.4. Web scan anonymou
- - - - - - + - - - - - - + - + - +
Table 50. https://localhost:8081/api/project/{projectId}/jobTable 54. https://localhost:8081/api/project/{projectId}/job

Webscan URI to scan for

webScan.maxScanDuration.duration

Number

Duration of the scan as integer

webScan.maxScanDuration.unit

webScan.api.type

String

Unit of the duration. Possible values are: millisecond(s), second(s), minute(s), hour(s), day(s)

webScan.includes[]

Array

Include URL sub-paths to scan. Example: /hidden

Type of the API definition files that will be provided

webScan.excludes[]

webScan.api.use

Array

Exclude URL sub-paths to scan. Example: /admin

Reference to the data section containing the API definition files. Always use 'sources' with 'files' instead 'folders'.
@@ -5719,7 +6121,7 @@
2.2.25.4. Web scan anonymou 
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"webScan":{"maxScanDuration":{"duration":1,"unit":"HOUR"},"url":"https://localhost/mywebapp/login","includes":["/admin","/hidden","/admin.html"],"excludes":["/public/media","/static","/contaxt.html"]},"apiVersion":"1.0"}'
+ -d '{"webScan":{"api":{"type":"OPEN_API","use":["openApi-file-reference"]},"url":"https://localhost/mywebapp/login"},"apiVersion":"1.0"}'
@@ -5727,17 +6129,17 @@
2.2.25.4. Web scan anonymou
-
{"jobId":"be5f8dd1-e5e2-4f95-8089-0547dcd1c8f9"}
+
{"jobId":"a769623f-1a50-484c-bcac-0325a2ed6132"}
-
2.2.25.5. Web Scan login basic variant
+
2.2.25.7. Web scan with client certificate definition variant

Definition

- +@@ -5767,7 +6169,7 @@
2.2.25.5. Web Scan login

Path parameters

Table 51. General request informationTable 55. General request information
- +@@ -5833,29 +6235,14 @@
2.2.25.5. Web Scan login
- - - - - - - - - - - - - - - - + - + - - - + + +
Table 52. https://localhost:8081/api/project/{projectId}/jobTable 56. https://localhost:8081/api/project/{projectId}/job

Webscan URI to scan for

webScan.login

Object

Webscan login definition

webScan.login.url

String

Login URL

webScan.login.basic

Object

basic login definition

webScan.login.basic.user

webScan.clientCertificate.password

String

username

Password the client certificate file is protected with

webScan.login.basic.password

String

password

webScan.clientCertificate.use

Array

Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.
@@ -5893,7 +6280,7 @@
2.2.25.5. Web Scan login 
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"webScan":{"login":{"url":"https://localhost/mywebapp/login","basic":{"user":"username1","password":"password1"}},"url":"https://localhost/mywebapp"},"apiVersion":"1.0"}'
+ -d '{"webScan":{"url":"https://localhost/mywebapp","clientCertificate":{"password":"example-cert-password","use":["client-certificate-file-reference"]}},"apiVersion":"1.0"}'
@@ -5901,17 +6288,17 @@
2.2.25.5. Web Scan login
-
{"jobId":"25f699b7-47cf-4f34-bca1-a297330080ee"}
+
{"jobId":"0c0c7661-bbc3-4917-aa40-52714f117ccd"}
-
2.2.25.6. Web Scan login form scripted variant
+
2.2.25.8. Web Scan login form scripted variant

Definition

- +@@ -5941,7 +6328,7 @@
2.2.25.6. Web Sca

Path parameters

Table 53. General request informationTable 57. General request information
- +@@ -6095,17 +6482,17 @@
2.2.25.6. Web Sca
-
{"jobId":"229b9d0d-3108-4f61-93e6-fbbc27a1ad59"}
+
{"jobId":"80a925a9-bacd-4d52-a93e-49d599518e46"}
-
2.2.25.7. Web Scan headers variant
+
2.2.25.9. Web Scan headers variant

Definition

Table 54. https://localhost:8081/api/project/{projectId}/jobTable 58. https://localhost:8081/api/project/{projectId}/job
- +@@ -6135,7 +6522,7 @@
2.2.25.7. Web Scan headers va

Path parameters

Table 55. General request informationTable 59. General request information
- +@@ -6254,7 +6641,7 @@
2.2.25.7. Web Scan headers va
-
{"jobId":"15a25c3c-4e90-480a-ad8c-f3740ae40416"}
+
{"jobId":"d13cca95-dc19-4a41-b5c9-c10227428e60"}
@@ -6268,7 +6655,7 @@

2.2.26. User uploads source code

Definition

Table 56. https://localhost:8081/api/project/{projectId}/jobTable 60. https://localhost:8081/api/project/{projectId}/job
- +@@ -6298,7 +6685,7 @@

2.2.26. User uploads source code

Path parameters

Table 57. General request informationTable 61. General request information
- +@@ -6364,7 +6751,7 @@

2.2.26. User uploads source code

-
$ curl 'https://sechub.example.com/api/project/project1/job/0ceb402b-07f8-498a-afd7-95b89f391dc3/sourcecode' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/c036c81e-7ccf-4202-afb6-80c89ea77baf/sourcecode' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -F 'file=PK  
       �<M                       test1.txtPK  ?
@@ -6387,7 +6774,7 @@ 
2.2.27. User approves sechub job

 
Definition
Table 58. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecodeTable 62. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecode
- +@@ -6417,7 +6804,7 @@

2.2.27. User approves sechub job

Path parameters

Table 59. General request informationTable 63. General request information
- +@@ -6462,7 +6849,7 @@

2.2.27. User approves sechub job

-
$ curl 'https://sechub.example.com/api/project/project1/job/de12e9e4-299f-4e11-b802-15b66a20ab28/approve' -i -X PUT \
+
$ curl 'https://sechub.example.com/api/project/project1/job/e4fd2f7f-e61f-4e02-9fec-f22fde9f6616/approve' -i -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -6480,7 +6867,7 @@

2.2.28. User checks sechub job state

Definition

Table 60. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approveTable 64. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approve
- +@@ -6510,7 +6897,7 @@

2.2.28. User checks sechub job state

Path parameters

Table 61. General request informationTable 65. General request information
- +@@ -6614,7 +7001,7 @@

2.2.28. User checks sechub job state

-
$ curl 'https://sechub.example.com/api/project/project1/job/91cf9883-947d-4c3c-8c9a-d4896bc17973' -i -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/job/840a1fb9-18bb-4d93-bb80-ae1499112183' -i -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -6623,7 +7010,7 @@

2.2.28. User checks sechub job state

-
{"jobUUID":"91cf9883-947d-4c3c-8c9a-d4896bc17973","owner":"CREATOR1","created":"","started":"2023-10-30T15:12:08.478465955","ended":"2023-10-30T15:27:08.478488055","state":"ENDED","result":"OK","trafficLight":"GREEN"}
+
{"jobUUID":"840a1fb9-18bb-4d93-bb80-ae1499112183","owner":"CREATOR1","created":"","started":"2023-11-24T12:47:51.497412287","ended":"2023-11-24T13:02:51.497441251","state":"ENDED","result":"OK","trafficLight":"GREEN"}
@@ -6638,7 +7025,7 @@
2.2.29.1. JSON variant

Definition

Table 62. https://localhost:8081/api/project/{projectId}/job/{jobUUID}Table 66. https://localhost:8081/api/project/{projectId}/job/{jobUUID}
- +@@ -6668,7 +7055,7 @@
2.2.29.1. JSON variant

Path parameters

Table 63. General request informationTable 67. General request information
- +@@ -6698,7 +7085,7 @@
2.2.29.1. JSON variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/a24d6532-23a8-4423-b56b-083408a5b3a6' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/6f4be195-bc98-4089-9199-abf6786a518c' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -6710,7 +7097,7 @@
2.2.29.2. HTML variant

Definition

Table 64. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 68. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -6740,7 +7127,7 @@
2.2.29.2. HTML variant

Path parameters

Table 65. General request informationTable 69. General request information
- +@@ -6770,7 +7157,7 @@
2.2.29.2. HTML variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/1d6867cb-73bf-471a-a37d-2250030ce9a7' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/9dbdde4e-6cf3-4573-83bd-79e4b379202b' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/xhtml+xml'
@@ -6786,7 +7173,7 @@

2.2.30. User marks f

Definition

Table 66. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 70. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -6816,7 +7203,7 @@

2.2.30. User marks f

Path parameters

Table 67. General request informationTable 71. General request information
- +@@ -6925,7 +7312,7 @@

2.2.31. User unmarks ex

Definition

Table 68. https://localhost:8081/api/project/{projectId}/false-positivesTable 72. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -6955,7 +7342,7 @@

2.2.31. User unmarks ex

Path parameters

Table 69. General request informationTable 73. General request information
- +@@ -7021,7 +7408,7 @@

2.2.32. User fetch

Definition

Table 70. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}Table 74. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}
- +@@ -7051,7 +7438,7 @@

2.2.32. User fetch

Path parameters

Table 71. General request informationTable 75. General request information
- +@@ -7247,7 +7634,7 @@

2.2.33. User uploads binaries

Definition

Table 72. https://localhost:8081/api/project/{projectId}/false-positivesTable 76. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -7277,7 +7664,7 @@

2.2.33. User uploads binaries

Path parameters

Table 73. General request informationTable 77. General request information
- +@@ -7349,7 +7736,7 @@

2.2.33. User uploads binaries

-
$ curl 'https://sechub.example.com/api/project/project1/job/aa2d0c27-dc91-4b9d-bbde-1bb97b304f28/binaries' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/79c393b9-2e0e-4ef8-9dca-dceaad170b70/binaries' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -H 'x-file-size: 10240' \
     -F 'file=test1.txt                                                                                           0000664 0001750 0001750 00000000000 13353454574 012170  0                                                                                                    ustar   albert                          albert                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ' \
@@ -7370,7 +7757,7 @@ 
2.2.34. User downloads job rep
 
Definition
Table 74. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binariesTable 78. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binaries
- +@@ -7400,7 +7787,7 @@

2.2.34. User downloads job rep

Path parameters

Table 75. General request informationTable 79. General request information
- +@@ -7430,7 +7817,7 @@

2.2.34. User downloads job rep
-
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/975d5e0f-5b89-4248-8ca8-3db14855be82' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/bb7b3244-8c75-4122-9397-96ac312fe074' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -7445,7 +7832,7 @@

2.2.35. User self registration

Definition

Table 76. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}Table 80. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}
- +@@ -7532,7 +7919,7 @@

2.2.36. Admin lists open user signups

Definition

Table 77. General request informationTable 81. General request information
- +@@ -7636,7 +8023,7 @@

2.2.37. Admin applies self registration

Definition

Table 78. General request informationTable 82. General request information
- +@@ -7666,7 +8053,7 @@

2.2.37. Admin applies self registration

Path parameters

Table 79. General request informationTable 83. General request information
- +@@ -7724,7 +8111,7 @@

2.2.38. Admin deletes user signup

Definition

Table 80. https://localhost:8081/api/admin/signup/accept/{userId}Table 84. https://localhost:8081/api/admin/signup/accept/{userId}
- +@@ -7754,7 +8141,7 @@

2.2.38. Admin deletes user signup

Path parameters

Table 81. General request informationTable 85. General request information
- +@@ -7812,7 +8199,7 @@

2.2.39. User requests new API token

Definition

Table 82. https://localhost:8081/api/admin/signup/{userId}Table 86. https://localhost:8081/api/admin/signup/{userId}
- +@@ -7842,7 +8229,7 @@

2.2.39. User requests new API token

Path parameters

Table 83. General request informationTable 87. General request information
- +@@ -7886,7 +8273,7 @@

2.2.40. Admin lists all running jobs

Definition

Table 84. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}Table 88. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}
- +@@ -7993,7 +8380,7 @@

2.2.40. Admin lists all running jobs

-
[{"jobUUID":"51836965-000d-4a98-a7a5-8c553187d9a1","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-10-30T15:27:01.189032056","configuration":"{ config data }"}]
+
[{"jobUUID":"44156820-ed0e-4734-ac6e-c13f9071fc26","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-11-24T13:02:44.506400501","configuration":"{ config data }"}]
@@ -8006,7 +8393,7 @@

2.2.41. Admin cancels a job

Definition

Table 85. General request informationTable 89. General request information
- +@@ -8036,7 +8423,7 @@

2.2.41. Admin cancels a job

Path parameters

Table 86. General request informationTable 90. General request information
- +@@ -8077,7 +8464,7 @@

2.2.41. Admin cancels a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/2c010565-ad48-483c-a5fa-28dbf694e21c' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/9eb59a84-2f03-4803-b3f2-9bdcd381991d' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -8095,7 +8482,7 @@

2.2.42. Admin restarts a job

Definition

Table 87. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}Table 91. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}
- +@@ -8125,7 +8512,7 @@

2.2.42. Admin restarts a job

Path parameters

Table 88. General request informationTable 92. General request information
- +@@ -8166,7 +8553,7 @@

2.2.42. Admin restarts a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart/f3982269-f4e1-45fd-b71b-34718513ec89' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart/ffeef992-c0c1-48db-b8e1-d74e240e6513' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -8184,7 +8571,7 @@

2.2.43. Admin restarts a job (hard)

Definition

Table 89. https://localhost:8081/api/admin/jobs/restart/{jobUUID}Table 93. https://localhost:8081/api/admin/jobs/restart/{jobUUID}
- +@@ -8214,7 +8601,7 @@

2.2.43. Admin restarts a job (hard)

Path parameters

Table 90. General request informationTable 94. General request information
- +@@ -8255,7 +8642,7 @@

2.2.43. Admin restarts a job (hard)

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/da1c394e-bef0-4343-9a56-eafa56eabf30' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/bf4f724a-97c3-481e-99f3-d2fdce9c2941' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -8273,7 +8660,7 @@

2.2.44. User defines m

Definition

Table 91. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}Table 95. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}
- +@@ -8342,7 +8729,7 @@

2.2.45. User retriev

Definition

Table 92. General request informationTable 96. General request information
- +@@ -8414,7 +8801,7 @@

2.2.46. Admin updates mapping confi

Definition

Table 93. General request informationTable 97. General request information
- +@@ -8444,7 +8831,7 @@

2.2.46. Admin updates mapping confi

Path parameters

Table 94. General request informationTable 98. General request information
- +@@ -8538,7 +8925,7 @@

2.2.47. Admin fetches mapping confi

Definition

Table 95. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 99. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -8568,7 +8955,7 @@

2.2.47. Admin fetches mapping confi

Path parameters

Table 96. General request informationTable 100. General request information
- +@@ -8665,7 +9052,7 @@

2.2.48. Admin creates an execut

Definition

Table 97. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 101. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -8788,7 +9175,7 @@

2.2.48. Admin creates an execut
-
fe586480-1257-4d7c-8bf5-72d5eb526c2f
+
29006c13-2bc8-4235-926a-e59a194680e7
@@ -8801,7 +9188,7 @@

2.2.49. Admin deletes executor con

Definition

Table 98. General request informationTable 102. General request information
- +@@ -8831,7 +9218,7 @@

2.2.49. Admin deletes executor con

Path parameters

Table 99. General request informationTable 103. General request information
- +@@ -8872,7 +9259,7 @@

2.2.49. Admin deletes executor con
-
$ curl 'https://sechub.example.com/api/admin/config/executor/0aebb695-696d-4c97-9297-b53e7e4e04df' -i -u 'user:secret' -X DELETE \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/30904b46-9ea2-474a-9bac-b800ef74aed8' -i -u 'user:secret' -X DELETE \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -8890,7 +9277,7 @@

2.2.50. Admin fetches executo

Definition

Table 100. https://localhost:8081/api/admin/config/executor/{uuid}Table 104. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -8987,7 +9374,7 @@

2.2.50. Admin fetches executo
-
{"executorConfigurations":[{"uuid":"85281d07-9501-4892-87e7-46ad17e1b24f","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
+
{"executorConfigurations":[{"uuid":"f0594aaf-4fcd-482f-9fe5-c194ea2e5892","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
@@ -9000,7 +9387,7 @@

2.2.51. Admin fetches executor con

Definition

Table 101. General request informationTable 105. General request information
- +@@ -9030,7 +9417,7 @@

2.2.51. Admin fetches executor con

Path parameters

Table 102. General request informationTable 106. General request information
- +@@ -9140,7 +9527,7 @@

2.2.51. Admin fetches executor con
-
$ curl 'https://sechub.example.com/api/admin/config/executor/6447d179-2835-48c1-b7a5-b58d6d291854' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/7f35e685-96b2-414b-8bbc-70c0b9e7dac5' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -9149,7 +9536,7 @@

2.2.51. Admin fetches executor con
-
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"6447d179-2835-48c1-b7a5-b58d6d291854"}
+
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"7f35e685-96b2-414b-8bbc-70c0b9e7dac5"}
@@ -9162,7 +9549,7 @@

2.2.52. Admin updates execut

Definition

Table 103. https://localhost:8081/api/admin/config/executor/{uuid}Table 107. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -9192,7 +9579,7 @@

2.2.52. Admin updates execut

Path parameters

Table 104. General request informationTable 108. General request information
- +@@ -9297,7 +9684,7 @@

2.2.52. Admin updates execut
-
$ curl 'https://sechub.example.com/api/admin/config/executor/3ba26ad1-08b9-4f64-b329-868c41eaf1e4' -i -u 'user:secret' -X PUT \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/f603d4e9-04b7-4cb0-a32d-6a37a30ffa5c' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -d '{"name":"New name","productIdentifier":"PDS_CODESCAN","executorVersion":1,"enabled":false,"setup":{"baseURL":"https://productNew.example.com","credentials":{"user":"env:EXAMPLE_NEW_USENAME","password":"env:EXAMPLE_NEW_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]}}'
@@ -9316,7 +9703,7 @@

2.2.53. Admin creates an execution p

Definition

Table 105. https://localhost:8081/api/admin/config/executor/{uuid}Table 109. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -9346,7 +9733,7 @@

2.2.53. Admin creates an execution p

Path parameters

Table 106. General request informationTable 110. General request information
- +@@ -9445,7 +9832,7 @@

2.2.54. Admin deletes execution profile

Definition

Table 107. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 111. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -9475,7 +9862,7 @@

2.2.54. Admin deletes execution profile

Path parameters

Table 108. General request informationTable 112. General request information
- +@@ -9534,7 +9921,7 @@

2.2.55. Admin updates execution profile

Definition

Table 109. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 113. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -9564,7 +9951,7 @@

2.2.55. Admin updates execution profile

Path parameters

Table 110. General request informationTable 114. General request information
- +@@ -9641,7 +10028,7 @@

2.2.55. Admin updates execution profile 
$ curl 'https://sechub.example.com/api/admin/config/execution/profile/existing-profile-1' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"description":"changed description","configurations":[{"uuid":"d4990550-db53-443a-8564-e5335e9d521a","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
+ -d '{"description":"changed description","configurations":[{"uuid":"0e39c42a-94e7-4601-88ab-d8135585cf30","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
@@ -9658,7 +10045,7 @@

2.2.56. Admin fetches execution profile

Definition

Table 111. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 115. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -9688,7 +10075,7 @@

2.2.56. Admin fetches execution profile

Path parameters

Table 112. General request informationTable 116. General request information
- +@@ -9797,7 +10184,7 @@

2.2.56. Admin fetches execution profile
-
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"5d78a8f5-9bee-4ec9-a63a-4d57954df58c"}],"projectIds":["project-1","project-2"]}
+
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"3ae0c8e8-579e-48d5-925c-87801f82fada"}],"projectIds":["project-1","project-2"]}
@@ -9810,7 +10197,7 @@

2.2.57. Admin fetches execution pr

Definition

Table 113. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 117. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -9920,7 +10307,7 @@

2.2.58. Admin assigns execut

Definition

Table 114. General request informationTable 118. General request information
- +@@ -9950,7 +10337,7 @@

2.2.58. Admin assigns execut

Path parameters

Table 115. General request informationTable 119. General request information
- +@@ -10013,7 +10400,7 @@

2.2.59. Admin unassigns

Definition

Table 116. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 120. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -10043,7 +10430,7 @@

2.2.59. Admin unassigns

Path parameters

Table 117. General request informationTable 121. General request information
- +@@ -10106,7 +10493,7 @@

2.2.60. Admin fetches auto cle

Definition

Table 118. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 122. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -10177,7 +10564,7 @@

2.2.61. Admin updates auto cle

Definition

Table 119. General request informationTable 123. General request information
- +@@ -10245,7 +10632,7 @@

2.2.62. Admin disables job p

Definition

Table 120. General request informationTable 124. General request information
- +@@ -10312,7 +10699,7 @@

2.2.63. Admin enables scheduler

Definition

Table 121. General request informationTable 125. General request information
- +@@ -10379,7 +10766,7 @@

2.2.64. Admin get scheduler status

Definition

Table 122. General request informationTable 126. General request information
- +@@ -10446,7 +10833,7 @@

2.2.65. Admin lists status informationDefinition

Table 123. General request informationTable 127. General request information
- +@@ -10546,7 +10933,7 @@

2.2.66. Admin checks server version

Definition

Table 124. General request informationTable 128. General request information
- +@@ -10617,7 +11004,7 @@

2.2.67. User lists jobs for project

Definition

Table 125. General request informationTable 129. General request information
- +@@ -10647,7 +11034,7 @@

2.2.67. User lists jobs for project

Path parameters

Table 126. General request informationTable 130. General request information
- +@@ -10806,7 +11193,7 @@

2.2.67. User lists jobs for project

-
{"page":0,"totalPages":1,"content":[{"jobUUID":"1cc233ea-dddd-4f23-812e-896a319a3b18","executedBy":"User1","created":"2023-10-30T15:10:08.535549845","started":"2023-10-30T15:12:08.535571445","ended":"2023-10-30T15:27:08.535580745","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
+
{"page":0,"totalPages":1,"content":[{"jobUUID":"4d476ea8-bf68-47e8-8ce4-02507530947e","executedBy":"User1","created":"2023-11-24T12:45:51.536576492","started":"2023-11-24T12:47:51.53660723","ended":"2023-11-24T13:02:51.536619443","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
@@ -12048,14 +12435,14 @@

4.1.12. UC_011-User starts scan by client

 - + - + @@ -12069,14 +12456,14 @@

4.1.12. UC_011-User starts scan by client

 - + - + @@ -12405,17 +12792,17 @@

4.1.17. UC_016-Admin unassigns user from project

- - + + - + - - + + - + @@ -13228,14 +13615,14 @@

4.1.31. UC_030-Admin disables job processing in

- + - + @@ -15770,7 +16157,7 @@
4.1.73.1. Overview
4.1.73.1.1. Diagram
-Sequence diagram of messaging overview +Sequence diagram of messaging overview
@@ -15947,7 +16334,7 @@
4.1.73.2. Message
4.1.73.3. Message AUTO_CLEANUP_CONFIGURATION_CHANGED
-Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED +Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED
@@ -16229,7 +16616,7 @@
4.1.73.17
4.1.73.18. Message PROJECT_ACCESS_LEVEL_CHANGED
-Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED +Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED
@@ -16245,7 +16632,7 @@
4.1.73.19. Message PROJECT_CREATE
4.1.73.20. Message PROJECT_DELETED
-Sequence diagram of messaging PROJECT_DELETED +Sequence diagram of messaging PROJECT_DELETED
@@ -16462,7 +16849,7 @@
4.1.73.30. Messag
4.1.73.31. Message REQUEST_USER_ROLE_RECALCULATION
-Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION +Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION
@@ -16603,7 +16990,7 @@
4.1.73.39. Message SOURCE_UPLO
4.1.73.40. Message START_SCAN
-Sequence diagram of messaging START_SCAN +Sequence diagram of messaging START_SCAN
@@ -16643,7 +17030,7 @@
4.1.73.41. Message UNSUPPOR
4.1.73.42. Message USER_ADDED_TO_PROJECT
-Sequence diagram of messaging USER_ADDED_TO_PROJECT +Sequence diagram of messaging USER_ADDED_TO_PROJECT
@@ -16672,7 +17059,7 @@
4.1.73.42. Message USER_ADD
4.1.73.43. Message USER_API_TOKEN_CHANGED
-Sequence diagram of messaging USER_API_TOKEN_CHANGED +Sequence diagram of messaging USER_API_TOKEN_CHANGED
@@ -16688,7 +17075,7 @@
4.1.73.44. Message USER_B
4.1.73.45. Message USER_CREATED
-Sequence diagram of messaging USER_CREATED +Sequence diagram of messaging USER_CREATED
@@ -16717,7 +17104,7 @@
4.1.73.45. Message USER_CREATED
4.1.73.46. Message USER_DELETED
-Sequence diagram of messaging USER_DELETED +Sequence diagram of messaging USER_DELETED
@@ -16733,7 +17120,7 @@
4.1.73.47. Message USE
4.1.73.48. Message USER_NEW_API_TOKEN_REQUESTED
-Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED +Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED
@@ -16762,7 +17149,7 @@
4.1.73.48. Message U
4.1.73.49. Message USER_NO_LONGER_SUPERADMIN
-Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN +Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN
@@ -16770,7 +17157,7 @@
4.1.73.49. Message USER
4.1.73.50. Message USER_REMOVED_FROM_PROJECT
-Sequence diagram of messaging USER_REMOVED_FROM_PROJECT +Sequence diagram of messaging USER_REMOVED_FROM_PROJECT
@@ -16866,7 +17253,7 @@
4.1.73.52. Message USER_SIG
diff --git a/docs/latest/sechub-techdoc.html b/docs/latest/sechub-techdoc.html index becb043d39..0c7a871384 100644 --- a/docs/latest/sechub-techdoc.html +++ b/docs/latest/sechub-techdoc.html @@ -531,7 +531,7 @@
Table 127. https://localhost:8081/api/project/{projectId}/jobsTable 131. https://localhost:8081/api/project/{projectId}/jobs

2

upload binaries

upload sourcecode

ROLE_SUPERADMIN, ROLE_USER

2

2

upload sourcecode

upload binaries

ROLE_SUPERADMIN, ROLE_USER

3

4

get job status

download job report and traffic light

ROLE_SUPERADMIN, ROLE_USER

4

4

download job report and traffic light

get job status

ROLE_SUPERADMIN, ROLE_USER

2

Unassign user

ROLE_SUPERADMIN

Update authorization parts

2

The service will remove the user to the project. If users has no longer access to projects ROLE_USER will be removed

2

Update authorization parts

Unassign user

ROLE_SUPERADMIN

4

The service will remove the user to the project. If users has no longer access to projects ROLE_USER will be removed

4

Service call

ROLE_SUPERADMIN

2

Sends request to scheduler to send updates about current status.

Sends request to scheduler domain to disable scheduler job processing

2

Service call

ROLE_SUPERADMIN

3

Sends request to scheduler domain to disable scheduler job processing

Sends request to scheduler to send updates about current status.

3
-

Documentation version: Server 1.2.0-20231030152639

+

Documentation version: Server 1.3.0 - Build date: 20231124130227

Target audience for this document are SecHub Developers only!

@@ -2036,7 +2038,7 @@
3.1.1.1. Server
3.1.1.1.1. Overview
-Diagram +Diagram
Figure 1. Spring profiles and their explicit/implicit included parts
@@ -2073,7 +2075,7 @@
3.1.1.1.2. PROD
3.1.1.1.3. DEV
-Diagram +Diagram
Figure 3. Spring profile dev and its explicit/implicit included parts
@@ -2086,7 +2088,7 @@
3.1.1.1.3. DEV
3.1.1.1.4. Integration-Test
-Diagram +Diagram
Figure 4. Spring profile integrationtest and its explicit/implicit included parts
@@ -7645,7 +7647,7 @@
10.9.2.1. Overview
10.9.2.1.1. Diagram
-Sequence diagram of messaging overview +Sequence diagram of messaging overview
@@ -7822,7 +7824,7 @@
10.9.2.2. Message
10.9.2.3. Message AUTO_CLEANUP_CONFIGURATION_CHANGED
-Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED +Sequence diagram of messaging AUTO_CLEANUP_CONFIGURATION_CHANGED
@@ -8104,7 +8106,7 @@
10.9.2.17
10.9.2.18. Message PROJECT_ACCESS_LEVEL_CHANGED
-Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED +Sequence diagram of messaging PROJECT_ACCESS_LEVEL_CHANGED
@@ -8120,7 +8122,7 @@
10.9.2.19. Message PROJECT_CREATE
10.9.2.20. Message PROJECT_DELETED
-Sequence diagram of messaging PROJECT_DELETED +Sequence diagram of messaging PROJECT_DELETED
@@ -8337,7 +8339,7 @@
10.9.2.30. Messag
10.9.2.31. Message REQUEST_USER_ROLE_RECALCULATION
-Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION +Sequence diagram of messaging REQUEST_USER_ROLE_RECALCULATION
@@ -8478,7 +8480,7 @@
10.9.2.39. Message SOURCE_UPLO
10.9.2.40. Message START_SCAN
-Sequence diagram of messaging START_SCAN +Sequence diagram of messaging START_SCAN
@@ -8518,7 +8520,7 @@
10.9.2.41. Message UNSUPPOR
10.9.2.42. Message USER_ADDED_TO_PROJECT
-Sequence diagram of messaging USER_ADDED_TO_PROJECT +Sequence diagram of messaging USER_ADDED_TO_PROJECT
@@ -8547,7 +8549,7 @@
10.9.2.42. Message USER_ADD
10.9.2.43. Message USER_API_TOKEN_CHANGED
-Sequence diagram of messaging USER_API_TOKEN_CHANGED +Sequence diagram of messaging USER_API_TOKEN_CHANGED
@@ -8563,7 +8565,7 @@
10.9.2.44. Message USER_B
10.9.2.45. Message USER_CREATED
-Sequence diagram of messaging USER_CREATED +Sequence diagram of messaging USER_CREATED
@@ -8592,7 +8594,7 @@
10.9.2.45. Message USER_CREATED
10.9.2.46. Message USER_DELETED
-Sequence diagram of messaging USER_DELETED +Sequence diagram of messaging USER_DELETED
@@ -8608,7 +8610,7 @@
10.9.2.47. Message USE
10.9.2.48. Message USER_NEW_API_TOKEN_REQUESTED
-Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED +Sequence diagram of messaging USER_NEW_API_TOKEN_REQUESTED
@@ -8637,7 +8639,7 @@
10.9.2.48. Message U
10.9.2.49. Message USER_NO_LONGER_SUPERADMIN
-Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN +Sequence diagram of messaging USER_NO_LONGER_SUPERADMIN
@@ -8645,7 +8647,7 @@
10.9.2.49. Message USER
10.9.2.50. Message USER_REMOVED_FROM_PROJECT
-Sequence diagram of messaging USER_REMOVED_FROM_PROJECT +Sequence diagram of messaging USER_REMOVED_FROM_PROJECT
@@ -9849,17 +9851,17 @@

10.10.12. UC_011-User starts scan by client

2

-

upload binaries

+

upload sourcecode

ROLE_SUPERADMIN, ROLE_USER

2

-

This step is defined at method uploadBinaries in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

+

This step is defined at method uploadSourceCode in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

2

-

upload sourcecode

+

upload binaries

ROLE_SUPERADMIN, ROLE_USER

3

-

This step is defined at method uploadSourceCode in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

+

This step is defined at method uploadBinaries in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

3

@@ -9870,17 +9872,17 @@

10.10.12. UC_011-User starts scan by client

4

-

get job status

+

download job report and traffic light

ROLE_SUPERADMIN, ROLE_USER

4

-

This step is defined at method getJobStatus in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

+

This step is defined at method getScanSecHubReportAsJSON in class `com.mercedesbenz.sechub.domain.scan.report.ScanReportRestController`

4

-

download job report and traffic light

+

get job status

ROLE_SUPERADMIN, ROLE_USER

-

This step is defined at method getScanSecHubReportAsJSON in class `com.mercedesbenz.sechub.domain.scan.report.ScanReportRestController`

+

This step is defined at method getJobStatus in class `com.mercedesbenz.sechub.domain.schedule.SchedulerRestController`

@@ -10253,22 +10255,22 @@

10.10.17. UC_016-Admin unassigns user from proje

Update authorization parts

2

-

This step is defined at method revokeUserAccessFromProject in class `com.mercedesbenz.sechub.domain.schedule.access.ScheduleRevokeUserAccessFromProjectService`

+

This step is defined at method revokeUserAccessFromProject in class `com.mercedesbenz.sechub.domain.scan.access.ScanRevokeUserAccessFromProjectService`

2

-

Unassign user

-

ROLE_SUPERADMIN

+

Update authorization parts

+

2

-

The service will remove the user to the project. If users has no longer access to projects ROLE_USER will be removed

-

This step is defined at method unassignUserFromProject in class `com.mercedesbenz.sechub.domain.administration.project.ProjectUnassignUserService`

+

This step is defined at method revokeUserAccessFromProject in class `com.mercedesbenz.sechub.domain.schedule.access.ScheduleRevokeUserAccessFromProjectService`

2

-

Update authorization parts

- +

Unassign user

+

ROLE_SUPERADMIN

4

-

This step is defined at method revokeUserAccessFromProject in class `com.mercedesbenz.sechub.domain.scan.access.ScanRevokeUserAccessFromProjectService`

+

The service will remove the user to the project. If users has no longer access to projects ROLE_USER will be removed

+

This step is defined at method unassignUserFromProject in class `com.mercedesbenz.sechub.domain.administration.project.ProjectUnassignUserService`

4

@@ -10407,14 +10409,14 @@

10.10.19. UC_018-Admin deletes a user

revoke user from schedule access

3

-

This step is defined at method revokeUserAccess in class `com.mercedesbenz.sechub.domain.schedule.access.ScheduleRevokeUserAccessAtAllService`

+

This step is defined at method revokeUserAccess in class `com.mercedesbenz.sechub.domain.scan.access.ScanRevokeUserAccessAtAllService`

3

revoke user from schedule access

4

-

This step is defined at method revokeUserAccess in class `com.mercedesbenz.sechub.domain.scan.access.ScanRevokeUserAccessAtAllService`

+

This step is defined at method revokeUserAccess in class `com.mercedesbenz.sechub.domain.schedule.access.ScheduleRevokeUserAccessAtAllService`

4

@@ -11231,16 +11233,16 @@

10.10.31. UC_030-Admin disables job processing i

Service call

ROLE_SUPERADMIN

2

-

Sends request to scheduler to send updates about current status.

-

This step is defined at method triggerSchedulerStatusRefresh in class `com.mercedesbenz.sechub.domain.administration.scheduler.TriggerSchedulerStatusRefreshService`

+

Sends request to scheduler domain to disable scheduler job processing

+

This step is defined at method disableJobProcessing in class `com.mercedesbenz.sechub.domain.administration.scheduler.SwitchSchedulerJobProcessingService`

2

Service call

ROLE_SUPERADMIN

3

-

Sends request to scheduler domain to disable scheduler job processing

-

This step is defined at method disableJobProcessing in class `com.mercedesbenz.sechub.domain.administration.scheduler.SwitchSchedulerJobProcessingService`

+

Sends request to scheduler to send updates about current status.

+

This step is defined at method triggerSchedulerStatusRefresh in class `com.mercedesbenz.sechub.domain.administration.scheduler.TriggerSchedulerStatusRefreshService`

3

@@ -14548,7 +14550,7 @@

11.1.2. Check if the server is

REST API for usecase UC_039-Check if the server is alive and running.

-
11.1.2.1. HEAD variant
+
11.1.2.1. GET variant

Definition

@@ -14571,7 +14573,7 @@
11.1.2.1. HEAD variant

Method

-

HEAD

+

GET

Status code

@@ -14587,7 +14589,7 @@
11.1.2.1. HEAD variant
-
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X HEAD
+
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X GET
@@ -14596,7 +14598,7 @@
11.1.2.1. HEAD variant
-
11.1.2.2. GET variant
+
11.1.2.2. HEAD variant

Definition

@@ -14619,7 +14621,7 @@
11.1.2.2. GET variant

Method

-

GET

+

HEAD

Status code

@@ -14635,7 +14637,7 @@
11.1.2.2. GET variant
-
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X GET
+
$ curl 'https://sechub.example.com/api/anonymous/check/alive' -i -X HEAD
@@ -15350,7 +15352,7 @@

11.1.9. Admin downloads al

-
$ curl 'https://sechub.example.com/api/admin/scan/download/5ea6d812-a01a-4264-918c-dc25afead94e' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/admin/scan/download/cc83453f-2197-45fe-81ae-83b3e69d824d' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -16515,7 +16517,7 @@

11.1.20. Admin shows scan logs for pr

-
[{"sechubJobUUID":"c52205e9-5941-4c6d-a8c6-7ca33b6cefcb","executedBy":"spartakus","started":"2023-10-29T15:26:52.84720329","ended":"2023-10-30T15:26:52.84723169","status":"OK"}]
+
[{"sechubJobUUID":"e6713e74-754d-491e-8fef-8bcebb0e6285","executedBy":"spartakus","started":"2023-11-23T13:02:38.528398267","ended":"2023-11-24T13:02:38.52843186","status":"OK"}]
@@ -16971,7 +16973,7 @@

11.1.25. User creates a new sechub jobREST API for usecase UC_005-User creates a new sechub job

-
11.1.25.1. Code Scan variant
+
11.1.25.1. Web Scan login basic variant

Definition

@@ -17062,6 +17064,180 @@
11.1.25.1. Code Scan variant

The api version, currently only 1.0 is supported

+

webScan

+

Object

+

Webscan configuration block

+ + +

webScan.url

+

String

+

Webscan URI to scan for

+ + +

webScan.login

+

Object

+

Webscan login definition

+ + +

webScan.login.url

+

String

+

Login URL

+ + +

webScan.login.basic

+

Object

+

basic login definition

+ + +

webScan.login.basic.user

+

String

+

username

+ + +

webScan.login.basic.password

+

String

+

password

+ + + +
+

Response fields

+
+ +++++ + + + + + + + + + + + + + + +
PathTypeDescription

jobId

String

A unique job id

+
+

Example

+
+
+

Curl request

+
+
+
+
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
+    -H 'Content-Type: application/json;charset=UTF-8' \
+    -d '{"webScan":{"login":{"url":"https://localhost/mywebapp/login","basic":{"user":"username1","password":"password1"}},"url":"https://localhost/mywebapp"},"apiVersion":"1.0"}'
+
+
+
+

Response body

+
+
+
+
{"jobId":"bda5ed07-67f5-4c33-8818-8d513f5fd530"}
+
+
+
+
+
11.1.25.2. Code Scan variant
+
+

Definition

+
+ + ++++ + + + + + + + + + + + + + + + + + + + + +
Table 72. General request information
Value

Path

/api/project/{projectId}/job

Method

POST

Status code

200 OK

+
+

Path parameters

+
+ + ++++ + + + + + + + + + + + + +
Table 73. https://localhost:8081/api/project/{projectId}/job
ParameterDescription

projectId

The unique id of the project id where a new sechub job shall be created

+
+

Request headers

+
+ ++++ + + + + + + +
NameDescription
+
+

Request fields

+
+ +++++ + + + + + + + + + + + + + + @@ -17125,17 +17301,17 @@
11.1.25.1. Code Scan variant
-
{"jobId":"64a94d76-be86-4200-a2a9-b320872b95d8"}
+
{"jobId":"4bbcb616-ab9b-4382-a18d-43edbe1047df"}
-
11.1.25.2. Code Scan using data section variant
+
11.1.25.3. Code Scan using data section variant

Definition

PathTypeDescription

apiVersion

String

The api version, currently only 1.0 is supported

codeScan

Object

Code scan configuration block
- +@@ -17165,7 +17341,7 @@
11.1.25.2. Code S

Path parameters

Table 72. General request informationTable 74. General request information
- +@@ -17304,17 +17480,17 @@
11.1.25.2. Code S
-
{"jobId":"1dbc7a95-a94b-4cb3-aadb-b2d29f8c80ab"}
+
{"jobId":"20612a35-b962-4ec5-9275-850b3b573034"}
-
11.1.25.3. Infrastructure scan variant
+
11.1.25.4. Infrastructure scan variant

Definition

Table 73. https://localhost:8081/api/project/{projectId}/jobTable 75. https://localhost:8081/api/project/{projectId}/job
- +@@ -17344,7 +17520,7 @@
11.1.25.3. Infrastructure

Path parameters

Table 74. General request informationTable 76. General request information
- +@@ -17458,17 +17634,17 @@
11.1.25.3. Infrastructure
-
{"jobId":"e443055a-6335-4017-84fd-21fb6a9974f7"}
+
{"jobId":"d3ac6b76-c92f-4a34-8b04-60f7191dbcc6"}
-
11.1.25.4. Web scan anonymous variant
+
11.1.25.5. Web scan anonymous variant

Definition

Table 75. https://localhost:8081/api/project/{projectId}/jobTable 77. https://localhost:8081/api/project/{projectId}/job
- +@@ -17498,7 +17674,7 @@
11.1.25.4. Web scan anonymo

Path parameters

Table 76. General request informationTable 78. General request information
- +@@ -17627,17 +17803,17 @@
11.1.25.4. Web scan anonymo
-
{"jobId":"be5f8dd1-e5e2-4f95-8089-0547dcd1c8f9"}
+
{"jobId":"7a4729e2-6b4d-4429-b572-dde82b78e7e4"}
-
11.1.25.5. Web Scan login basic variant
+
11.1.25.6. Web scan with api definition variant

Definition

Table 77. https://localhost:8081/api/project/{projectId}/jobTable 79. https://localhost:8081/api/project/{projectId}/job
- +@@ -17667,7 +17843,7 @@
11.1.25.5. Web Scan login

Path parameters

Table 78. General request informationTable 80. General request information
- +@@ -17733,29 +17909,173 @@
11.1.25.5. Web Scan login
- - - + + + - + + + + + +
Table 79. https://localhost:8081/api/project/{projectId}/jobTable 81. https://localhost:8081/api/project/{projectId}/job

Webscan URI to scan for

webScan.login

Object

Webscan login definition

webScan.api.type

String

Type of the API definition files that will be provided

webScan.login.url

webScan.api.use

Array

Reference to the data section containing the API definition files. Always use 'sources' with 'files' instead 'folders'.

+
+

Response fields

+
+ +++++ + + + + + + + + + + - + + + +
PathTypeDescription

jobId

String

Login URL

A unique job id

+
+

Example

+
+
+

Curl request

+
+
+
+
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
+    -H 'Content-Type: application/json;charset=UTF-8' \
+    -d '{"webScan":{"api":{"type":"OPEN_API","use":["openApi-file-reference"]},"url":"https://localhost/mywebapp/login"},"apiVersion":"1.0"}'
+
+
+
+

Response body

+
+
+
+
{"jobId":"a769623f-1a50-484c-bcac-0325a2ed6132"}
+
+
+
+
+
11.1.25.7. Web scan with client certificate definition variant
+
+

Definition

+
+ + ++++ + + + + + + + + + + - + + + + + + + + +
Table 82. General request information
Value

Path

/api/project/{projectId}/job

webScan.login.basic

Method

POST

Status code

200 OK

+
+

Path parameters

+
+ + ++++ + + + + + + + + + + + + +
Table 83. https://localhost:8081/api/project/{projectId}/job
ParameterDescription

projectId

The unique id of the project id where a new sechub job shall be created

+
+

Request headers

+
+ ++++ + + + + + + +
NameDescription
+
+

Request fields

+
+ +++++ + + + + + + + + + + + + + + + - + - + - + - + - + + + + + +
PathTypeDescription

apiVersion

String

The api version, currently only 1.0 is supported

webScan

Object

basic login definition

Webscan configuration block

webScan.login.basic.user

webScan.url

String

username

Webscan URI to scan for

webScan.login.basic.password

webScan.clientCertificate.password

String

password

Password the client certificate file is protected with

webScan.clientCertificate.use

Array

Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.
@@ -17793,7 +18113,7 @@
11.1.25.5. Web Scan login 
$ curl 'https://sechub.example.com/api/project/project1/job' -i -X POST \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"webScan":{"login":{"url":"https://localhost/mywebapp/login","basic":{"user":"username1","password":"password1"}},"url":"https://localhost/mywebapp"},"apiVersion":"1.0"}'
+ -d '{"webScan":{"url":"https://localhost/mywebapp","clientCertificate":{"password":"example-cert-password","use":["client-certificate-file-reference"]}},"apiVersion":"1.0"}'
@@ -17801,17 +18121,17 @@
11.1.25.5. Web Scan login
-
{"jobId":"25f699b7-47cf-4f34-bca1-a297330080ee"}
+
{"jobId":"0c0c7661-bbc3-4917-aa40-52714f117ccd"}
-
11.1.25.6. Web Scan login form scripted variant
+
11.1.25.8. Web Scan login form scripted variant

Definition

- +@@ -17841,7 +18161,7 @@
11.1.25.6. Web Sc

Path parameters

Table 80. General request informationTable 84. General request information
- +@@ -17995,17 +18315,17 @@
11.1.25.6. Web Sc
-
{"jobId":"229b9d0d-3108-4f61-93e6-fbbc27a1ad59"}
+
{"jobId":"80a925a9-bacd-4d52-a93e-49d599518e46"}
-
11.1.25.7. Web Scan headers variant
+
11.1.25.9. Web Scan headers variant

Definition

Table 81. https://localhost:8081/api/project/{projectId}/jobTable 85. https://localhost:8081/api/project/{projectId}/job
- +@@ -18035,7 +18355,7 @@
11.1.25.7. Web Scan headers v

Path parameters

Table 82. General request informationTable 86. General request information
- +@@ -18154,7 +18474,7 @@
11.1.25.7. Web Scan headers v
-
{"jobId":"15a25c3c-4e90-480a-ad8c-f3740ae40416"}
+
{"jobId":"d13cca95-dc19-4a41-b5c9-c10227428e60"}
@@ -18168,7 +18488,7 @@

11.1.26. User uploads source code

Definition

Table 83. https://localhost:8081/api/project/{projectId}/jobTable 87. https://localhost:8081/api/project/{projectId}/job
- +@@ -18198,7 +18518,7 @@

11.1.26. User uploads source code

Path parameters

Table 84. General request informationTable 88. General request information
- +@@ -18264,7 +18584,7 @@

11.1.26. User uploads source code

-
$ curl 'https://sechub.example.com/api/project/project1/job/0ceb402b-07f8-498a-afd7-95b89f391dc3/sourcecode' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/c036c81e-7ccf-4202-afb6-80c89ea77baf/sourcecode' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -F 'file=PK  
       �<M                       test1.txtPK  ?
@@ -18287,7 +18607,7 @@ 
11.1.27. User approves sechub job

 
Definition
Table 85. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecodeTable 89. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/sourcecode
- +@@ -18317,7 +18637,7 @@

11.1.27. User approves sechub job

Path parameters

Table 86. General request informationTable 90. General request information
- +@@ -18362,7 +18682,7 @@

11.1.27. User approves sechub job

-
$ curl 'https://sechub.example.com/api/project/project1/job/de12e9e4-299f-4e11-b802-15b66a20ab28/approve' -i -X PUT \
+
$ curl 'https://sechub.example.com/api/project/project1/job/e4fd2f7f-e61f-4e02-9fec-f22fde9f6616/approve' -i -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -18380,7 +18700,7 @@

11.1.28. User checks sechub job state

Definition

Table 87. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approveTable 91. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/approve
- +@@ -18410,7 +18730,7 @@

11.1.28. User checks sechub job state

Path parameters

Table 88. General request informationTable 92. General request information
- +@@ -18514,7 +18834,7 @@

11.1.28. User checks sechub job state

-
$ curl 'https://sechub.example.com/api/project/project1/job/91cf9883-947d-4c3c-8c9a-d4896bc17973' -i -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/job/840a1fb9-18bb-4d93-bb80-ae1499112183' -i -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -18523,7 +18843,7 @@

11.1.28. User checks sechub job state

-
{"jobUUID":"91cf9883-947d-4c3c-8c9a-d4896bc17973","owner":"CREATOR1","created":"","started":"2023-10-30T15:12:08.478465955","ended":"2023-10-30T15:27:08.478488055","state":"ENDED","result":"OK","trafficLight":"GREEN"}
+
{"jobUUID":"840a1fb9-18bb-4d93-bb80-ae1499112183","owner":"CREATOR1","created":"","started":"2023-11-24T12:47:51.497412287","ended":"2023-11-24T13:02:51.497441251","state":"ENDED","result":"OK","trafficLight":"GREEN"}
@@ -18538,7 +18858,7 @@
11.1.29.1. JSON variant

Definition

Table 89. https://localhost:8081/api/project/{projectId}/job/{jobUUID}Table 93. https://localhost:8081/api/project/{projectId}/job/{jobUUID}
- +@@ -18568,7 +18888,7 @@
11.1.29.1. JSON variant

Path parameters

Table 90. General request informationTable 94. General request information
- +@@ -18598,7 +18918,7 @@
11.1.29.1. JSON variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/a24d6532-23a8-4423-b56b-083408a5b3a6' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/6f4be195-bc98-4089-9199-abf6786a518c' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -18610,7 +18930,7 @@
11.1.29.2. HTML variant

Definition

Table 91. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 95. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -18640,7 +18960,7 @@
11.1.29.2. HTML variant

Path parameters

Table 92. General request informationTable 96. General request information
- +@@ -18670,7 +18990,7 @@
11.1.29.2. HTML variant
-
$ curl 'https://sechub.example.com/api/project/project1/report/1d6867cb-73bf-471a-a37d-2250030ce9a7' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/9dbdde4e-6cf3-4573-83bd-79e4b379202b' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/xhtml+xml'
@@ -18686,7 +19006,7 @@

11.1.30. User marks

Definition

Table 93. https://localhost:8081/api/project/{projectId}/report/{jobUUID}Table 97. https://localhost:8081/api/project/{projectId}/report/{jobUUID}
- +@@ -18716,7 +19036,7 @@

11.1.30. User marks

Path parameters

Table 94. General request informationTable 98. General request information
- +@@ -18825,7 +19145,7 @@

11.1.31. User unmarks e

Definition

Table 95. https://localhost:8081/api/project/{projectId}/false-positivesTable 99. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -18855,7 +19175,7 @@

11.1.31. User unmarks e

Path parameters

Table 96. General request informationTable 100. General request information
- +@@ -18921,7 +19241,7 @@

11.1.32. User fetc

Definition

Table 97. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}Table 101. https://localhost:8081/api/project/{projectId}/false-positive/{jobUUID}/{findingId}
- +@@ -18951,7 +19271,7 @@

11.1.32. User fetc

Path parameters

Table 98. General request informationTable 102. General request information
- +@@ -19147,7 +19467,7 @@

11.1.33. User uploads binaries

Definition

Table 99. https://localhost:8081/api/project/{projectId}/false-positivesTable 103. https://localhost:8081/api/project/{projectId}/false-positives
- +@@ -19177,7 +19497,7 @@

11.1.33. User uploads binaries

Path parameters

Table 100. General request informationTable 104. General request information
- +@@ -19249,7 +19569,7 @@

11.1.33. User uploads binaries

-
$ curl 'https://sechub.example.com/api/project/project1/job/aa2d0c27-dc91-4b9d-bbde-1bb97b304f28/binaries' -i -X POST \
+
$ curl 'https://sechub.example.com/api/project/project1/job/79c393b9-2e0e-4ef8-9dca-dceaad170b70/binaries' -i -X POST \
     -H 'Content-Type: multipart/form-data;charset=UTF-8' \
     -H 'x-file-size: 10240' \
     -F 'file=test1.txt                                                                                           0000664 0001750 0001750 00000000000 13353454574 012170  0                                                                                                    ustar   albert                          albert                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ' \
@@ -19270,7 +19590,7 @@ 
11.1.34. User downloads job re
 
Definition
Table 101. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binariesTable 105. https://localhost:8081/api/project/{projectId}/job/{jobUUID}/binaries
- +@@ -19300,7 +19620,7 @@

11.1.34. User downloads job re

Path parameters

Table 102. General request informationTable 106. General request information
- +@@ -19330,7 +19650,7 @@

11.1.34. User downloads job re
-
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/975d5e0f-5b89-4248-8ca8-3db14855be82' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/project/project1/report/spdx/bb7b3244-8c75-4122-9397-96ac312fe074' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -H 'Accept: application/json'
@@ -19345,7 +19665,7 @@

11.1.35. User self registration

Definition

Table 103. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}Table 107. https://localhost:8081/api/project/{projectId}/report/spdx/{jobUUID}
- +@@ -19432,7 +19752,7 @@

11.1.36. Admin lists open user signupsDefinition

Table 104. General request informationTable 108. General request information
- +@@ -19536,7 +19856,7 @@

11.1.37. Admin applies self registratio

Definition

Table 105. General request informationTable 109. General request information
- +@@ -19566,7 +19886,7 @@

11.1.37. Admin applies self registratio

Path parameters

Table 106. General request informationTable 110. General request information
- +@@ -19624,7 +19944,7 @@

11.1.38. Admin deletes user signup

Definition

Table 107. https://localhost:8081/api/admin/signup/accept/{userId}Table 111. https://localhost:8081/api/admin/signup/accept/{userId}
- +@@ -19654,7 +19974,7 @@

11.1.38. Admin deletes user signup

Path parameters

Table 108. General request informationTable 112. General request information
- +@@ -19712,7 +20032,7 @@

11.1.39. User requests new API token

Definition

Table 109. https://localhost:8081/api/admin/signup/{userId}Table 113. https://localhost:8081/api/admin/signup/{userId}
- +@@ -19742,7 +20062,7 @@

11.1.39. User requests new API token

Path parameters

Table 110. General request informationTable 114. General request information
- +@@ -19786,7 +20106,7 @@

11.1.40. Admin lists all running jobs

Definition

Table 111. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}Table 115. https://localhost:8081/api/anonymous/refresh/apitoken/{emailAddress}
- +@@ -19893,7 +20213,7 @@

11.1.40. Admin lists all running jobs

-
[{"jobUUID":"51836965-000d-4a98-a7a5-8c553187d9a1","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-10-30T15:27:01.189032056","configuration":"{ config data }"}]
+
[{"jobUUID":"44156820-ed0e-4734-ac6e-c13f9071fc26","projectId":"project-name","owner":"owner-userid","status":"RUNNING","since":"2023-11-24T13:02:44.506400501","configuration":"{ config data }"}]
@@ -19906,7 +20226,7 @@

11.1.41. Admin cancels a job

Definition

Table 112. General request informationTable 116. General request information
- +@@ -19936,7 +20256,7 @@

11.1.41. Admin cancels a job

Path parameters

Table 113. General request informationTable 117. General request information
- +@@ -19977,7 +20297,7 @@

11.1.41. Admin cancels a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/2c010565-ad48-483c-a5fa-28dbf694e21c' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/cancel/9eb59a84-2f03-4803-b3f2-9bdcd381991d' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -19995,7 +20315,7 @@

11.1.42. Admin restarts a job

Definition

Table 114. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}Table 118. https://localhost:8081/api/admin/jobs/cancel/{jobUUID}
- +@@ -20025,7 +20345,7 @@

11.1.42. Admin restarts a job

Path parameters

Table 115. General request informationTable 119. General request information
- +@@ -20066,7 +20386,7 @@

11.1.42. Admin restarts a job

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart/f3982269-f4e1-45fd-b71b-34718513ec89' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart/ffeef992-c0c1-48db-b8e1-d74e240e6513' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -20084,7 +20404,7 @@

11.1.43. Admin restarts a job (hard)

Definition

Table 116. https://localhost:8081/api/admin/jobs/restart/{jobUUID}Table 120. https://localhost:8081/api/admin/jobs/restart/{jobUUID}
- +@@ -20114,7 +20434,7 @@

11.1.43. Admin restarts a job (hard)

Path parameters

Table 117. General request informationTable 121. General request information
- +@@ -20155,7 +20475,7 @@

11.1.43. Admin restarts a job (hard)

-
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/da1c394e-bef0-4343-9a56-eafa56eabf30' -i -u 'user:secret' -X POST \
+
$ curl 'https://sechub.example.com/api/admin/jobs/restart-hard/bf4f724a-97c3-481e-99f3-d2fdce9c2941' -i -u 'user:secret' -X POST \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -20173,7 +20493,7 @@

11.1.44. User defines

Definition

Table 118. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}Table 122. https://localhost:8081/api/admin/jobs/restart-hard/{jobUUID}
- +@@ -20242,7 +20562,7 @@

11.1.45. User retrie

Definition

Table 119. General request informationTable 123. General request information
- +@@ -20314,7 +20634,7 @@

11.1.46. Admin updates mapping conf

Definition

Table 120. General request informationTable 124. General request information
- +@@ -20344,7 +20664,7 @@

11.1.46. Admin updates mapping conf

Path parameters

Table 121. General request informationTable 125. General request information
- +@@ -20438,7 +20758,7 @@

11.1.47. Admin fetches mapping conf

Definition

Table 122. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 126. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -20468,7 +20788,7 @@

11.1.47. Admin fetches mapping conf

Path parameters

Table 123. General request informationTable 127. General request information
- +@@ -20565,7 +20885,7 @@

11.1.48. Admin creates an execu

Definition

Table 124. https://localhost:8081/api/admin/config/mapping/{mappingId}Table 128. https://localhost:8081/api/admin/config/mapping/{mappingId}
- +@@ -20688,7 +21008,7 @@

11.1.48. Admin creates an execu
-
fe586480-1257-4d7c-8bf5-72d5eb526c2f
+
29006c13-2bc8-4235-926a-e59a194680e7
@@ -20701,7 +21021,7 @@

11.1.49. Admin deletes executor co

Definition

Table 125. General request informationTable 129. General request information
- +@@ -20731,7 +21051,7 @@

11.1.49. Admin deletes executor co

Path parameters

Table 126. General request informationTable 130. General request information
- +@@ -20772,7 +21092,7 @@

11.1.49. Admin deletes executor co
-
$ curl 'https://sechub.example.com/api/admin/config/executor/0aebb695-696d-4c97-9297-b53e7e4e04df' -i -u 'user:secret' -X DELETE \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/30904b46-9ea2-474a-9bac-b800ef74aed8' -i -u 'user:secret' -X DELETE \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -20790,7 +21110,7 @@

11.1.50. Admin fetches execut

Definition

Table 127. https://localhost:8081/api/admin/config/executor/{uuid}Table 131. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -20887,7 +21207,7 @@

11.1.50. Admin fetches execut
-
{"executorConfigurations":[{"uuid":"85281d07-9501-4892-87e7-46ad17e1b24f","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
+
{"executorConfigurations":[{"uuid":"f0594aaf-4fcd-482f-9fe5-c194ea2e5892","name":"example configuration","enabled":true}],"type":"executorConfigurationList"}
@@ -20900,7 +21220,7 @@

11.1.51. Admin fetches executor co

Definition

Table 128. General request informationTable 132. General request information
- +@@ -20930,7 +21250,7 @@

11.1.51. Admin fetches executor co

Path parameters

Table 129. General request informationTable 133. General request information
- +@@ -21040,7 +21360,7 @@

11.1.51. Admin fetches executor co
-
$ curl 'https://sechub.example.com/api/admin/config/executor/6447d179-2835-48c1-b7a5-b58d6d291854' -i -u 'user:secret' -X GET \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/7f35e685-96b2-414b-8bbc-70c0b9e7dac5' -i -u 'user:secret' -X GET \
     -H 'Content-Type: application/json;charset=UTF-8'
@@ -21049,7 +21369,7 @@

11.1.51. Admin fetches executor co
-
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"6447d179-2835-48c1-b7a5-b58d6d291854"}
+
{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value"}]},"executorVersion":1,"enabled":false,"uuid":"7f35e685-96b2-414b-8bbc-70c0b9e7dac5"}
@@ -21062,7 +21382,7 @@

11.1.52. Admin updates execu

Definition

Table 130. https://localhost:8081/api/admin/config/executor/{uuid}Table 134. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -21092,7 +21412,7 @@

11.1.52. Admin updates execu

Path parameters

Table 131. General request informationTable 135. General request information
- +@@ -21197,7 +21517,7 @@

11.1.52. Admin updates execu
-
$ curl 'https://sechub.example.com/api/admin/config/executor/3ba26ad1-08b9-4f64-b329-868c41eaf1e4' -i -u 'user:secret' -X PUT \
+
$ curl 'https://sechub.example.com/api/admin/config/executor/f603d4e9-04b7-4cb0-a32d-6a37a30ffa5c' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
     -d '{"name":"New name","productIdentifier":"PDS_CODESCAN","executorVersion":1,"enabled":false,"setup":{"baseURL":"https://productNew.example.com","credentials":{"user":"env:EXAMPLE_NEW_USENAME","password":"env:EXAMPLE_NEW_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]}}'
@@ -21216,7 +21536,7 @@

11.1.53. Admin creates an execution

Definition

Table 132. https://localhost:8081/api/admin/config/executor/{uuid}Table 136. https://localhost:8081/api/admin/config/executor/{uuid}
- +@@ -21246,7 +21566,7 @@

11.1.53. Admin creates an execution

Path parameters

Table 133. General request informationTable 137. General request information
- +@@ -21345,7 +21665,7 @@

11.1.54. Admin deletes execution profil

Definition

Table 134. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 138. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -21375,7 +21695,7 @@

11.1.54. Admin deletes execution profil

Path parameters

Table 135. General request informationTable 139. General request information
- +@@ -21434,7 +21754,7 @@

11.1.55. Admin updates execution profil

Definition

Table 136. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 140. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -21464,7 +21784,7 @@

11.1.55. Admin updates execution profil

Path parameters

Table 137. General request informationTable 141. General request information
- +@@ -21541,7 +21861,7 @@

11.1.55. Admin updates execution profil 
$ curl 'https://sechub.example.com/api/admin/config/execution/profile/existing-profile-1' -i -u 'user:secret' -X PUT \
     -H 'Content-Type: application/json;charset=UTF-8' \
-    -d '{"description":"changed description","configurations":[{"uuid":"d4990550-db53-443a-8564-e5335e9d521a","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
+ -d '{"description":"changed description","configurations":[{"uuid":"0e39c42a-94e7-4601-88ab-d8135585cf30","executorVersion":0,"enabled":false,"setup":{"credentials":{},"jobParameters":[]}}],"enabled":true}'
@@ -21558,7 +21878,7 @@

11.1.56. Admin fetches execution profil

Definition

Table 138. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 142. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -21588,7 +21908,7 @@

11.1.56. Admin fetches execution profil

Path parameters

Table 139. General request informationTable 143. General request information
- +@@ -21697,7 +22017,7 @@

11.1.56. Admin fetches execution profil
-
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"5d78a8f5-9bee-4ec9-a63a-4d57954df58c"}],"projectIds":["project-1","project-2"]}
+
{"description":"a description","enabled":true,"configurations":[{"name":"New name","productIdentifier":"PDS_CODESCAN","setup":{"baseURL":"https://product.example.com","credentials":{"user":"env:EXAMPLE_USENAME","password":"env:EXAMPLE_PASSWORD"},"jobParameters":[{"key":"example.key1","value":"A value but changed. Remark: the other parameter (example.key2) has been removed by this call"}]},"executorVersion":1,"enabled":false,"uuid":"3ae0c8e8-579e-48d5-925c-87801f82fada"}],"projectIds":["project-1","project-2"]}
@@ -21710,7 +22030,7 @@

11.1.57. Admin fetches execution p

Definition

Table 140. https://localhost:8081/api/admin/config/execution/profile/{profileId}Table 144. https://localhost:8081/api/admin/config/execution/profile/{profileId}
- +@@ -21820,7 +22140,7 @@

11.1.58. Admin assigns execu

Definition

Table 141. General request informationTable 145. General request information
- +@@ -21850,7 +22170,7 @@

11.1.58. Admin assigns execu

Path parameters

Table 142. General request informationTable 146. General request information
- +@@ -21913,7 +22233,7 @@

11.1.59. Admin unassigns

Definition

Table 143. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 147. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -21943,7 +22263,7 @@

11.1.59. Admin unassigns

Path parameters

Table 144. General request informationTable 148. General request information
- +@@ -22006,7 +22326,7 @@

11.1.60. Admin fetches auto cl

Definition

Table 145. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}Table 149. https://localhost:8081/api/admin/config/execution/profile/{profileId}/project/{projectId}
- +@@ -22077,7 +22397,7 @@

11.1.61. Admin updates auto cl

Definition

Table 146. General request informationTable 150. General request information
- +@@ -22145,7 +22465,7 @@

11.1.62. Admin disables job

Definition

Table 147. General request informationTable 151. General request information
- +@@ -22212,7 +22532,7 @@

11.1.63. Admin enables scheduler

Definition

Table 148. General request informationTable 152. General request information
- +@@ -22279,7 +22599,7 @@

11.1.64. Admin get scheduler status

Definition

Table 149. General request informationTable 153. General request information
- +@@ -22346,7 +22666,7 @@

11.1.65. Admin lists status information<

Definition

Table 150. General request informationTable 154. General request information
- +@@ -22446,7 +22766,7 @@

11.1.66. Admin checks server version

Definition

Table 151. General request informationTable 155. General request information
- +@@ -22517,7 +22837,7 @@

11.1.67. User lists jobs for project

Definition

Table 152. General request informationTable 156. General request information
- +@@ -22547,7 +22867,7 @@

11.1.67. User lists jobs for project

Path parameters

Table 153. General request informationTable 157. General request information
- +@@ -22706,7 +23026,7 @@

11.1.67. User lists jobs for project

-
{"page":0,"totalPages":1,"content":[{"jobUUID":"1cc233ea-dddd-4f23-812e-896a319a3b18","executedBy":"User1","created":"2023-10-30T15:10:08.535549845","started":"2023-10-30T15:12:08.535571445","ended":"2023-10-30T15:27:08.535580745","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
+
{"page":0,"totalPages":1,"content":[{"jobUUID":"4d476ea8-bf68-47e8-8ce4-02507530947e","executedBy":"User1","created":"2023-11-24T12:45:51.536576492","started":"2023-11-24T12:47:51.53660723","ended":"2023-11-24T13:02:51.536619443","executionState":"ENDED","trafficLight":"GREEN","executionResult":"OK","metaData":{"labels":{"stage":"test"}}}]}
@@ -24546,7 +24866,7 @@
15.5.2.2.3. Profiles
diff --git a/docs/latest/server-download.html b/docs/latest/server-download.html index 4282d53676..ba018a38cd 100644 --- a/docs/latest/server-download.html +++ b/docs/latest/server-download.html @@ -1,7 +1,7 @@ - + Main Page
Table 154. https://localhost:8081/api/project/{projectId}/jobsTable 158. https://localhost:8081/api/project/{projectId}/jobs