Implement simple file-upload in web-ui (#3977)

Author: lorriborri

sechub-administration/src/main/java/com/mercedesbenz/sechub/domain/administration/user/UserTransactionService.java

@@ -1,3 +1,4 @@
+// SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.domain.administration.user;
 
 import static java.util.Objects.requireNonNull;

sechub-pds-solutions/gitleaks/env

@@ -1,6 +1,6 @@
 # The base image to use
 # uncomment to use local image
-# BASE_IMAGE="pds-base_pds"
+# BASE_IMAGE="pds-base-pds"
 BASE_IMAGE="ghcr.io/mercedes-benz/sechub/pds-base"
 
 # The gitleaks version to use

sechub-web-ui/README.md

@@ -3,7 +3,7 @@
 
 This project is a web application that provides a user interface for the SecHub API. It is built with [Vite](https://vitejs.dev/), [Vue 3](https://v3.vuejs.org/), and [Vuetify](https://vuetifyjs.com/en/).
 
-## Prequisites
+## Prerequisites
 
 ### Installation
 
@@ -65,14 +65,14 @@ You can use the sechub-api.sh script to manage your user and project.
 1. Follow all steps above
 2. Start the integration test PDS  
 (for the correct run configuration follow the [developer guide](https://mercedes-benz.github.io/sechub/latest/sechub-developer-quickstart-guide.html#run-integration-tests-from-ide))
-3. (Optional) Initial setup: execute `test-setups/setup-integration-test-server.sh`. Make sure the .env file contains the correct values for basic auth.
+3. (Optional) Initial setup: execute `test-setups/integrationtest-setups/setup.sh`. Make sure the .env file contains the correct values for basic auth.
 
 ### Running local development server with SecHub Docker Container and PDS Docker Container (Real Products)
 > Only useful If you want to get real scan results
 1. Start the SecHub Server as Docker Container (see sechub-solution/01-...)
-2. Start the required PDS as Docker Container (e.g. sechub-pds-solutions/gosec/05-...)
-3. Set up PDS in sechub-solution/setups/ e.g. setup-gosec.sh
-4. Make sure your user is assigned to the project you want to scan
+2. Start the required PDS as Docker (e.g. sechub-pds-solutions/gosec/05-...)
+3. (Optional) Initial setup: execute `/test-setups/docker/setup.sh` for gosec and gitleaks (Make sure PDS are running)
+
 
 Now you can test your web-ui with sechub and real scans!
 

sechub-web-ui/public/favicon.ico

@@ -6,8 +6,8 @@
     <router-link to="/projects">
       <img
         alt="Logo"
-        class="logo ma-2 pa-1"
-        src="@/assets/sechub-logo.svg"
+        class="logo ma-2 pa-2"
+        src="@/assets/sechub-logo-shield.png"
       >
     </router-link>
 

sechub-web-ui/src/assets/sechub-logo-shield.png

@@ -1,13 +1,12 @@
 <!-- SPDX-License-Identifier: MIT -->
 <template>
-    <v-card>
-        <v-alert
-            closable
-            color="success"
-            density="compact"
-            :title="$t('CHANGE_USER_MAIL_SUCCESS')"
-            variant="tonal"
-        >
-        </v-alert>
-    </v-card>
+  <v-card>
+    <v-alert
+      closable
+      color="success"
+      density="compact"
+      :title="$t('CHANGE_USER_MAIL_SUCCESS')"
+      variant="tonal"
+    />
+  </v-card>
 </template>

sechub-web-ui/src/assets/sechub-logo.svg

@@ -94,16 +94,15 @@
 <script lang="ts">
   import { defineComponent } from 'vue'
   import { useRoute } from 'vue-router'
-  import { useI18n } from 'vue-i18n'
   import { SecHubConfiguration } from '@/generated-sources/openapi'
   import { buildSecHubConfiguration } from '@/utils/scanConfigUtils'
   import defaultClient from '@/services/defaultClient'
+  import { CODE_SCAN_IDENTIFIER, SECRET_SCAN_IDENTIFER } from '@/utils/applicationConstants'
 
   export default defineComponent({
 
     setup () {
       // routing and translation methods
-      const { t } = useI18n()
       const route = useRoute()
       const router = useRouter()
       const projectId = ref('')
@@ -151,7 +150,7 @@
         }
 
         if (selectedFile.value !== null) {
-          configuration.value = buildSecHubConfiguration(selectedScanOptions.value, selectedFile.value, selectedFileType.value, projectId.value)
+          configuration.value = buildSecHubConfiguration(selectedScanOptions.value, selectedFileType.value, projectId.value)
           createScan()
         }
       }
@@ -172,7 +171,7 @@
 
       return {
         projectId,
-        scanOptions: [t('SCAN_CREATE_CODE_SCAN'), t('SCAN_CREATE_SECRET_SCAN')] as string[],
+        scanOptions: [CODE_SCAN_IDENTIFIER, SECRET_SCAN_IDENTIFER] as string[],
         selectedScanOptions,
         validateScanReady,
         selectedFile,

sechub-web-ui/src/components/AppHeader.vue

@@ -21,26 +21,13 @@
       :label="$t('SCAN_CREATE_SOURCE_CODE')"
       :value="1"
     />
-    <!--
     <v-radio
       color="primary"
       :label="$t('SCAN_CREATE_BINARIES')"
       :value="2"
     />
-    -->
   </v-radio-group>
-  <v-alert
-    class="pa-2, mb-5"
-    color="info"
-    max-width="1000px"
-    :title="$t('SCAN_CREATE_FILE_UPLOAD_NOTE_TITLE')"
-    type="info"
-    variant="tonal"
-  >
-    {{ $t('SCAN_CREATE_FILE_UPLOAD_NOTE_ONE') }} <br>
-    {{ $t('SCAN_CREATE_FILE_UPLOAD_NOTE_TWO') }} <br>
-    {{ $t('SCAN_CREATE_FILE_UPLOAD_NOTE_THREE') }}
-  </v-alert>
+
   <v-file-input
     v-model="file"
     :accept="fileAccept"
@@ -67,6 +54,7 @@
 <script lang="ts">
   import { defineComponent, ref } from 'vue'
   import { useI18n } from 'vue-i18n'
+  import { FILETYPE_BINARIES, FILETYPE_SOURCES } from '@/utils/applicationConstants'
 
   export default defineComponent({
     emits: ['onFileUpdate'],
@@ -90,15 +78,14 @@
 
         switch (selectedRadio.value) {
           case 1:
-            fileType = 'sources'
+            fileType = FILETYPE_SOURCES
             validType = file.value?.type === 'application/zip'
             errorMessage = t('SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_ZIP')
             break
           case 2:
-            // binary upload currently not needed
-            // fileType = 'binaries'
-            // validType = file.value?.type === 'application/x-tar'
-            // errorMessage = t('SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_TAR')
+            fileType = FILETYPE_BINARIES
+            validType = file.value?.type === 'application/x-tar'
+            errorMessage = t('SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_TAR')
             break
         }
 

sechub-web-ui/src/components/EmailVerificationSuccess.vue

@@ -6,7 +6,7 @@ const config = ref({
   // New ENV must be defined in global.d.ts
   USERNAME: import.meta.env.VITE_API_USERNAME || undefined,
   PASSWORD: import.meta.env.VITE_API_PASSWORD || undefined,
-  BASIC_AUTH_DEV: import.meta.env.VITE_API_BASIC_AUTH_DEV === "true" || false,
+  BASIC_AUTH_DEV: import.meta.env.VITE_API_BASIC_AUTH_DEV === 'true' || false,
 })
 
 // Overrides local environment variables after project compilation

sechub-web-ui/src/components/ScanCreate.vue

@@ -43,27 +43,21 @@
     "SCAN_CREATE_TITLE": "Create new Scan",
     "SCAN_CREATE_SELECT_SCAN_TYPE": "Select Scan Type",
     "SCAN_CREATE_FILE_UPLOAD": "File Upload",
-    "SCAN_CREATE_FILE_UPLOAD_NOTE_TITLE": "Important for secretScan",
-    "SCAN_CREATE_FILE_UPLOAD_NOTE_ONE": "1. Put your code in the structure __data__/web-ui-upload/your-code",
-    "SCAN_CREATE_FILE_UPLOAD_NOTE_TWO": "2. Create  __data__.zip",
-    "SCAN_CREATE_FILE_UPLOAD_NOTE_THREE": "3. Upload __data__.zip",
     "SCAN_CREATE_FILE_UPLOAD_INPUT": "Upload File",
     "SCAN_CREATE_FILE_UPLOAD_PROGRESS": "Uploading your data...",
     "SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_TITLE": "Upload Error. Please select a valid file",
     "SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_ZIP": "File must be a valid .zip containing the code you wish to scan.",
     "SCAN_CREATE_FILE_UPLOAD_INPUT_ERROR_TAR": "File must be a valid .tar containing the binary you wish to scan.",
     "SCAN_CREATE_BINARIES": "Binaires",
     "SCAN_CREATE_SOURCE_CODE": "Source Code",
-    "SCAN_CREATE_CODE_SCAN": "codeScan",
-    "SCAN_CREATE_SECRET_SCAN": "secretScan",
     "SCAN_CREATE_SCAN_START": "Scan",
     "SCAN_CREATE_SCAN_CONFIGURATION": "Scan Configuration",
     "SCAN_ERROR_ALERT_TITLE": "Ooops, your scan failed",
     "SCAN_ERROR_ALERT_JOB_NOT_CREATED": "Could not create a new Job.",
     "SCAN_ERROR_ALERT_SOURCE_UPLOAD_FAILED": "Could not upload sources. Your Zip file might be too big or is not correctly packed. We recommend using the cli client for large files.",
     "SCAN_ERROR_ALERT_BINARY_UPLOAD_FAILED": "Could not upload binaries. Your Tar file might be too big or is not correctly packed. We recommend using the cli client for large files.",
     "SCAN_ERROR_ALERT_JOB_NOT_APPROVED": "Could not approve Job.",
-    "SCAN_ERROR_ALERT_NO_DATA_SECTION": "Could not get data section from configuration. Internal Error.",
-    "SCAN_ERROR_ALERT_GENERIC": "An internal error ocurred.",
+    "SCAN_ERROR_ALERT_NO_DATA_SECTION": "Could not get type section from configuration. Internal Error.",
+    "SCAN_ERROR_ALERT_GENERIC": "An internal error occurred.",
     "CHANGE_USER_MAIL_SUCCESS": "You have changed your Email successfully!"
 }

sechub-web-ui/src/components/ScanFileUpload.vue

@@ -9,6 +9,10 @@ import executionApi from './executionService'
 import { createSha256Checksum } from '../../utils/cryptoUtils'
 import { UserUploadsBinariesWorkaroundRequest, UserUploadSourceCodeWorkaroundRequest } from '@/services/executionService/executionService'
 import i18n from '@/i18n'
+import {
+  UPLOAD_BINARIES_IDENTIFIER,
+  UPLOAD_SOURCE_CODE_IDENTIFIER,
+} from '@/utils/applicationConstants'
 
 // Implements the scan of a file in three steps: creating a Job, uploading the data and approve the job
 class ScanService {
@@ -47,7 +51,7 @@ class ScanService {
   private async uploadData (configuration: SecHubConfiguration, jobId: string, file: File, errorMessages: string[]) {
     const checksum: string = await createSha256Checksum(file)
 
-    if (configuration.data?.sources) {
+    if (this.containsString(configuration, UPLOAD_SOURCE_CODE_IDENTIFIER)) {
       const requestParameters: UserUploadSourceCodeWorkaroundRequest = {
         projectId: configuration.projectId,
         jobUUID: jobId,
@@ -61,7 +65,7 @@ class ScanService {
         console.error('Source code upload failed:', error)
         errorMessages.push(i18n.global.t('SCAN_ERROR_ALERT_SOURCE_UPLOAD_FAILED'))
       }
-    } else if (configuration.data?.binaries) {
+    } else if (this.containsString(configuration, UPLOAD_BINARIES_IDENTIFIER)) {
       const size: string = file.size.toString()
       const requestParameters: UserUploadsBinariesWorkaroundRequest = {
         projectId: configuration.projectId,
@@ -78,10 +82,15 @@ class ScanService {
         errorMessages.push(i18n.global.t('SCAN_ERROR_ALERT_BINARY_UPLOAD_FAILED'))
       }
     } else {
-      errorMessages.push(i18n.global.t('SCAN_ERROR_ALERT_NO_DATA_SECTION'))
+      errorMessages.push(i18n.global.t('SCAN_ERROR_ALERT_CONFIGURATION_ERROR'))
     }
   }
 
+  private containsString (config: SecHubConfiguration, searchString: string): boolean {
+    const jsonString = JSON.stringify(config)
+    return jsonString.includes(searchString)
+  }
+
   private async approveJob (projectId: string, jobId: string, errorMessages: string[]) {
     const requestParameters: UserApproveJobRequest = {
       projectId,

sechub-web-ui/src/config.ts

@@ -0,0 +1,9 @@
+// SPDX-License-Identifier: MIT
+// constants for sechub scan configuration
+export const UPLOAD_BINARIES_IDENTIFIER: string = '__binaries_archive_root__'
+export const UPLOAD_SOURCE_CODE_IDENTIFIER: string = '__sourcecode_archive_root__'
+export const CODE_SCAN_IDENTIFIER: string = 'codeScan'
+export const SECRET_SCAN_IDENTIFER: string = 'secretScan'
+
+export const FILETYPE_SOURCES: string = 'sources'
+export const FILETYPE_BINARIES: string = 'binaries'

sechub-web-ui/src/i18n/locales/en.json

@@ -2,48 +2,47 @@
 import {
   SecHubCodeScanConfiguration,
   SecHubConfiguration,
-  SecHubDataConfiguration,
-  SecHubFileSystemConfiguration,
   SecHubSecretScanConfiguration,
 } from '@/generated-sources/openapi'
 
-export function buildSecHubConfiguration (scanTypes: string[], uploadFile: File, fileType: string, projectId: string): SecHubConfiguration {
-  const UNIQUE_NAME = 'web-ui-upload'
-
-  const fileSystemConfig: SecHubFileSystemConfiguration = {
-    files: [uploadFile.name],
-  }
-
-  const dataConfiguration: SecHubDataConfiguration = {
-    sources: fileType === 'sources' ? [{ name: UNIQUE_NAME, fileSystem: fileSystemConfig }] : undefined,
-    binaries: fileType === 'binaries' ? [{ name: UNIQUE_NAME, fileSystem: fileSystemConfig }] : undefined,
-  }
-
-  const codeScanConfiguration: SecHubCodeScanConfiguration = {}
-  const secretScanConfiguration: SecHubSecretScanConfiguration = {}
-
-  if (scanTypes.includes('codeScan')) {
-    codeScanConfiguration.use = [UNIQUE_NAME]
-  }
+import {
+  CODE_SCAN_IDENTIFIER,
+  FILETYPE_BINARIES,
+  FILETYPE_SOURCES,
+  SECRET_SCAN_IDENTIFER,
+  UPLOAD_BINARIES_IDENTIFIER,
+  UPLOAD_SOURCE_CODE_IDENTIFIER,
+} from './applicationConstants'
 
-  if (scanTypes.includes('secretScan')) {
-    secretScanConfiguration.use = [UNIQUE_NAME]
-  }
+export function buildSecHubConfiguration (scanTypes: string[], fileType: string, projectId: string): SecHubConfiguration {
+  const UNIQUE_NAME : string = getUniqueName(fileType)
 
   const config: SecHubConfiguration = {
     apiVersion: '1.0',
     projectId,
-    data: dataConfiguration,
   }
 
-  // adding scan types to configuration
-  if (codeScanConfiguration.use) {
+  if (scanTypes.includes(CODE_SCAN_IDENTIFIER)) {
+    const codeScanConfiguration: SecHubCodeScanConfiguration = {}
+    codeScanConfiguration.use = [UNIQUE_NAME]
     config.codeScan = codeScanConfiguration
   }
 
-  if (secretScanConfiguration.use) {
+  if (scanTypes.includes(SECRET_SCAN_IDENTIFER)) {
+    const secretScanConfiguration: SecHubSecretScanConfiguration = {}
+    secretScanConfiguration.use = [UNIQUE_NAME]
     config.secretScan = secretScanConfiguration
   }
 
   return config
 }
+
+function getUniqueName (fileType: string): string {
+  if (fileType === FILETYPE_BINARIES) {
+    return UPLOAD_BINARIES_IDENTIFIER
+  } else if (fileType === FILETYPE_SOURCES) {
+    return UPLOAD_SOURCE_CODE_IDENTIFIER
+  } else {
+    throw new Error(`Unknown fileType: ${fileType}`)
+  }
+}

sechub-web-ui/src/services/executionService/ScanService.ts

@@ -0,0 +1,43 @@
+#!/bin/bash
+# SPDX-License-Identifier: MIT
+
+echo "Start executing helper script"
+echo "Please make sure you have started the Docker SecHub Server and Docker PDS Gosec and Gitleaks"
+echo "Setting up Gosec and Gitleaks Project for Docker Server with real Products"
+
+srcdir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )
+
+cd $srcdir 
+
+# Copy the .env file to the current directory
+if [ -e .env ]
+then
+    echo "Using existsing .env file"
+else
+    echo "Coping .env file from web-ui directory"
+    cp ../../.env .
+fi
+
+# Source the .env file to load environment variables
+set -a
+source ./.env
+set +a
+
+echo "Using VITE .env to setup your user and apitoken"
+
+# Export additional variables
+export SECHUB_APITOKEN=${VITE_API_PASSWORD}
+export SECHUB_USERID=${VITE_API_USERNAME}
+export SECHUB_SERVER=https://localhost:8443
+
+echo 'Starting test setup...'
+
+# setting up gosec
+../../../sechub-solution/setup-pds/setup-gosec.sh
+../../../sechub-developertools/scripts/sechub-api.sh project_assign_user test-gosec $SECHUB_USERID
+
+# setting up gitleaks
+../../../sechub-solution/setup-pds/setup-gitleaks.sh
+../../../sechub-developertools/scripts/sechub-api.sh project_assign_user test-gitleaks $SECHUB_USERID
+
+echo "Finished setting up Gosec and Gitleaks Project for Docker Server with real Products"