use of com.blackducksoftware.integration.fortify.batch.model.HubProjectVersion in project hub-fortify-ssc-integration-service by blackducksoftware.
the class BlackDuckFortifyPushThread method mergeVulnerabilities.
/**
* Iterate the hub project versions and find the vulnerabilities for Hub project version and transform the
* vulnerability component view to CSV vulnerability view and merge all the vulnerabilities
*
* @param hubProjectVersions
* @param projectVersionItems
* @return
* @throws IntegrationException
* @throws IllegalArgumentException
*/
private List<Vulnerability> mergeVulnerabilities(final List<HubProjectVersion> hubProjectVersions, final List<ProjectVersionView> projectVersionItems) throws IllegalArgumentException, IntegrationException {
int index = 0;
List<Vulnerability> mergedVulnerabilities = new ArrayList<>();
for (HubProjectVersion hubProjectVersion : hubProjectVersions) {
// Get the Vulnerability information
final List<VulnerableComponentView> vulnerableComponentViews = hubServices.getVulnerabilityComponentViews(projectVersionItems.get(index));
index++;
// Convert the Hub Vulnerability component view to CSV Vulnerability object
List<Vulnerability> vulnerabilities = VulnerabilityUtil.transformMapping(vulnerableComponentViews, hubProjectVersion.getHubProject(), hubProjectVersion.getHubProjectVersion(), maxBomUpdatedDate, propertyConstants);
// Add the vulnerabilities to the main list
mergedVulnerabilities.addAll(vulnerabilities);
}
return mergedVulnerabilities;
}
use of com.blackducksoftware.integration.fortify.batch.model.HubProjectVersion in project hub-fortify-ssc-integration-service by blackducksoftware.
the class BlackDuckFortifyPushThread method call.
@Override
public Boolean call() throws DateTimeParseException, IntegrationException, IllegalArgumentException, JsonGenerationException, JsonMappingException, FileNotFoundException, UnsupportedEncodingException, IOException {
logger.info("blackDuckFortifyMapper::" + blackDuckFortifyMapperGroup.toString());
final List<HubProjectVersion> hubProjectVersions = blackDuckFortifyMapperGroup.getHubProjectVersion();
// Get the last successful runtime of the job
final Date getLastSuccessfulJobRunTime = getLastSuccessfulJobRunTime(propertyConstants.getBatchJobStatusFilePath());
logger.debug("Last successful job excecution:" + getLastSuccessfulJobRunTime);
// Get the project version view from Hub and calculate the max BOM updated date
final List<ProjectVersionView> projectVersionItems = getProjectVersionItemsAndMaxBomUpdatedDate(hubProjectVersions);
logger.info("Compare Dates: " + ((getLastSuccessfulJobRunTime != null && maxBomUpdatedDate.after(getLastSuccessfulJobRunTime)) || (getLastSuccessfulJobRunTime == null) || (!propertyConstants.isBatchJobStatusCheck())));
logger.debug("maxBomUpdatedDate:: " + maxBomUpdatedDate);
logger.debug("isBatchJobStatusCheck::" + propertyConstants.isBatchJobStatusCheck());
if ((getLastSuccessfulJobRunTime != null && maxBomUpdatedDate.after(getLastSuccessfulJobRunTime)) || (getLastSuccessfulJobRunTime == null) || (!propertyConstants.isBatchJobStatusCheck())) {
// Get the vulnerabilities for all Hub project versions and merge it
List<Vulnerability> mergedVulnerabilities = mergeVulnerabilities(hubProjectVersions, projectVersionItems);
if (mergedVulnerabilities.size() > 0) {
if (hubProjectVersions.size() > 1) {
// Removing Duplicates within multiple Hub Project Versions.
mergedVulnerabilities = VulnerabilityUtil.removeDuplicates(mergedVulnerabilities);
}
final String fileDir = propertyConstants.getReportDir();
final String fileName = hubProjectVersions.get(0).getHubProject() + UNDERSCORE + hubProjectVersions.get(0).getHubProjectVersion() + UNDERSCORE + DateTimeFormatter.ofPattern("yyyyMMddHHmmssSSS").format(LocalDateTime.now()) + ".csv";
// Write the vulnerabilities to CSV
CSVUtils.writeToCSV(mergedVulnerabilities, fileDir + fileName, ',');
// Get the file token for upload
String token = getFileToken();
// Upload the vulnerabilities CSV to Fortify
uploadCSV(token, fileDir + fileName, blackDuckFortifyMapperGroup.getFortifyApplicationId());
// Delete the file token that is created for upload
fortifyFileTokenApi.deleteFileToken();
}
}
return true;
}
use of com.blackducksoftware.integration.fortify.batch.model.HubProjectVersion in project hub-fortify-ssc-integration-service by blackducksoftware.
the class BlackDuckFortifyPushThread method getProjectVersionItemsAndMaxBomUpdatedDate.
/**
* Iterate the hub project versions mapper and get the project version view for each item and calculate the max BOM
* updated date
*
* @param hubProjectVersions
* @return
* @throws IllegalArgumentException
* @throws IntegrationException
*/
private List<ProjectVersionView> getProjectVersionItemsAndMaxBomUpdatedDate(final List<HubProjectVersion> hubProjectVersions) throws IllegalArgumentException, IntegrationException {
List<ProjectVersionView> projectVersionItems = new ArrayList<>();
for (HubProjectVersion hubProjectVersion : hubProjectVersions) {
String projectName = hubProjectVersion.getHubProject();
String projectVersion = hubProjectVersion.getHubProjectVersion();
// Get the project version
final ProjectVersionView projectVersionItem = hubServices.getProjectVersion(projectName, projectVersion);
projectVersionItems.add(projectVersionItem);
Date bomUpdatedValueAt = hubServices.getBomLastUpdatedAt(projectVersionItem);
if (maxBomUpdatedDate == null || bomUpdatedValueAt.after(maxBomUpdatedDate)) {
maxBomUpdatedDate = bomUpdatedValueAt;
}
logger.debug("bomUpdatedValueAt::" + bomUpdatedValueAt);
}
return projectVersionItems;
}
use of com.blackducksoftware.integration.fortify.batch.model.HubProjectVersion in project hub-fortify-ssc-integration-service by blackducksoftware.
the class MappingParser method buildGroupedMappings.
/**
* This method, groups multiple Hub projects mapped to the same Fortify application.
*
* @param blackDuckFortifyMappers
* @return
* @throws IOException
* @throws IntegrationException
*/
private List<BlackDuckFortifyMapperGroup> buildGroupedMappings(List<BlackDuckFortifyMapper> blackDuckFortifyMappers) throws IOException, IntegrationException {
Map<String, BlackDuckFortifyMapperGroup> mappings = new HashMap<>();
try {
for (BlackDuckFortifyMapper blackDuckFortifyMapper : blackDuckFortifyMappers) {
int applicationId;
List<HubProjectVersion> hubProjectVersions = new ArrayList<>();
BlackDuckFortifyMapperGroup blackDuckFortifyMapperGroup;
HubProjectVersion hubProjectVersion = new HubProjectVersion(blackDuckFortifyMapper.getHubProject(), blackDuckFortifyMapper.getHubProjectVersion());
String key = blackDuckFortifyMapper.getFortifyApplication() + '_' + blackDuckFortifyMapper.getFortifyApplicationVersion();
if (mappings.containsKey(key)) {
blackDuckFortifyMapperGroup = mappings.get(key);
hubProjectVersions = blackDuckFortifyMapperGroup.getHubProjectVersion();
applicationId = blackDuckFortifyMapperGroup.getFortifyApplicationId();
} else {
applicationId = getFortifyApplicationId(blackDuckFortifyMapper);
}
hubProjectVersions.add(hubProjectVersion);
blackDuckFortifyMapperGroup = new BlackDuckFortifyMapperGroup(blackDuckFortifyMapper.getFortifyApplication(), blackDuckFortifyMapper.getFortifyApplicationVersion(), hubProjectVersions, applicationId);
mappings.put(key, blackDuckFortifyMapperGroup);
}
} catch (IOException ioe) {
logger.error(ioe.getMessage(), ioe);
throw new IOException(ioe);
}
return new ArrayList<>(mappings.values());
}
Aggregations