From 683415c2908b501987213ed3301d297690970228 Mon Sep 17 00:00:00 2001
From: Khant1000 <131154593+Khant1000@users.noreply.github.com>
Date: Tue, 12 Dec 2023 16:21:22 +0530
Subject: [PATCH] jira1190

---
 build.gradle                                  |  2 +-
 .../com/checkmarx/jenkins/CxScanBuilder.java  | 48 ++++++++++++++++++-
 .../jenkins/DependencyScanConfig.java         |  8 +++-
 .../jenkins/CxScanBuilder/config.jelly        |  8 +++-
 .../jenkins/CxScanBuilder/global.jelly        |  9 +++-
 ... help-enableProjectPolicyEnforcement.html} |  0
 .../help-scaProjectCustomTags.html            |  3 ++
 .../CxScanBuilder/help-scaScanCustomTags.html |  3 ++
 8 files changed, 75 insertions(+), 6 deletions(-)
 rename src/main/resources/com/checkmarx/jenkins/CxScanBuilder/{help-enableProjectPolicyEnforcementSAST.html => help-enableProjectPolicyEnforcement.html} (100%)
 create mode 100644 src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaProjectCustomTags.html
 create mode 100644 src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaScanCustomTags.html

diff --git a/build.gradle b/build.gradle
index f623c482..8b9ea032 100644
--- a/build.gradle
+++ b/build.gradle
@@ -53,7 +53,7 @@ dependencies {
         exclude group: 'org.apache.logging.log4j', module: 'log4j-core'
     }
 
-    compile ('com.checkmarx:cx-client-common:3.3.3') {
+    compile ('com.checkmarx:cx-client-common:4.4.4') {
        exclude group: 'org.apache.commons', module: 'commons-compress'
        exclude group: 'org.yaml' , module: 'snakeyaml'
        exclude group: 'com.google.code.gson', module: 'gson'
diff --git a/src/main/java/com/checkmarx/jenkins/CxScanBuilder.java b/src/main/java/com/checkmarx/jenkins/CxScanBuilder.java
index a13036e0..aa03b52c 100644
--- a/src/main/java/com/checkmarx/jenkins/CxScanBuilder.java
+++ b/src/main/java/com/checkmarx/jenkins/CxScanBuilder.java
@@ -589,7 +589,6 @@ public String getExcludeOpenSourceFolders() {
     public void setExcludeOpenSourceFolders(@Nullable String excludeOpenSourceFolders) {
         this.excludeOpenSourceFolders = excludeOpenSourceFolders;
     }
-
     @Nullable
     public String getIncludeOpenSourceFolders() {
         return includeOpenSourceFolders;
@@ -1773,6 +1772,8 @@ private AstScaConfig getScaConfig(Run<?, ?> run, EnvVars env, DependencyScanConf
         result.setAccessControlUrl(dsConfig.scaAccessControlUrl);
         result.setWebAppUrl(dsConfig.scaWebAppUrl);
         result.setTenant(dsConfig.scaTenant);
+        result.setScaScanCustomTags(dsConfig.scaScanCustomTags);
+        result.setScaProjectCustomTags(dsConfig.scaProjectCustomTags);
         result.setTeamPath(dsConfig.scaTeamPath);
         result.setTeamId(dsConfig.scaTeamId);
         result.setIncludeSources(dsConfig.isIncludeSources);
@@ -1927,6 +1928,8 @@ private void printConfiguration(CxScanConfig config, DescriptorImpl descriptor,
 				log.info("Team: " + config.getAstScaConfig().getTeamPath());
 				log.info("is generate SCA report: " + config.isGenerateScaReport());
 				log.info("Enable Sca Resolver: " + config.getAstScaConfig().isEnableScaResolver());
+               log.info("Project custom Tags for SCA: " + config.getAstScaConfig().getScaProjectCustomTags());
+                log.info("Scan custom Tags for SCA: " + config.getAstScaConfig().getScaScanCustomTags());
 				if (config.getAstScaConfig().isEnableScaResolver())
 					log.info("Enable Exploitable Path by Sca Resolver: " + ((dependencyScanConfig.overrideGlobalConfig)
 							? dependencyScanConfig.isExploitablePathByScaResolver
@@ -2409,6 +2412,7 @@ public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
         @Nullable
         private String password;
         private Integer projectRetentionRateEnforce;
+
         private String credentialsId;
         private String mvnPath;
         private boolean isProxy = true;
@@ -2873,6 +2877,46 @@ private boolean checkAnyMandatoryAddParams(String scaResolverAddParameters) {
 					|| scaResolverAddParameters.contains("--resolver-result-path"));
 		}
 
+        /**
+         * This method validates the SCA Project Custom Tags Parameters on UI.
+         *
+         * @param value:                         Indicates scaProjectCustomTags.
+         * @return FormValidation: Indicates the outcome of the validation and send to
+         *         UI.
+         */
+        @POST
+        public FormValidation doCheckScaProjectCustomTags(@QueryParameter String value,@AncestorInPath Item item) {
+            if (item == null) {
+                return FormValidation.ok();
+            }
+            item.checkPermission(Item.CONFIGURE);
+            Pattern pattern = Pattern.compile("(^([a-zA-Z0-9#._]*):([a-zA-Z0-9#._]*)+(,([a-zA-Z0-9#._]*):([a-zA-Z0-9#._]*)+)*$)");
+            Matcher match = pattern.matcher(value);
+            if (!StringUtil.isNullOrEmpty(value) && !match.find()) {
+                return FormValidation.error("Custom Fields must have given format: key1:val1,key2:val2. \nCustom field allows to use these special characters: # . _ ");
+            }
+            return FormValidation.ok();
+        }
+        /**
+        * This method validates the SCA Scan Custom Tags  Parameters on UI.
+        *
+        * @param value:                         Indicates scaProjectCustomTags.
+        * @return FormValidation: Indicates the outcome of the validation and send to
+        *         UI.
+        */
+        @POST
+        public FormValidation doCheckScaScanCustomTags(@QueryParameter String value,@AncestorInPath Item item) {
+            if (item == null) {
+                return FormValidation.ok();
+            }
+            item.checkPermission(Item.CONFIGURE);
+            Pattern pattern = Pattern.compile("(^([a-zA-Z0-9#._]*):([a-zA-Z0-9#._]*)+(,([a-zA-Z0-9#._]*):([a-zA-Z0-9#._]*)+)*$)");
+            Matcher match = pattern.matcher(value);
+            if (!StringUtil.isNullOrEmpty(value) && !match.find()) {
+                return FormValidation.error("Custom Fields must have given format: key1:val1,key2:val2. \nCustom field allows to use these special characters: # . _ ");
+            }
+            return FormValidation.ok();
+        }
 
 		/**
 		 * This method validates the SCA Resolver Additional Parameters on UI.
@@ -2883,7 +2927,7 @@ private boolean checkAnyMandatoryAddParams(String scaResolverAddParameters) {
 		 *         UI.
 		 */
 		@POST
-		public FormValidation doCheckScaResolverAddParameters(@QueryParameter String value,
+		public FormValidation doCheckResolverAddParameters(@QueryParameter String value,
 				@QueryParameter boolean isExploitablePathByScaResolver) {
 			String warnMessage = "";
 			String errorMessage = "";
diff --git a/src/main/java/com/checkmarx/jenkins/DependencyScanConfig.java b/src/main/java/com/checkmarx/jenkins/DependencyScanConfig.java
index 0123d072..9007ae3e 100644
--- a/src/main/java/com/checkmarx/jenkins/DependencyScanConfig.java
+++ b/src/main/java/com/checkmarx/jenkins/DependencyScanConfig.java
@@ -70,7 +70,13 @@ public class DependencyScanConfig {
     
     @DataBoundSetter
     public String scaTeamPath;
-    
+
+    @DataBoundSetter
+    public String scaScanCustomTags;
+
+    @DataBoundSetter
+    public String scaProjectCustomTags;
+
     @DataBoundSetter
     public String scaTeamId;
     
diff --git a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/config.jelly b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/config.jelly
index 9e1a932c..bffde3a5 100644
--- a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/config.jelly
+++ b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/config.jelly
@@ -195,6 +195,12 @@
                     <f:entry title="Teampath" field="scaTeamPath">
                         <f:textbox value="${instance.dependencyScanConfig.scaTeamPath}"/>
                     </f:entry>
+                    <f:entry title="Project Custom Tags" field="scaProjectCustomTags">
+                        <f:textbox value="${instance.dependencyScanConfig.scaProjectCustomTags}"/>
+                    </f:entry>
+                    <f:entry title="Scan Custom Tags" field="scaScanCustomTags">
+                        <f:textbox value="${instance.dependencyScanConfig.scaScanCustomTags}"/>
+                    </f:entry>
                     
                     <f:entry title="SCA Scan timeout (minutes)" field="scaTimeout">
                         <f:textbox value="${instance.dependencyScanConfig.scaTimeout}"/>
@@ -278,7 +284,7 @@
                 <f:optionalBlock title="Generate CxSAST PDF report" inline="true" field="generatePdfReport" />
 
                 <!-- -= enableProjectPolicyEnforcement =- -->
-                <f:optionalBlock title="Enable Project's policy enforcement for SAST" inline="true" field="enableProjectPolicyEnforcementSAST" />
+                <f:optionalBlock title="Enable Project's policy enforcement for SAST" inline="true" field="enableProjectPolicyEnforcement" />
                     <f:optionalBlock title="Enable Project's policy enforcement for SCA" inline="true" field="enableProjectPolicyEnforcementSCA" />
 
 
diff --git a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/global.jelly b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/global.jelly
index 2b17addc..3b1d717e 100644
--- a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/global.jelly
+++ b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/global.jelly
@@ -165,7 +165,14 @@
                     <f:entry title="Teampath" field="scaTeamPath">
                         <f:textbox value="${instance.dependencyScanConfig.scaTeamPath}"/>
                     </f:entry>
-                     
+
+                    <f:entry title="Project Custom Tags" field="scaProjectCustomTags">
+                        <f:textbox value="${instance.dependencyScanConfig.scaProjectCustomTags}"/>
+                    </f:entry>
+                    <f:entry title="Scan Custom Tags" field="scaScanCustomTags">
+                        <f:textbox value="${instance.dependencyScanConfig.scaScanCustomTags}"/>
+                    </f:entry>
+
                      <f:entry title="SCA Scan timeout (minutes)" field="scaTimeout">
                         <f:textbox value="${descriptor.dependencyScanConfig.scaTimeout}"/>
                      </f:entry>
diff --git a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-enableProjectPolicyEnforcementSAST.html b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-enableProjectPolicyEnforcement.html
similarity index 100%
rename from src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-enableProjectPolicyEnforcementSAST.html
rename to src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-enableProjectPolicyEnforcement.html
diff --git a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaProjectCustomTags.html b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaProjectCustomTags.html
new file mode 100644
index 00000000..edd5a8c2
--- /dev/null
+++ b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaProjectCustomTags.html
@@ -0,0 +1,3 @@
+<div>
+  A project tag is a key:value pair, and multiple tags can be seperated using comma(,).(E.g: a:b, c:d)
+</div>
\ No newline at end of file
diff --git a/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaScanCustomTags.html b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaScanCustomTags.html
new file mode 100644
index 00000000..f9ec1b60
--- /dev/null
+++ b/src/main/resources/com/checkmarx/jenkins/CxScanBuilder/help-scaScanCustomTags.html
@@ -0,0 +1,3 @@
+<div>
+    A scan tag is a key:value pair, and multiple tags can be seperated using comma(,).(E.g: a:b, c:d)
+</div>
\ No newline at end of file