diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/rest/FoDUrls.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/rest/FoDUrls.java index 9785e30930d..a934a1a939a 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/rest/FoDUrls.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/rest/FoDUrls.java @@ -38,6 +38,7 @@ public class FoDUrls { public static final String LOOKUP_ITEMS = ApiBase + "/lookup-items"; public static final String SCANS = ApiBase + "/scans"; public static final String SCAN = ApiBase + "/scans/{scanId}"; + public static final String V3_SCAN = "/api/v3scans/{scanId}"; public static final String APP_SCANS = APPLICATION + "/scans"; public static final String RELEASE_SCANS = RELEASE + "/scans"; public static final String STATIC_SCANS = ApiBase + "/releases/{relId}/static-scans"; diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanUpdateCommand.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanUpdateCommand.java new file mode 100644 index 00000000000..32f0b4b3070 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanUpdateCommand.java @@ -0,0 +1,61 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod._common.scan.cli.cmd; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fortify.cli.common.cli.util.CommandGroup; +import com.fortify.cli.common.output.transform.IActionCommandResultSupplier; +import com.fortify.cli.fod._common.cli.mixin.FoDDelimiterMixin; +import com.fortify.cli.fod._common.output.cli.cmd.AbstractFoDJsonNodeOutputCommand; +import com.fortify.cli.fod._common.scan.cli.mixin.FoDScanResolverMixin; +import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor; +import com.fortify.cli.fod._common.scan.helper.FoDScanHelper; +import com.fortify.cli.fod._common.scan.helper.FoDScanPutRequest; +import com.fortify.cli.fod._common.scan.helper.FoDScanType; +import com.fortify.cli.fod._common.util.FoDEnums; +import com.fortify.cli.fod.attribute.cli.mixin.FoDAttributeUpdateOptions; +import com.fortify.cli.fod.attribute.helper.FoDAttributeDefinitionHelper; + +import kong.unirest.UnirestInstance; +import picocli.CommandLine.Mixin; + +@CommandGroup("*-scan") +public abstract class AbstractFoDScanUpdateCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier { + @Mixin private FoDDelimiterMixin delimiterMixin; + @Mixin private FoDScanResolverMixin.PositionalParameter scanResolver; + @Mixin private FoDAttributeUpdateOptions.RequiredAttrOption scanAttrsUpdate; + + @Override + public final JsonNode getJsonNode(UnirestInstance unirest) { + FoDScanDescriptor descriptor = scanResolver.getScanDescriptor(unirest, getScanType()); + JsonNode jsonAttrs = new FoDAttributeDefinitionHelper(unirest).buildAttributesNodeForUpdate( + FoDEnums.AttributeTypes.Scan, + descriptor.getAttributes(), + scanAttrsUpdate.getAttributes(), + false); + FoDScanPutRequest request = FoDScanPutRequest.builder().attributes(jsonAttrs).build(); + return FoDScanHelper.updateScan(unirest, descriptor.getScanId(), request).asJsonNode(); + } + + protected abstract FoDScanType getScanType(); + + @Override + public final String getActionCommandResult() { + return "UPDATED"; + } + + @Override + public final boolean isSingular() { + return true; + } +} diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanHelper.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanHelper.java index e0b79a9d606..56320cd7ac4 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanHelper.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanHelper.java @@ -198,4 +198,12 @@ public static void cancelScan(UnirestInstance unirest, String releaseId, String } } + public static FoDScanDescriptor updateScan(UnirestInstance unirest, String scanId, FoDScanPutRequest request) { + unirest.put(FoDUrls.V3_SCAN) + .routeParam("scanId", scanId) + .body(objectMapper.valueToTree(request)) + .asObject(JsonNode.class).getBody(); + return getScanDescriptor(unirest, scanId, null); + } + } diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanPutRequest.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanPutRequest.java new file mode 100644 index 00000000000..be75f124dd3 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanPutRequest.java @@ -0,0 +1,28 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod._common.scan.helper; + +import com.fasterxml.jackson.databind.JsonNode; +import com.formkiq.graalvm.annotations.Reflectable; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.ToString; + +@Reflectable @NoArgsConstructor @AllArgsConstructor +@Getter @ToString @Builder +public class FoDScanPutRequest { + private JsonNode attributes; +} diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/attribute/cli/mixin/FoDAttributeUpdateOptions.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/attribute/cli/mixin/FoDAttributeUpdateOptions.java index b9f362301e8..aad2d7d675d 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/attribute/cli/mixin/FoDAttributeUpdateOptions.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/attribute/cli/mixin/FoDAttributeUpdateOptions.java @@ -37,6 +37,11 @@ public static class OptionalAttrOption extends AbstractFoDAppAttributeUpdateMixi @Getter private Map attributes; } + public static class RequiredAttrOption extends AbstractFoDAppAttributeUpdateMixin { + @Option(names = {"--attrs", "--attributes"}, required = true, split=",", paramLabel = PARAM_LABEL) + @Getter private Map attributes; + } + public static class RequiredPositionalParameter extends AbstractFoDAppAttributeUpdateMixin { @EnvSuffix("ATTRS") @Parameters(index = "0..*", arity = "1..*", paramLabel = PARAM_LABEL) @Getter private Map attributes; diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java index 1377ffaa5ff..9a42eb29b39 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java @@ -23,6 +23,7 @@ FoDDastScanDownloadCommand.class, FoDDastScanDownloadLatestCommand.class, FoDDastScanGetCommand.class, + FoDDastScanUpdateCommand.class, FoDDastLegacyScanGetConfigCommand.class, FoDDastScanImportCommand.class, FoDDastScanListCommand.class, diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanUpdateCommand.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanUpdateCommand.java new file mode 100644 index 00000000000..3a31545d1f3 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanUpdateCommand.java @@ -0,0 +1,31 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod.dast_scan.cli.cmd; + +import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins; +import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand; +import com.fortify.cli.fod._common.scan.helper.FoDScanType; + +import lombok.Getter; +import picocli.CommandLine.Command; +import picocli.CommandLine.Mixin; + +@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = true) +public class FoDDastScanUpdateCommand extends AbstractFoDScanUpdateCommand { + @Getter @Mixin private OutputHelperMixins.Update outputHelper; + + @Override + protected FoDScanType getScanType() { + return FoDScanType.Dynamic; + } +} diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanCommands.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanCommands.java index f1f7718f78e..e4f3d4e092c 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanCommands.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanCommands.java @@ -23,6 +23,7 @@ FoDMastScanDownloadCommand.class, FoDMastScanDownloadLatestCommand.class, FoDMastScanGetCommand.class, + FoDMastScanUpdateCommand.class, FoDMastScanGetConfigCommand.class, FoDMastScanImportCommand.class, FoDMastScanListCommand.class, diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanUpdateCommand.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanUpdateCommand.java new file mode 100644 index 00000000000..c17166964f0 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanUpdateCommand.java @@ -0,0 +1,31 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod.mast_scan.cli.cmd; + +import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins; +import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand; +import com.fortify.cli.fod._common.scan.helper.FoDScanType; + +import lombok.Getter; +import picocli.CommandLine.Command; +import picocli.CommandLine.Mixin; + +@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false) +public class FoDMastScanUpdateCommand extends AbstractFoDScanUpdateCommand { + @Getter @Mixin private OutputHelperMixins.Update outputHelper; + + @Override + protected FoDScanType getScanType() { + return FoDScanType.Mobile; + } +} diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java index f356847246d..5a39ad82f6d 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java @@ -22,6 +22,7 @@ FoDOssScanDownloadCommand.class, FoDOssScanDownloadLatestCommand.class, FoDOssScanGetCommand.class, + FoDOssScanUpdateCommand.class, FoDOssScanImportCommand.class, FoDOssScanImportDebrickedCommand.class, FoDOssScanListCommand.class, diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanUpdateCommand.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanUpdateCommand.java new file mode 100644 index 00000000000..718799a8ea4 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanUpdateCommand.java @@ -0,0 +1,31 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod.oss_scan.cli.cmd; + +import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins; +import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand; +import com.fortify.cli.fod._common.scan.helper.FoDScanType; + +import lombok.Getter; +import picocli.CommandLine.Command; +import picocli.CommandLine.Mixin; + +@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false) +public class FoDOssScanUpdateCommand extends AbstractFoDScanUpdateCommand { + @Getter @Mixin private OutputHelperMixins.Update outputHelper; + + @Override + protected FoDScanType getScanType() { + return FoDScanType.OpenSource; + } +} diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java index 3b1becb7e75..4845a19864c 100644 --- a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java @@ -23,6 +23,7 @@ FoDSastScanDownloadCommand.class, FoDSastScanDownloadLatestCommand.class, FoDSastScanGetCommand.class, + FoDSastScanUpdateCommand.class, FoDSastScanGetConfigCommand.class, FoDSastScanImportCommand.class, FoDSastScanImportSarifCommand.class, diff --git a/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanUpdateCommand.java b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanUpdateCommand.java new file mode 100644 index 00000000000..9cf97a95591 --- /dev/null +++ b/fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanUpdateCommand.java @@ -0,0 +1,31 @@ +/* + * Copyright 2021-2026 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.fod.sast_scan.cli.cmd; + +import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins; +import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand; +import com.fortify.cli.fod._common.scan.helper.FoDScanType; + +import lombok.Getter; +import picocli.CommandLine.Command; +import picocli.CommandLine.Mixin; + +@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false) +public class FoDSastScanUpdateCommand extends AbstractFoDScanUpdateCommand { + @Getter @Mixin private OutputHelperMixins.Update outputHelper; + + @Override + protected FoDScanType getScanType() { + return FoDScanType.Static; + } +} diff --git a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties index 2bd2400d4fd..6ada74811d8 100644 --- a/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties +++ b/fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties @@ -482,6 +482,9 @@ fcli.fod.scan.output.table.header.releaseName = Release fcli.fod.scan.output.table.header.QueuePositionWithinApplication = Queue Position fcli.fod.scan.cancel.usage.header = Cancel a scan. +fcli.fod.scan.update.usage.header = Update a scan. +fcli.fod.scan.update.attrs = Set of scan attribute id's or names and their values to set on the scan. \ + Existing scan attributes are preserved; only specified attributes are updated. fcli.fod.scan.get.usage.header = Get scan details. fcli.fod.scan.list.usage.header = List scans. fcli.fod.scan.list.status = Only return records matching the given scan processing status. @@ -519,6 +522,8 @@ fcli.fod.sast-scan.output.table.header.microserviceName = Microservice fcli.fod.sast-scan.output.table.header.releaseName = Release fcli.fod.sast-scan.output.table.header.QueuePositionWithinApplication = Queue Position fcli.fod.sast-scan.cancel.usage.header = Cancel a SAST scan. +fcli.fod.sast-scan.update.usage.header = Update a SAST scan. +fcli.fod.sast-scan.update.attrs = ${fcli.fod.scan.update.attrs} fcli.fod.sast-scan.get.usage.header = Get SAST scan details. fcli.fod.sast-scan.get-config.usage.header = (PREVIEW) Get current SAST scan configuration. fcli.fod.sast-scan.get-config.usage.description = This command is intended for preview only. \ @@ -594,6 +599,8 @@ fcli.fod.dast-scan.output.table.header.applicationName = Application fcli.fod.dast-scan.output.table.header.microserviceName = Microservice fcli.fod.dast-scan.output.table.header.releaseName = Release fcli.fod.dast-scan.cancel.usage.header = (PREVIEW) Cancel a DAST scan. +fcli.fod.dast-scan.update.usage.header = Update a DAST scan. +fcli.fod.dast-scan.update.attrs = ${fcli.fod.scan.update.attrs} fcli.fod.dast-scan.get.usage.header = (PREVIEW) Get DAST scan details. fcli.fod.dast-scan.get-config.usage.header = (PREVIEW) Get current DAST Automated scan configuration. fcli.fod.dast-scan.get-config.usage.description = This command is intended for DAST Automated scanning. \ @@ -769,6 +776,8 @@ fcli.fod.mast-scan.output.table.header.applicationName = Application fcli.fod.mast-scan.output.table.header.microserviceName = Microservice fcli.fod.mast-scan.output.table.header.releaseName = Release fcli.fod.mast-scan.cancel.usage.header = Cancel a MAST scan. +fcli.fod.mast-scan.update.usage.header = Update a MAST scan. +fcli.fod.mast-scan.update.attrs = ${fcli.fod.scan.update.attrs} fcli.fod.mast-scan.get.usage.header = Get MAST scan details. fcli.fod.mast-scan.get-config.usage.header = Get current MAST scan configuration. fcli.fod.mast-scan.get-config.usage.description = This command will retrieve the current MAST scan configuration. \ @@ -842,6 +851,8 @@ fcli.fod.oss-scan.output.table.header.applicationName = Application fcli.fod.oss-scan.output.table.header.microserviceName = Microservice fcli.fod.oss-scan.output.table.header.releaseName = Release fcli.fod.oss-scan.get.usage.header = Get OSS scan details. +fcli.fod.oss-scan.update.usage.header = Update an OSS scan. +fcli.fod.oss-scan.update.attrs = ${fcli.fod.scan.update.attrs} fcli.fod.oss-scan.list.usage.header = List OSS scans. fcli.fod.oss-scan.import.usage.header = Import existing OSS scan results (from an SBOM file). fcli.fod.oss-scan.import.usage.description = As FoD doesn't return a scan id for imported scans, the output of this command cannot be used with commands that expect a scan id, like the wait-for command.