Added fod xxx-scan update commands

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/rest/FoDUrls.java

@@ -38,6 +38,7 @@ public class FoDUrls {
     public static final String LOOKUP_ITEMS = ApiBase + "/lookup-items";
     public static final String SCANS = ApiBase + "/scans";
     public static final String SCAN = ApiBase + "/scans/{scanId}";
+    public static final String V3_SCAN = "/api/v3scans/{scanId}";
     public static final String APP_SCANS = APPLICATION + "/scans";
     public static final String RELEASE_SCANS = RELEASE + "/scans";
     public static final String STATIC_SCANS = ApiBase + "/releases/{relId}/static-scans";

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/cli/cmd/AbstractFoDScanUpdateCommand.java

@@ -0,0 +1,61 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod._common.scan.cli.cmd;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fortify.cli.common.cli.util.CommandGroup;
+import com.fortify.cli.common.output.transform.IActionCommandResultSupplier;
+import com.fortify.cli.fod._common.cli.mixin.FoDDelimiterMixin;
+import com.fortify.cli.fod._common.output.cli.cmd.AbstractFoDJsonNodeOutputCommand;
+import com.fortify.cli.fod._common.scan.cli.mixin.FoDScanResolverMixin;
+import com.fortify.cli.fod._common.scan.helper.FoDScanDescriptor;
+import com.fortify.cli.fod._common.scan.helper.FoDScanHelper;
+import com.fortify.cli.fod._common.scan.helper.FoDScanPutRequest;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+import com.fortify.cli.fod._common.util.FoDEnums;
+import com.fortify.cli.fod.attribute.cli.mixin.FoDAttributeUpdateOptions;
+import com.fortify.cli.fod.attribute.helper.FoDAttributeDefinitionHelper;
+
+import kong.unirest.UnirestInstance;
+import picocli.CommandLine.Mixin;
+
+@CommandGroup("*-scan")
+public abstract class AbstractFoDScanUpdateCommand extends AbstractFoDJsonNodeOutputCommand implements IActionCommandResultSupplier {
+    @Mixin private FoDDelimiterMixin delimiterMixin;
+    @Mixin private FoDScanResolverMixin.PositionalParameter scanResolver;
+    @Mixin private FoDAttributeUpdateOptions.RequiredAttrOption scanAttrsUpdate;
+
+    @Override
+    public final JsonNode getJsonNode(UnirestInstance unirest) {
+        FoDScanDescriptor descriptor = scanResolver.getScanDescriptor(unirest, getScanType());
+        JsonNode jsonAttrs = new FoDAttributeDefinitionHelper(unirest).buildAttributesNodeForUpdate(
+                FoDEnums.AttributeTypes.Scan,
+                descriptor.getAttributes(),
+                scanAttrsUpdate.getAttributes(),
+                false);
+        FoDScanPutRequest request = FoDScanPutRequest.builder().attributes(jsonAttrs).build();
+        return FoDScanHelper.updateScan(unirest, descriptor.getScanId(), request).asJsonNode();
+    }
+
+    protected abstract FoDScanType getScanType();
+
+    @Override
+    public final String getActionCommandResult() {
+        return "UPDATED";
+    }
+
+    @Override
+    public final boolean isSingular() {
+        return true;
+    }
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanHelper.java

@@ -198,4 +198,12 @@ public static void cancelScan(UnirestInstance unirest, String releaseId, String
         }
     }
 
+    public static FoDScanDescriptor updateScan(UnirestInstance unirest, String scanId, FoDScanPutRequest request) {
+        unirest.put(FoDUrls.V3_SCAN)
+                .routeParam("scanId", scanId)
+                .body(objectMapper.valueToTree(request))
+                .asObject(JsonNode.class).getBody();
+        return getScanDescriptor(unirest, scanId, null);
+    }
+
 }

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/FoDScanPutRequest.java

@@ -0,0 +1,28 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod._common.scan.helper;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.formkiq.graalvm.annotations.Reflectable;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+
+@Reflectable @NoArgsConstructor @AllArgsConstructor
+@Getter @ToString @Builder
+public class FoDScanPutRequest {
+    private JsonNode attributes;
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/attribute/cli/mixin/FoDAttributeUpdateOptions.java

@@ -37,6 +37,11 @@ public static class OptionalAttrOption extends AbstractFoDAppAttributeUpdateMixi
         @Getter private Map<String, String> attributes;
     }
 
+    public static class RequiredAttrOption extends AbstractFoDAppAttributeUpdateMixin {
+        @Option(names = {"--attrs", "--attributes"}, required = true, split=",", paramLabel = PARAM_LABEL)
+        @Getter private Map<String, String> attributes;
+    }
+
     public static class RequiredPositionalParameter extends AbstractFoDAppAttributeUpdateMixin {
         @EnvSuffix("ATTRS") @Parameters(index = "0..*", arity = "1..*", paramLabel = PARAM_LABEL)
         @Getter private Map<String, String> attributes;

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanCommands.java

@@ -23,6 +23,7 @@
                 FoDDastScanDownloadCommand.class,
                 FoDDastScanDownloadLatestCommand.class,
                 FoDDastScanGetCommand.class,
+                FoDDastScanUpdateCommand.class,
                 FoDDastLegacyScanGetConfigCommand.class,
                 FoDDastScanImportCommand.class,
                 FoDDastScanListCommand.class,

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/dast_scan/cli/cmd/FoDDastScanUpdateCommand.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod.dast_scan.cli.cmd;
+
+import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
+import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+
+import lombok.Getter;
+import picocli.CommandLine.Command;
+import picocli.CommandLine.Mixin;
+
+@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = true)
+public class FoDDastScanUpdateCommand extends AbstractFoDScanUpdateCommand {
+    @Getter @Mixin private OutputHelperMixins.Update outputHelper;
+
+    @Override
+    protected FoDScanType getScanType() {
+        return FoDScanType.Dynamic;
+    }
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanCommands.java

@@ -23,6 +23,7 @@
                 FoDMastScanDownloadCommand.class,
                 FoDMastScanDownloadLatestCommand.class,
                 FoDMastScanGetCommand.class,
+                FoDMastScanUpdateCommand.class,
                 FoDMastScanGetConfigCommand.class,
                 FoDMastScanImportCommand.class,
                 FoDMastScanListCommand.class,

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/mast_scan/cli/cmd/FoDMastScanUpdateCommand.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod.mast_scan.cli.cmd;
+
+import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
+import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+
+import lombok.Getter;
+import picocli.CommandLine.Command;
+import picocli.CommandLine.Mixin;
+
+@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false)
+public class FoDMastScanUpdateCommand extends AbstractFoDScanUpdateCommand {
+    @Getter @Mixin private OutputHelperMixins.Update outputHelper;
+
+    @Override
+    protected FoDScanType getScanType() {
+        return FoDScanType.Mobile;
+    }
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanCommands.java

@@ -22,6 +22,7 @@
                 FoDOssScanDownloadCommand.class,
                 FoDOssScanDownloadLatestCommand.class,
                 FoDOssScanGetCommand.class,
+                FoDOssScanUpdateCommand.class,
                 FoDOssScanImportCommand.class,
                 FoDOssScanImportDebrickedCommand.class,
                 FoDOssScanListCommand.class,

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/oss_scan/cli/cmd/FoDOssScanUpdateCommand.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod.oss_scan.cli.cmd;
+
+import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
+import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+
+import lombok.Getter;
+import picocli.CommandLine.Command;
+import picocli.CommandLine.Mixin;
+
+@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false)
+public class FoDOssScanUpdateCommand extends AbstractFoDScanUpdateCommand {
+    @Getter @Mixin private OutputHelperMixins.Update outputHelper;
+
+    @Override
+    protected FoDScanType getScanType() {
+        return FoDScanType.OpenSource;
+    }
+}

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanCommands.java

@@ -23,6 +23,7 @@
                 FoDSastScanDownloadCommand.class,
                 FoDSastScanDownloadLatestCommand.class,
                 FoDSastScanGetCommand.class,
+                FoDSastScanUpdateCommand.class,
                 FoDSastScanGetConfigCommand.class,
                 FoDSastScanImportCommand.class,
                 FoDSastScanImportSarifCommand.class,

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanUpdateCommand.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2021-2026 Open Text.
+ *
+ * The only warranties for products and services of Open Text
+ * and its affiliates and licensors ("Open Text") are as may
+ * be set forth in the express warranty statements accompanying
+ * such products and services. Nothing herein should be construed
+ * as constituting an additional warranty. Open Text shall not be
+ * liable for technical or editorial errors or omissions contained
+ * herein. The information contained herein is subject to change
+ * without notice.
+ */
+package com.fortify.cli.fod.sast_scan.cli.cmd;
+
+import com.fortify.cli.common.output.cli.mixin.OutputHelperMixins;
+import com.fortify.cli.fod._common.scan.cli.cmd.AbstractFoDScanUpdateCommand;
+import com.fortify.cli.fod._common.scan.helper.FoDScanType;
+
+import lombok.Getter;
+import picocli.CommandLine.Command;
+import picocli.CommandLine.Mixin;
+
+@Command(name = OutputHelperMixins.Update.CMD_NAME, hidden = false)
+public class FoDSastScanUpdateCommand extends AbstractFoDScanUpdateCommand {
+    @Getter @Mixin private OutputHelperMixins.Update outputHelper;
+
+    @Override
+    protected FoDScanType getScanType() {
+        return FoDScanType.Static;
+    }
+}

fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties

@@ -482,6 +482,9 @@ fcli.fod.scan.output.table.header.releaseName = Release
 fcli.fod.scan.output.table.header.QueuePositionWithinApplication = Queue Position
 
 fcli.fod.scan.cancel.usage.header = Cancel a scan.
+fcli.fod.scan.update.usage.header = Update a scan.
+fcli.fod.scan.update.attrs = Set of scan attribute id's or names and their values to set on the scan. \
+  Existing scan attributes are preserved; only specified attributes are updated.
 fcli.fod.scan.get.usage.header = Get scan details.
 fcli.fod.scan.list.usage.header = List scans.
 fcli.fod.scan.list.status = Only return records matching the given scan processing status.
@@ -519,6 +522,8 @@ fcli.fod.sast-scan.output.table.header.microserviceName = Microservice
 fcli.fod.sast-scan.output.table.header.releaseName = Release
 fcli.fod.sast-scan.output.table.header.QueuePositionWithinApplication = Queue Position
 fcli.fod.sast-scan.cancel.usage.header = Cancel a SAST scan.
+fcli.fod.sast-scan.update.usage.header = Update a SAST scan.
+fcli.fod.sast-scan.update.attrs = ${fcli.fod.scan.update.attrs}
 fcli.fod.sast-scan.get.usage.header = Get SAST scan details.
 fcli.fod.sast-scan.get-config.usage.header = (PREVIEW) Get current SAST scan configuration.
 fcli.fod.sast-scan.get-config.usage.description = This command is intended for preview only. \
@@ -594,6 +599,8 @@ fcli.fod.dast-scan.output.table.header.applicationName = Application
 fcli.fod.dast-scan.output.table.header.microserviceName = Microservice
 fcli.fod.dast-scan.output.table.header.releaseName = Release
 fcli.fod.dast-scan.cancel.usage.header = (PREVIEW) Cancel a DAST scan.
+fcli.fod.dast-scan.update.usage.header = Update a DAST scan.
+fcli.fod.dast-scan.update.attrs = ${fcli.fod.scan.update.attrs}
 fcli.fod.dast-scan.get.usage.header = (PREVIEW) Get DAST scan details.
 fcli.fod.dast-scan.get-config.usage.header = (PREVIEW) Get current DAST Automated scan configuration.
 fcli.fod.dast-scan.get-config.usage.description = This command is intended for DAST Automated scanning. \
@@ -769,6 +776,8 @@ fcli.fod.mast-scan.output.table.header.applicationName = Application
 fcli.fod.mast-scan.output.table.header.microserviceName = Microservice
 fcli.fod.mast-scan.output.table.header.releaseName = Release
 fcli.fod.mast-scan.cancel.usage.header = Cancel a MAST scan.
+fcli.fod.mast-scan.update.usage.header = Update a MAST scan.
+fcli.fod.mast-scan.update.attrs = ${fcli.fod.scan.update.attrs}
 fcli.fod.mast-scan.get.usage.header = Get MAST scan details.
 fcli.fod.mast-scan.get-config.usage.header = Get current MAST scan configuration.
 fcli.fod.mast-scan.get-config.usage.description = This command will retrieve the current MAST scan configuration. \
@@ -842,6 +851,8 @@ fcli.fod.oss-scan.output.table.header.applicationName = Application
 fcli.fod.oss-scan.output.table.header.microserviceName = Microservice
 fcli.fod.oss-scan.output.table.header.releaseName = Release
 fcli.fod.oss-scan.get.usage.header = Get OSS scan details.
+fcli.fod.oss-scan.update.usage.header = Update an OSS scan.
+fcli.fod.oss-scan.update.attrs = ${fcli.fod.scan.update.attrs}
 fcli.fod.oss-scan.list.usage.header = List OSS scans.
 fcli.fod.oss-scan.import.usage.header = Import existing OSS scan results (from an SBOM file).
 fcli.fod.oss-scan.import.usage.description = As FoD doesn't return a scan id for imported scans, the output of this command cannot be used with commands that expect a scan id, like the wait-for command.