CxRestAPI : Sast Reports register issue 'In Process' for all reports

Question

CxRestAPI : Sast Reports register issue 'In Process' for all reports

GATINEAU85 opened this issue a year ago · 4 comments

Hi,
I use CheckmarxPythonSDK and the CxRestAPISDK to collect vulnerabilities on projects. However, when I generate reports for all last scans of my projects, I have some issues.

I registered new reports thanks to this method ScansAPI.register_scan_report(scan_id=last_scan_id, report_type="CSV") like :

from CheckmarxPythonSDK.CxRestAPISDK import ScansAPI, ProjectsAPI
from CheckmarxPythonSDK.CxRestAPISDK.sast.projects.dto import CxProject

def get_project_report(project, projects_report):
    """
    Call RestAPI to register a new report for the last scan of a project

    Raises:
        Exception
    """
    try:
        last_scan_id = ScansAPI.get_last_scan_id_of_a_project(project_id=project.project_id)
        if last_scan_id:
            try:
                report = ScansAPI.register_scan_report(scan_id=last_scan_id, report_type="CSV")
                if report:
                    projects_report[project.name] = {"scan_id": last_scan_id, "report_id": report.report_id}
            except ValueError as exception:
                print(repr(exception))
    except Exception as exception:
        print(repr(exception))

After 5 generations of reports, all others reports are correctly registered but they haven't any changes in their status when I called the status method of Sast from API (like /cxrestapi/sast/scans/<report_id>/status). They are in process and they hasn't any content :

{ 
    "link": null, 
    "contentType": "application/csv", 
    "status": { 
        "id": 1, 
        "value": "InProcess" 
    } 
}

The report hasn't any content when I call the report thanks to the API (like /cxrestapi/sast/scans/<report_id>).

Is it normal that Checkmarx doesn't create the report after some reports generation ?
Thanks

Answer 1 · 2023-04-16T07:53:17.000Z

Hi @GATINEAU85 ,

The report creatiion is in process, means the report creation is still working in progress. Once the report status is Created, the report is created. Then you can use the other API to get the report content.

Answer 2 · 2023-04-17T12:28:33.000Z

@HappyY19
Thank you, I understand that at this time the report is in progress.

The problem is that the status is never updated on some reports (even after a week of waiting). They will always be "In Process" and will therefore never have any content.

Is there a way to see why the status change is not happening ?

Answer 3 · 2023-04-17T13:06:34.000Z

By default ReportStatusTimeOutInSec is 40. It Defines the time-out for report generation, report generation exceeding the time-out will be cancelled.

You might need to open checkmarx support case to handle the issue. It is not a Checkmarx Python SDK issue.

Answer 4 · 2023-04-17T13:15:36.000Z

Yes, thanks sorry for the spam and thanks for your help. I will contact Checkmarx support for this topic.